Cflite fuzzing adding

[DefinetlyNotAI]

Pull Request Template

Prerequisites

• I have searched for duplicate or closed issues.
• I have read the contributing guidelines.
• I have followed the instructions in the wiki about contributions.
• I have updated the documentation accordingly, if required.
• I have tested my code with the --dev flag, if required.

PR Type

• Bug fix
• New feature
• Refactoring
• Documentation
  update
• ⚠️ Breaking change ⚠️

Description

This pull request introduces several new GitHub workflows for ClusterFuzzLite and refactors the CODE/_debug.py file to improve logging and error handling. The most important changes include adding new workflows for batch fuzzing, continuous builds, and cron tasks, as well as refactoring methods in _debug.py to enhance readability and functionality.

New GitHub Workflows:

• .github/workflows/cflite_batch.yml: Added a workflow for batch fuzzing with ClusterFuzzLite, scheduled to run every 6 hours.
• .github/workflows/cflite_build.yml: Added a workflow for continuous builds with ClusterFuzzLite, triggered on pushes to the main branch.
• .github/workflows/cflite_cron.yml: Added a workflow for daily cron tasks with ClusterFuzzLite, scheduled to run once a day at midnight.

Refactoring in CODE/_debug.py:

• Improved logging and error handling in HealthCheck and DebugCheck classes, including adding detailed docstrings and restructuring methods for better readability. [1] [2] [3] [4] [5]
• Moved the execution_policy method from DebugCheck to Check class in CODE/logicytics/Checks.py for better organization. [1] [2]

Motivation and Context

CI Testing, added fuzzing and fixed bugs

Credit

Issues Fixed

Summary by CodeRabbit

• New Features

  • Introduced three new GitHub Actions workflows for automated tasks:
    • Batch fuzzing
    • Continuous integration builds
    • Daily cron tasks for fuzz testing

• Bug Fixes

  • Enhanced logging in health and debug checks to streamline error tracking.

• Documentation

  • Updated method signatures and added new methods for improved functionality and clarity.

[coderabbitai]

Walkthrough

This PR introduces several GitHub Actions workflows for ClusterFuzzLite, automating various tasks related to fuzz testing. It adds three new workflow files: one for executing batch fuzzing every six hours, another for continuous integration builds triggered by code pushes, and a third for daily pruning tasks. Additionally, updates are made to the debug and checks code to enhance logging practices and functionality.

Changes

File	Change Summary
.github/workflows/cflite_batch.yml	New workflow for scheduled batch fuzzing with configurable sanitizers.
.github/workflows/cflite_build.yml	New workflow for continuous integration builds on code push.
.github/workflows/cflite_cron.yml	New daily scheduled workflow for fuzzer pruning tasks.
CODE/_debug.py	Refactored methods to use logging instead of return values; added python_version() function.
CODE/logicytics/Checks.py	Added execution_policy() method to check PowerShell execution settings.

Possibly related PRs

• Optimised _debug.py #166: Modifications to CODE/_debug.py involving Python logging mechanisms.

Poem

🐞 Fuzzing bots on GitHub's stage,
Hunting bugs with cyber rage!
Workflows dance, sanitizers sing,
Code gets tested, security's wing!
Debug magic, no bugs in sight! 🚀

---

📜 Recent review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 04eec59 and 391a6ed.

📒 Files selected for processing (1)

• CODE/logicytics/Checks.py (2 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• CODE/logicytics/Checks.py

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR. (Beta)
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[DefinetlyNotAI]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

Caution

Inline review comments failed to post. This is likely due to GitHub's limits when posting large numbers of comments.

Actionable comments posted: 4

🧹 Nitpick comments (4)

.github/workflows/cflite_build.yml (1)

16-20: Hey! Let's power up your fuzzing game! 🚀

You've only got the address sanitizer enabled rn, but there's more firepower available! The undefined and memory sanitizers can catch different types of bugs. Consider uncommenting them for better coverage.

 sanitizer:
 - address
-# Override this with the sanitizers you want.
-# - undefined
-# - memory
+- undefined
+- memory

.github/workflows/cflite_pr.yml (3)

1-6: Hey! Let's make the path filter more specific! 🎯

Right now, your workflow runs on literally every file change ('**'). That's like checking your entire backpack when you only need to look in the front pocket! Let's make it run only when relevant files change.

