Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tainted instruction plugin optimizations. #1400

Merged
merged 1 commit into from
Dec 19, 2023
Merged

Tainted instruction plugin optimizations. #1400

merged 1 commit into from
Dec 19, 2023

Conversation

MarkMankins
Copy link
Collaborator

  • Made globals static.
  • Added "suppress_redundant_taint_reports" option. -- When enabled, won't output the same PC multiple times consecutively. -- Only used when pandalog is not enabled.
  • In the for loop that computes num_tainted in taint_change: -- Exit early if not pandalogging.
    -- Further looping in this case isn't necessary as output doesn't change.
  • Removed redundant ifs.
  • Fix memory leak (ti->taint_query allocated via malloc was not freed.)
  • Save "pc = 0x..." generated string in case it can be reused.
  • Moved assignments to last_asid and last_pc to avoid unnecessary assignments.

@MarkMankins
Tainted instruction plugin optimizations.
ae131c1 
- Made globals static.
- Added "suppress_redundant_taint_reports" option.
-- When enabled, won't output the same PC multiple times consecutively.
-- Only used when pandalog is not enabled.
- In the for loop that computes num_tainted in taint_change:
-- Exit early if not pandalogging.
-- Further looping in this case isn't necessary as output doesn't change.
- Removed redundant ifs.
- Fix memory leak (ti->taint_query allocated via malloc was not freed.)
- Save "pc = 0x..." generated string in case it can be reused.
- Moved assignments to last_asid and last_pc to avoid unnecessary assignments.
@AndrewFasano AndrewFasano merged commit c69bf1e into panda-re:dev Dec 19, 2023
4 of 5 checks passed
@AndrewFasano
Copy link
Contributor

CI is a bit broken right now, but this looks good, thanks!

@AndrewFasano
Copy link
Contributor

@coolkingcole I don't think we've seen this CI issue before - It was trying to push a new container on the PR and getting permission denied. The fact that it didn't have permissions seems good, but it probably shouldn't have tried or reported a failure about it.

@coolkingcole
Copy link
Collaborator

I believe this is a user permissions error related to to role in the org. We should add additional branch protection to avoid malicious workflows. For now we have the setting Fork pull request workflows from outside collaborators set to the most restrictive setting which restricts Outside Collaborators, which @MarkMankins is.

@AndrewFasano
Copy link
Contributor

@coolkingcole makes sense that we'd restrict roles - but if someone with more permissions opened a PR, we wouldn't want the PR itself to publish a new release. We'd only want that after the PR is merged, right?

@coolkingcole
Copy link
Collaborator

If we want that, we could change it to something like this

on:
  push:
    branches:
      - dev
      - stable
  pull_request:
    types:
      - closed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@MarkMankins @AndrewFasano @coolkingcole