Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[PM-6100] Test for memory leaks of secrets #641

Merged
merged 12 commits into from
Mar 11, 2024
Merged

Conversation

dani-garcia
Copy link
Member

@dani-garcia dani-garcia commented Feb 29, 2024

Type of change

- [ ] Bug fix
- [x] New feature development
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [ ] Other

Objective

Added a small test framework to test for secret leaks in memory.

This consists of a few parts:

  • Binary crate memory-testing, this compiles to a binary that uses bitwarden_crypto to create some keys in memory and then frees them. The execution of this program goes like this:
    • Starts, keys get defined in memory
    • Waits for input (This is where we create an initial core dump)
    • Program frees the keys
    • Waits for input (This is where we create a final core dump)
    • Program exits normally
  • A capture_dumps.py Python script, it's purpose is starting the program and orchestrating the core dumps and sending inputs to the program to continue.
  • A Dockerfile that will compile the program and run the capture_dumps.py script, this is needed because the dumps only work on a Linux environment.
  • A test.py script that analyzes the memory dumps for secrets in memory
  • A run_tests.sh script that builds and runs the docker container and the test script in one invocation

I've tried other tools to run it natively on other operating systems like osxpmem on mac and they either don't work on ARM Macs or they require running as root and disabling System Integrity Protection.

I've also added a small workflow to run these tests, as that runs on a linux environment, it's run directly without docker.

The results are printed to a table now:
image

@bitwarden-bot
Copy link

bitwarden-bot commented Feb 29, 2024

Logo
Checkmarx One – Scan Summary & Details1f47850e-4524-429b-b8dd-ff4eede1d026

New Issues

Severity Issue Source File / Package Checkmarx Insight
MEDIUM Last User Is 'root' /Dockerfile: 19 Leaving the last user as root can cause security risks. Change to another user after running the commands the need privileges
LOW Healthcheck Instruction Missing /Dockerfile: 16 Ensure that HEALTHCHECK is being used. The HEALTHCHECK instruction tells Docker how to test a container to check that it is still working

Copy link

codecov bot commented Feb 29, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 60.53%. Comparing base (b115e26) to head (f34c672).

Additional details and impacted files
@@           Coverage Diff           @@
##             main     #641   +/-   ##
=======================================
  Coverage   60.53%   60.53%           
=======================================
  Files         172      172           
  Lines       10527    10527           
=======================================
  Hits         6373     6373           
  Misses       4154     4154           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@dani-garcia dani-garcia marked this pull request as ready for review February 29, 2024 16:13
@dani-garcia dani-garcia requested a review from a team as a code owner February 29, 2024 16:13
@dani-garcia dani-garcia requested a review from Hinton February 29, 2024 16:13
@dani-garcia dani-garcia changed the title Test for memory leaks of secrets [PM-6100] Test for memory leaks of secrets Feb 29, 2024
Copy link
Member

@Hinton Hinton left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like a great start. I'm somewhat pondering if we could write the python logic in rust and avoid having multiple programming languages.

crates/memory-testing/src/main.rs Outdated Show resolved Hide resolved
crates/memory-testing/src/main.rs Outdated Show resolved Hide resolved
.github/workflows/memory-testing.yml Show resolved Hide resolved
@Hinton
Copy link
Member

Hinton commented Mar 1, 2024

We should also exclude the memory tool from codecov.

.gitignore Show resolved Hide resolved
Hinton
Hinton previously approved these changes Mar 4, 2024
Copy link
Contributor

@withinfocus withinfocus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Few things based on how we are writing other Actions these days. Also room to fix a few others.

.github/workflows/memory-testing.yml Outdated Show resolved Hide resolved
.github/workflows/memory-testing.yml Show resolved Hide resolved
.github/workflows/memory-testing.yml Outdated Show resolved Hide resolved
.github/workflows/memory-testing.yml Outdated Show resolved Hide resolved
.github/workflows/memory-testing.yml Outdated Show resolved Hide resolved
.github/workflows/memory-testing.yml Outdated Show resolved Hide resolved
crates/memory-testing/Dockerfile Show resolved Hide resolved
Eeebru
Eeebru previously approved these changes Mar 7, 2024
@dani-garcia dani-garcia dismissed stale reviews from Eeebru and Hinton via f34c672 March 7, 2024 17:59
@dani-garcia dani-garcia requested a review from Eeebru March 8, 2024 10:14
@dani-garcia dani-garcia merged commit 9d6fa34 into main Mar 11, 2024
62 checks passed
@dani-garcia dani-garcia deleted the ps/memory_testing branch March 11, 2024 10:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants