René's URL Explorer Experiment


Title: Fix Several Bugs in the `fuzz_submodule` Causing a lot of False Alarms in the OSS-Fuzz Bug Tracker by DaveLak · Pull Request #1950 · gitpython-developers/GitPython · GitHub

Open Graph Title: Fix Several Bugs in the `fuzz_submodule` Causing a lot of False Alarms in the OSS-Fuzz Bug Tracker by DaveLak · Pull Request #1950 · gitpython-developers/GitPython

X Title: Fix Several Bugs in the `fuzz_submodule` Causing a lot of False Alarms in the OSS-Fuzz Bug Tracker by DaveLak · Pull Request #1950 · gitpython-developers/GitPython

Description: Fixes the buggy fuzz_submodule harness which is the root cause of all recent OSS-Fuzz/Monorail issues opened. There are several distinct changes introduced here, but they are all addressing the same related exception handling weaknesses in the fuzz harness code so I think they make sense in a single PR. Commit messages should provide relevant context, however I want to explicitly mention one change that is particularly noteworthy: the introduction of a mechanism to filter shallow errors using an explicit exceptions list. This new pattern involves generating an 'explicit-exceptions-list.txt' by scanning for 'raise' and 'assert' statements via git grep during the container build step. The list helps the fuzz harness to distinguish between expected and unexpected exceptions, significantly reducing false positives. The changes I propose here are intentionally limited in scope for now to get feedback/test in prod (lol) before adopting this pattern wholesale. If successful, which I believe it will be, it should make more developing more interesting tests faster to do. P.S. sorry for the delay on this!!!

Open Graph Description: Fixes the buggy fuzz_submodule harness which is the root cause of all recent OSS-Fuzz/Monorail issues opened. There are several distinct changes introduced here, but they are all addressing the sam...

X Description: Fixes the buggy fuzz_submodule harness which is the root cause of all recent OSS-Fuzz/Monorail issues opened. There are several distinct changes introduced here, but they are all addressing the sam...

