Skip to content

Commit f15e61e

Browse files
davisjamdavisjam
committed
validate-vuln: bugfixing
1. Compute deathSignal correctly 2. Redirect output to tmp file. Very long piped strings sometimes get mishandled.
1 parent e34b2bc commit f15e61e

File tree

1 file changed

+22
-7
lines changed

1 file changed

+22
-7
lines changed

src/validate/validate-vuln.pl

+22-7
Original file line numberDiff line numberDiff line change
@@ -80,19 +80,19 @@
8080
my $input = { "pattern" => $json->{pattern},
8181
"input" => $attackString,
8282
};
83-
my $tmpFile = "/tmp/validate-vuln-$$.json";
84-
&writeToFile("file"=>$tmpFile, "contents"=>encode_json($input));
83+
my $tmpQueryFile = "/tmp/validate-vuln-$$-queryFile.json";
84+
my $tmpStdoutFile = "/tmp/validate-vuln-$$-validator-stdout.json";
85+
&writeToFile("file"=>$tmpQueryFile, "contents"=>encode_json($input));
8586

8687
# Invoke the appropriate validator.
8788
my $validator = $language2validator{$json->{language}};
8889

8990
# Use KILL because Ruby blocks TERM during regex match (??).
90-
my ($rc, $deathSignal, $out) = &cmd("timeout --signal=KILL $json->{timeLimit}s $validator $tmpFile");
91-
unlink $tmpFile;
91+
my ($rc, $deathSignal, $out) = &cmd("timeout --signal=KILL $json->{timeLimit}s $validator $tmpQueryFile > $tmpStdoutFile");
9292
# On timeout, rc is 124 if using TERM and 128+9 if using KILL
9393
# The right-shift of 8 in &cmd turns 128+9 into 9
9494
my $timedOut = ($rc eq 124 or $deathSignal eq 9) ? 1 : 0;
95-
&log("rc $rc timedOut $timedOut out\n $out");
95+
&log("rc $rc deathSignal $deathSignal timedOut $timedOut");
9696

9797
# Append appropriate values to $result
9898
if ($timedOut) {
@@ -105,16 +105,31 @@
105105

106106
# If it didn't time out, we should have valid JSON output.
107107
# Was the regex valid?
108-
my $validatorRes = decode_json($out);
108+
my $content = &slurpFile($tmpStdoutFile);
109+
my $validatorRes = decode_json($content);
109110
$result->{validPattern} = $validatorRes->{validPattern};
110111
}
112+
113+
unlink $tmpQueryFile;
114+
unlink $tmpStdoutFile;
111115
}
112116

113117
print STDOUT encode_json($result) . "\n";
114118
exit 0;
115119

116120
######################
117121

122+
sub slurpFile {
123+
my ($file) = @_;
124+
{
125+
open F, $file or die "Can't read $file: $!";
126+
local $/; # enable slurp mode, locally.
127+
my $contents = <F>;
128+
close F;
129+
return $contents;
130+
}
131+
}
132+
118133
# input: %args: keys: file contents
119134
# output: $file
120135
sub writeToFile {
@@ -133,8 +148,8 @@ sub cmd {
133148
&log($cmd);
134149
my $out = `$cmd`;
135150

136-
my $deathSignal = $? & 127;
137151
my $rc = $? >> 8;
152+
my $deathSignal = $rc & 127;
138153

139154
return ($rc, $deathSignal, $out);
140155
}

0 commit comments

Comments
 (0)