CalvinBackup/fuzzforge_ai
1
0
Fork 0
mirror of https://github.com/FuzzingLabs/fuzzforge_ai.git synced 2026-05-24 22:14:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: Resolve critical bugs - file handle leaks and IndexError issues

Browse Source 
Fixed multiple critical bugs identified during comprehensive code audit:

**Critical Fixes:**
- Fix file handle leaks in SDK client upload methods (sync and async)
  - Use context managers to ensure file handles are properly closed
  - Affects: sdk/src/fuzzforge_sdk/client.py lines 397, 484

**High Priority Fixes:**
- Fix IndexError in OSS-Fuzz stats parsing when accessing array elements
  - Add bounds checking before accessing parts[i+1]
  - Affects: workers/ossfuzz/activities.py lines 372-376

- Fix IndexError in exception handling URL parsing
  - Add empty string validation before splitting URL segments
  - Prevents crash when parsing malformed URLs
  - Affects: sdk/src/fuzzforge_sdk/exceptions.py lines 419-426

**Medium Priority Fixes:**
- Fix IndexError in Android workflow SARIF report parsing
  - Check if runs list is empty before accessing first element
  - Affects: backend/toolbox/workflows/android_static_analysis/workflow.py line 270

All fixes follow defensive programming practices with proper bounds checking
and resource management using context managers.
This commit is contained in:
tduhamel42
2025-11-12 14:16:02 +01:00
parent b2a720b2e6
commit 9488ccf8f1
4 changed files with 29 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files
workers/ossfuzz/activities.py
+3 -3
View File
@@ -368,11 +368,11 @@ def parse_fuzzing_stats(stdout: str, stderr: str, engine: str) -> Dict[str, Any]
# Example: #8192 NEW cov: 1234 ft: 5678 corp: 89/10KB
parts = line.split()
for i, part in enumerate(parts):
if part.startswith("cov:"):
if part.startswith("cov:") and i+1 < len(parts):
stats["coverage"] = int(parts[i+1])
elif part.startswith("corp:"):
elif part.startswith("corp:") and i+1 < len(parts):
stats["corpus_entries"] = int(parts[i+1].split('/')[0])
elif part.startswith("exec/s:"):
elif part.startswith("exec/s:") and i+1 < len(parts):
stats["executions_per_sec"] = float(parts[i+1])
elif part.startswith("#"):
stats["total_executions"] = int(part[1:])