Opengraph URL: https://github.com/gitpython-developers/GitPython/pull/1950

X: @github

direct link

Domain: github.com

route-pattern/:user_id/:repository/pull/:id/files(.:format)
route-controllerpull_requests
route-actionfiles
fetch-noncev2:b2a82765-669a-eec6-6e11-067fe3fedac5
current-catalog-service-hashae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b
request-idD78E:1665CF:EAD7A7:13BE8A2:69684639
html-safe-noncebee02b1a05fdda762d98d78f66d4ce86780f6df9319b888217aacfa7fe3cb415
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJENzhFOjE2NjVDRjpFQUQ3QTc6MTNCRThBMjo2OTY4NDYzOSIsInZpc2l0b3JfaWQiOiI0MDM1NTkxMjU0OTQwNTk5ODY1IiwicmVnaW9uX2VkZ2UiOiJpYWQiLCJyZWdpb25fcmVuZGVyIjoiaWFkIn0=
visitor-hmac2186437a969490d8f7690f9932f84ea8c258d69070a391e20d0879b174d2b45f
hovercard-subject-tagpull_request:2011520039
github-keyboard-shortcutsrepository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location///pull_requests/show/files
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/gitpython-developers/GitPython/pull/1950/files
twitter:imagehttps://avatars.githubusercontent.com/u/17415134?s=400&v=4
twitter:cardsummary_large_image
og:imagehttps://avatars.githubusercontent.com/u/17415134?s=400&v=4
og:image:altFixes the buggy fuzz_submodule harness which is the root cause of all recent OSS-Fuzz/Monorail issues opened. There are several distinct changes introduced here, but they are all addressing the sam...
og:site_nameGitHub
og:typeobject
hostnamegithub.com
expected-hostnamegithub.com
Nonef16c57f41ed243e5b4dfe9b9bcd6828bd83080b1b6dbb4ff239bbe9745f12e0c
turbo-cache-controlno-preview
diff-viewunified
go-importgithub.com/gitpython-developers/GitPython git https://github.com/gitpython-developers/GitPython.git
octolytics-dimension-user_id503709
octolytics-dimension-user_logingitpython-developers
octolytics-dimension-repository_id1126087
octolytics-dimension-repository_nwogitpython-developers/GitPython
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forkfalse
octolytics-dimension-repository_network_root_id1126087
octolytics-dimension-repository_network_root_nwogitpython-developers/GitPython
turbo-body-classeslogged-out env-production page-responsive full-width
disable-turbotrue
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
releasecfa7062cc6d4fe8fcb156bd33f4c97bd3b2470af
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://github.com/gitpython-developers/GitPython/pull/1950/files#start-of-content
https://github.com/
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fgitpython-developers%2FGitPython%2Fpull%2F1950%2Ffiles
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub SparkBuild and deploy intelligent appshttps://github.com/features/spark
GitHub ModelsManage and compare promptshttps://github.com/features/models
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
GitHub SponsorsFund open source developershttps://github.com/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/accelerator
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fgitpython-developers%2FGitPython%2Fpull%2F1950%2Ffiles
Sign up https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fpull_requests%2Fshow%2Ffiles&source=header-repo&source_repo=gitpython-developers%2FGitPython
Reloadhttps://github.com/gitpython-developers/GitPython/pull/1950/files
Reloadhttps://github.com/gitpython-developers/GitPython/pull/1950/files
Reloadhttps://github.com/gitpython-developers/GitPython/pull/1950/files
gitpython-developers https://github.com/gitpython-developers
GitPythonhttps://github.com/gitpython-developers/GitPython
Please reload this pagehttps://github.com/gitpython-developers/GitPython/pull/1950/files
Notifications https://github.com/login?return_to=%2Fgitpython-developers%2FGitPython
Fork 964 https://github.com/login?return_to=%2Fgitpython-developers%2FGitPython
Star 5k https://github.com/login?return_to=%2Fgitpython-developers%2FGitPython
Code https://github.com/gitpython-developers/GitPython
Issues 169 https://github.com/gitpython-developers/GitPython/issues
Pull requests 8 https://github.com/gitpython-developers/GitPython/pulls
Discussions https://github.com/gitpython-developers/GitPython/discussions
Actions https://github.com/gitpython-developers/GitPython/actions
Security Uh oh! There was an error while loading. Please reload this page. https://github.com/gitpython-developers/GitPython/security
Please reload this pagehttps://github.com/gitpython-developers/GitPython/pull/1950/files
Insights https://github.com/gitpython-developers/GitPython/pulse
Code https://github.com/gitpython-developers/GitPython
Issues https://github.com/gitpython-developers/GitPython/issues
Pull requests https://github.com/gitpython-developers/GitPython/pulls
