Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

x/vuln: dedupe symbols in callstack for binary mode #59696

Closed
julieqiu opened this issue Apr 18, 2023 · 2 comments
Closed

x/vuln: dedupe symbols in callstack for binary mode #59696

julieqiu opened this issue Apr 18, 2023 · 2 comments
Assignees
@zpavlinovic
Labels
FrozenDueToAge vulncheck or vulndb Issues for the x/vuln or x/vulndb repo
Milestone
vuln/v0.2.0

Comments

@julieqiu
Copy link
Member

julieqiu commented Apr 18, 2023
edited

For example in https://github.com/golang/vuln/blob/master/cmd/govulncheck/testdata/binaryjson.ct#L95-L122

the callstacks show:

            "callstacks": [
              {
                "symbol": "parseObject"
              },
              {
                "symbol": "queryMatches"
              },
              {
                "symbol": "Result.Get"
              },
              {
                "symbol": "Result.Get"
              },
              {
                "symbol": "Result.Get"
              },
              {
                "symbol": "Get"
              },
              {
                "symbol": "Result.Get"
              },
              {
                "symbol": "Result.Get"
              },
              {
                "symbol": "Result.Get"
              }
            ]

Probably (1) only the exported symbols should be displayed and (2) each symbol should be displayed at most once.
@julieqiu julieqiu added this to the vuln/v0.2.0 milestone Apr 18, 2023
@gopherbot gopherbot added the vulncheck or vulndb Issues for the x/vuln or x/vulndb repo label Apr 18, 2023
@zpavlinovic zpavlinovic self-assigned this Apr 18, 2023
@gopherbot
Copy link

Change https://go.dev/cl/486155 mentions this issue: internal/vulncheck/internal/buildinfo: deduplicate extracted symbols

gopherbot pushed a commit to golang/vuln that referenced this issue Apr 19, 2023
@zpavlinovic
internal/vulncheck/internal/buildinfo: deduplicate extracted symbols
9268f83 
The symbol extraction would put in a list every use of a symbol in a
binary. So if the symbol is used multiple times, it will appear in the
list several times. This CL removes that redundancy.

Updates golang/go#59696

Change-Id: I972ee03d317a5d0b831b36151bac7079b745adf7
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/486155
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com>
Reviewed-by: Julie Qiu <julieqiu@google.com>
@gopherbot
Copy link

Change https://go.dev/cl/486195 mentions this issue: internal/scan: remove redundant symbols from binary results

@golang golang locked and limited conversation to collaborators Apr 18, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@zpavlinovic zpavlinovic

Labels
FrozenDueToAge vulncheck or vulndb Issues for the x/vuln or x/vulndb repo
Projects
None yet
Milestone
vuln/v0.2.0
Development

No branches or pull requests
3 participants
@zpavlinovic @julieqiu @gopherbot