Try this instead:

    paths:
-      - '**'
+      - '**/*.py'  # Python files
+      - '**/fuzz_*.py'  # Fuzzing targets
+      - '.github/workflows/cflite_*.yml'  # Fuzzing workflows

---

13-20: Yo! Why not level up with more sanitizers? 🚀

The address sanitizer is cool, but you've got other sanitizers commented out that could catch different types of bugs:

• undefined catches undefined behavior (like when you divide by zero 😱)
• memory finds memory leaks (when your code forgets to clean up after itself 🧹)

Consider uncommenting them if your code is ready for that extra security check:

        sanitizer:
        - address
-        # - undefined
-        # - memory
+        - undefined
+        - memory

---

35-44: 10 minutes might not be enough time to find all the bugs! ⏰

Your fuzzers only run for 600 seconds (that's 10 minutes). For a bigger codebase, that might not be enough time to find the tricky bugs hiding in the corners!

Maybe bump it up a bit:

-        fuzz-seconds: 600
+        fuzz-seconds: 1800  # 30 minutes

BTW, nice job enabling SARIF output! That'll show your fuzzing results right in GitHub's security dashboard. That's super cool! 🎉

🛑 Comments failed to post (4)

.github/workflows/cflite_build.yml (1)

26-28: 💡 Codebase verification

⚠️ Potential issue

Hey! Your builds might go poof into thin air! 🌪️

So here's the deal - you've got upload-build: true in your workflow, but I checked and all the storage-repo stuff is just sitting there in comments (you know, those lines starting with #). That's like telling your phone to save pics but not giving it any storage! Not cool!

You've got two options to fix this:

• Either uncomment and set up that storage-repo (just remove the # and fill in your actual repo details)
• Or set upload-build: false if you don't need to save the builds

🔗 Analysis chain

Heads up about that upload-build setting! 📦

You've got upload-build: true but no storage repo configured. This might cause your builds to disappear into the void! You might wanna set up a storage repo like in the other workflow files.

---

Let me check if this is a commented example or if there are any actual storage repo configurations.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Check if storage repo is configured in any of the workflow files
rg "storage-repo:" .github/workflows/

Length of output: 602

---

Script:

#!/bin/bash
# Check the actual content of these workflow files to see if the storage-repo is actually configured or just commented out
cat .github/workflows/cflite_pr.yml .github/workflows/cflite_cron.yml .github/workflows/cflite_batch.yml .github/workflows/cflite_build.yml | grep -A 2 -B 2 "storage-repo:"

Length of output: 1615

.github/workflows/cflite_cron.yml (2)

24-27: 🛠️ Refactor suggestion

Storage repo setup needs some love! 💾

Those commented storage repo settings are super important for keeping your fuzzing history and coverage data! Without them, you won't be able to track your progress over time.

Here's what you need to do:

1. Create a storage repo
2. Generate a Personal Access Token with repo scope
3. Add it to your repo's secrets
4. Uncomment and configure these lines

---

13-14: ⚠️ Potential issue

Yo! Where's your sanitizer config at? 🤔

The build step is missing the sanitizer config that's in the other workflow files. This might limit what kinds of bugs you can catch!

 with:
   language: python # Change this to the language you are fuzzing
+  sanitizer: address

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

      with:
        language: python # Change this to the language you are fuzzing
        sanitizer: address

.github/workflows/cflite_batch.yml (1)

33-37: 🛠️ Refactor suggestion

Time to get that storage repo going! 📊

Just like in the other workflows, you'll want to uncomment and configure these storage settings. This is super important for:

• Tracking your fuzzing progress
• Storing coverage data
• Keeping historical findings

Without this, you're missing out on valuable insights about your fuzzing effectiveness!

[DefinetlyNotAI]

@ski-sketch approve tmrw, after I commit, k

[coderabbitai]

Caution

Inline review comments failed to post. This is likely due to GitHub's limits when posting large numbers of comments.

Actionable comments posted: 3

🔭 Outside diff range comments (1)

CODE/_debug.py (1)

Line range hint 23-72: Watch out for sneaky path tricks! 🕵️‍♂️

The way we're handling file paths could let someone access files they shouldn't! Also, we could make this faster!

def check_files(directory: str, required_files: list[str]):
+   directory = os.path.abspath(directory)  # Prevent path traversal
    try:
        log_debug.debug(f"Checking directory: {directory}")
-       if not os.path.exists(directory):
+       if not os.path.exists(directory) or not os.path.isdir(directory):
            log_debug.error(f"Directory {directory} does not exist or is not a directory.")
+           return

+       # Use set for faster lookups
+       actual_files = set()
-       actual_files = []

🧹 Nitpick comments (2)

CODE/logicytics/Checks.py (1)

Line range hint 1-85: Hey! Let's make this code more beginner-friendly! 📚

Some methods are missing those cool docstrings that explain what they do. Also, we should handle errors better in case things go wrong!

