-
Notifications
You must be signed in to change notification settings - Fork 9
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rasp command injection tests #3524
base: main
Are you sure you want to change the base?
Conversation
…em-tests into nacho/RaspCmdITests
manifests/dotnet.yml
Outdated
@@ -162,6 +173,7 @@ tests/: | |||
Test_Lfi_UrlQuery: v2.51.0 | |||
test_libddwaf.py: | |||
Test_Libddwaf_Version: v3.4.1 | |||
Test_Libddwaf_Version_CmdI: missing_feature |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if we are going to have multiple libddwaf min versions, it will worth to move the test to each test file, like we are doing with Rules_Version
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point. I have updated the code addressing your comment.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There are CI failures related with this PR
You are right. They are fixed. Thanks! |
Motivation
This PR implements the system tests that will be required for the command injection vulnerability in RASP.
The details of this vulnerability can be found here: https://docs.google.com/document/d/1DDWy3frMXDTAbk-BfnZ1FdRwuPx6Pl7AWyR4zjqRFZw/edit?tab=t.0#heading=h.giijrtyn1fdx
The tests are based on other vulnerabilities tests and have passed under .Net (version not yet merged)
Changes
Workflow
codeowners
file quickly.🚀 Once your PR is reviewed, you can merge it!
🛟 #apm-shared-testing 🛟
Reviewer checklist
[<language>]
, double-check that only<language>
is impacted by the changebuild-XXX-image
label is present