Add docstrings to execution_policy like this:

@staticmethod
def execution_policy() -> bool:
    """
    Check if PowerShell execution policy is set to unrestricted.

    Returns:
        bool: True if execution policy is unrestricted, False otherwise.

    Note:
        This method requires PowerShell to be available on the system.
    """

CODE/_debug.py (1)

161-173: Let's make version checking more flexible! 🐍

Hardcoding Python 3.11 isn't cool - what happens when Python 3.12 drops? Also, we should check if all our required packages work!

def python_version():
+   MIN_VERSION = (3, 11)
+   MAX_VERSION = (3, 12)
    version = sys.version.split()[0]
    try:
        major, minor = map(int, version.split(".")[:2])
-       if (major, minor) == (3, 11):
+       if MIN_VERSION <= (major, minor) < MAX_VERSION:
            log_debug.info(f"Python Version: {version} - Perfect")
-       elif major == 3:
+       elif (major, minor) < MIN_VERSION:
            log_debug.warning(f"Python Version: {version} - Recommended: {MIN_VERSION[0]}.{MIN_VERSION[1]}.x")
        else:
            log_debug.error(f"Python Version: {version} - Incompatible")

🛑 Comments failed to post (3)

CODE/logicytics/Checks.py (1)

25-32: ⚠️ Potential issue

Yo, heads up! We need to make this PowerShell command more secure! 🔒

Running PowerShell commands without input validation is kinda risky - like leaving your front door wide open! Let's add some safety checks:

@staticmethod
def execution_policy() -> bool:
+   # Validate PowerShell exists first
+   if not os.path.exists("C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe"):
+       return False
    try:
        result = subprocess.run(
            ["powershell", "-Command", "Get-ExecutionPolicy"],
            capture_output=True,
            text=True,
+           timeout=5  # Don't hang forever
        )
+       return result.returncode == 0 and result.stdout.strip().lower() == "unrestricted"
+   except (subprocess.TimeoutExpired, subprocess.SubprocessError) as e:
+       return False
-   return result.stdout.strip().lower() == "unrestricted"

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

    @staticmethod
    def execution_policy() -> bool:
        # Validate PowerShell exists first
        if not os.path.exists("C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe"):
            return False
        try:
            result = subprocess.run(
                ["powershell", "-Command", "Get-ExecutionPolicy"],
                capture_output=True,
                text=True,
                timeout=5  # Don't hang forever
            )
            return result.returncode == 0 and result.stdout.strip().lower() == "unrestricted"
        except (subprocess.TimeoutExpired, subprocess.SubprocessError) as e:
            return False

CODE/_debug.py (2)

14-18: ⚠️ Potential issue

Time to level up our logging game! 📝

Leaving debug logs around is like posting your diary online - not a great idea! Also, these logs could eat up your disk space!

Let's make it better:

+ from logging.handlers import RotatingFileHandler
+ import os.path

log_debug = Log(
    {"log_level": DEBUG,
-    "filename": "../ACCESS/LOGS/DEBUG/DEBUG.log",
+    "filename": os.path.join(os.path.dirname(__file__), "..", "ACCESS", "LOGS", "DEBUG", "DEBUG.log"),
+    "max_bytes": 10485760,  # 10MB
+    "backup_count": 3,
     "truncate_message": False}
)

Committable suggestion skipped: line range outside the PR's diff.

---

96-113: 🛠️ Refactor suggestion

Let's fix how we compare versions! 🔢

Just comparing version strings like regular text can give wrong results. Like, "2.10" would look smaller than "2.9" - oops!

+ from packaging import version

@staticmethod
def compare_versions(local_version: str, remote_version: str):
+   try:
+       local = version.parse(local_version)
+       remote = version.parse(remote_version)
-   if local_version == remote_version:
+   if local == remote:
        log_debug.info(f"Version is up to date. Your Version: {local_version}")
-   elif local_version > remote_version:
+   elif local > remote:

Committable suggestion skipped: line range outside the PR's diff.

[coderabbitai]

Caution

Inline review comments failed to post. This is likely due to GitHub's limits when posting large numbers of comments.

Actionable comments posted: 4

🧹 Nitpick comments (2)

CODE/_debug.py (2)

34-44: Let's make sure our version strings are legit! 🎯

The version parser is pretty smart, but it might crash with weird version strings. Let's add some checks!

Here's how to make it safer:

     def __version_tuple(version: str) -> tuple[int, int, int | str, str]:
+        if not version or not isinstance(version, str):
+            log_debug.error(f"Invalid version format: {version}")
+            return 0, 0, 0, "error"
+
         try:

---

180-193: Make those Python versions easy to update! 🐍

Right now, the version numbers are hardcoded. What if we need to change them later?

Let's make them configurable:

+# At the top of the file with other constants
+PYTHON_VERSION_CONFIG = {
+    "min": (3, 11),
+    "max": (3, 13),
+    "recommended": "3.11.x"
+}
+
 def python_version():
     version = sys.version.split()[0]
-    MIN_VERSION = (3, 11)
-    MAX_VERSION = (3, 13)
+    MIN_VERSION = PYTHON_VERSION_CONFIG["min"]
+    MAX_VERSION = PYTHON_VERSION_CONFIG["max"]

🛑 Comments failed to post (4)

CODE/logicytics/Checks.py (2)

46-47: ⚠️ Potential issue

Yo! Don't ignore those errors! 🚨

When you catch an exception but don't use it, you're basically throwing away important info about what went wrong. That's not cool!

Let's fix it:

-        except (subprocess.TimeoutExpired, subprocess.SubprocessError) as e:
+        except (subprocess.TimeoutExpired, subprocess.SubprocessError) as e:
+            log_debug.error(f"Failed to check execution policy: {e}")
             return False

Committable suggestion skipped: line range outside the PR's diff.

🧰 Tools

🪛 Ruff (0.8.2)

46-46: Local variable e is assigned to but never used

Remove assignment to unused variable e

(F841)

---

36-37: 🛠️ Refactor suggestion

Hey! The PowerShell path should be more flexible! 🔧

Using a hardcoded path isn't cool because PowerShell might be installed in different places on different Windows versions. Let's make it smarter!

Here's a better way to do it:

-        if not os.path.exists("C:\\Windows\\System32\\WindowsPowerShell\\v1.0\\powershell.exe"):
+        powershell = "powershell.exe"
+        if not any(os.path.exists(os.path.join(path, powershell)) 
+                  for path in os.environ["PATH"].split(os.pathsep)):

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

        powershell = "powershell.exe"
        if not any(os.path.exists(os.path.join(path, powershell)) 
                  for path in os.environ["PATH"].split(os.pathsep)):
            return False

CODE/_debug.py (2)

219-222: ⚠️ Potential issue

Be careful when deleting files! 🗑️

What if we can't delete the log file? We should handle that gracefully!

Here's a safer way:

     # Clear Debug Log
     log_path = "../ACCESS/LOGS/DEBUG/DEBUG.log"
-    if os.path.exists(log_path):
-        os.remove(log_path)
+    try:
+        if os.path.exists(log_path):
+            os.remove(log_path)
+    except OSError as e:
+        log_debug.error(f"Failed to clear debug log: {e}")

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

    log_path = "../ACCESS/LOGS/DEBUG/DEBUG.log"
    try:
        if os.path.exists(log_path):
            os.remove(log_path)
    except OSError as e:
        log_debug.error(f"Failed to clear debug log: {e}")

---

196-211: 🛠️ Refactor suggestion

Watch out for network problems! 🌐

Getting stuff from the internet can be tricky - what if GitHub is down or the connection is bad?

Let's make it more reliable:

 def get_online_config() -> dict | None:
+    MAX_RETRIES = 3
+    BASE_URL = "https://raw.githubusercontent.com/DefinetlyNotAI/Logicytics/main/CODE/config.ini"
+
     try:
-        url = "https://raw.githubusercontent.com/DefinetlyNotAI/Logicytics/main/CODE/config.ini"
-        config = configparser.ConfigParser()
-        config.read_string(requests.get(url, timeout=15).text)
+        session = requests.Session()
+        session.mount('https://', requests.adapters.HTTPAdapter(max_retries=MAX_RETRIES))
+        response = session.get(BASE_URL, timeout=15, verify=True)
+        response.raise_for_status()
+        
+        config = configparser.ConfigParser()
+        config.read_string(response.text)
         return config

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

def get_online_config() -> dict | None:
    MAX_RETRIES = 3
    BASE_URL = "https://raw.githubusercontent.com/DefinetlyNotAI/Logicytics/main/CODE/config.ini"

    try:
        session = requests.Session()
        session.mount('https://', requests.adapters.HTTPAdapter(max_retries=MAX_RETRIES))
        response = session.get(BASE_URL, timeout=15, verify=True)
        response.raise_for_status()
        
        config = configparser.ConfigParser()
        config.read_string(response.text)
        return config
    except requests.exceptions.RequestException as e:
        log_debug.error(f"Connection error: {e}")
        return None

[codeclimate]

Code Climate has analyzed commit 391a6ed and detected 0 issues on this pull request.

View more on Code Climate.