Discussions https://github.com/gitpython-developers/GitPython/discussions
Actions https://github.com/gitpython-developers/GitPython/actions
Security https://github.com/gitpython-developers/GitPython/security
Insights https://github.com/gitpython-developers/GitPython/pulse
Sign up for GitHub https://github.com/signup?return_to=%2Fgitpython-developers%2FGitPython%2Fissues%2Fnew%2Fchoose
terms of servicehttps://docs.github.com/terms
privacy statementhttps://docs.github.com/privacy
Sign inhttps://github.com/login?return_to=%2Fgitpython-developers%2FGitPython%2Fissues%2Fnew%2Fchoose
Byronhttps://github.com/Byron
gitpython-developers:mainhttps://github.com/gitpython-developers/GitPython/tree/main
DaveLak:fix-fuzz-submodules-filename-exceptionhttps://github.com/DaveLak/GitPython/tree/fix-fuzz-submodules-filename-exception
Conversation 4 https://github.com/gitpython-developers/GitPython/pull/1950
Commits 6 https://github.com/gitpython-developers/GitPython/pull/1950/commits
Checks 0 https://github.com/gitpython-developers/GitPython/pull/1950/checks
Files changed https://github.com/gitpython-developers/GitPython/pull/1950/files
Please reload this pagehttps://github.com/gitpython-developers/GitPython/pull/1950/files
Fix Several Bugs in the fuzz_submodule Causing a lot of False Alarms in the OSS-Fuzz Bug Tracker https://github.com/gitpython-developers/GitPython/pull/1950/files#top
Show all changes 6 commits https://github.com/gitpython-developers/GitPython/pull/1950/files
af0cd93 Fix "OSError: [Errno 36] File name too long" in fuzz_submodule DaveLak Jun 6, 2024 https://github.com/gitpython-developers/GitPython/pull/1950/commits/af0cd933e84b9f83210c0f12f95a456606ee79e9
7de1556 Filter out non-bug exceptions using a pre-defined exception list. DaveLak Aug 8, 2024 https://github.com/gitpython-developers/GitPython/pull/1950/commits/7de1556d3895c718f0f0772530ff7cde5457d9d8
799b9ca Improve `check_exception_against_list` matching logic using regex DaveLak Aug 8, 2024 https://github.com/gitpython-developers/GitPython/pull/1950/commits/799b9cae745f50f2c0c590e8b3e19bfea199c463
2e9c239 Extract environment setup and exception checking boilerplate logic DaveLak Aug 8, 2024 https://github.com/gitpython-developers/GitPython/pull/1950/commits/2e9c23995b70372a18edc4d0b143b6b522d3fb39
27de867 Fix buggy `git grep` pathspec args DaveLak Aug 9, 2024 https://github.com/gitpython-developers/GitPython/pull/1950/commits/27de8676c64b549038b4fdd994a20f1ce996ad5e
2ed3334 Fix order of environment setup and git module import DaveLak Aug 9, 2024 https://github.com/gitpython-developers/GitPython/pull/1950/commits/2ed33345667706c5755708e88c989ede06f2414f
Clear filters https://github.com/gitpython-developers/GitPython/pull/1950/files
Please reload this pagehttps://github.com/gitpython-developers/GitPython/pull/1950/files
Please reload this pagehttps://github.com/gitpython-developers/GitPython/pull/1950/files
fuzz_submodule.py https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-edc3cb12a59fb0ee575af8efa6410a5c434eb0ce8cd650c399664da1f7727a6f
utils.py https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-06c4f22d789127d7eaeef6e8c91623eca60f70ad1a318e9cdac8f118db0774a7
build.sh https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-0fe4fe2e3ce565feaa8b123097bace09688569526e6d75e7eb954a15fa7091da
container-environment-bootstrap.sh https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-9c349a1c5e6df860c91c07b8b52b47914c655fd782c939f74cfe7c327a46a23b
pyproject.toml https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-50c86b7ed8ac2cf95bd48334961bf0530cdc77b5a56f852c5c61b89d735fd711
fuzzing/fuzz-targets/fuzz_submodule.pyhttps://github.com/gitpython-developers/GitPython/pull/1950/files#diff-edc3cb12a59fb0ee575af8efa6410a5c434eb0ce8cd650c399664da1f7727a6f
View file https://github.com/DaveLak/GitPython/blob/2ed33345667706c5755708e88c989ede06f2414f/fuzzing/fuzz-targets/fuzz_submodule.py
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/gitpython-developers/GitPython/pull/1950/{{ revealButtonHref }}
https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-edc3cb12a59fb0ee575af8efa6410a5c434eb0ce8cd650c399664da1f7727a6f
https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-edc3cb12a59fb0ee575af8efa6410a5c434eb0ce8cd650c399664da1f7727a6f
https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-edc3cb12a59fb0ee575af8efa6410a5c434eb0ce8cd650c399664da1f7727a6f
https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-edc3cb12a59fb0ee575af8efa6410a5c434eb0ce8cd650c399664da1f7727a6f
https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-edc3cb12a59fb0ee575af8efa6410a5c434eb0ce8cd650c399664da1f7727a6f
fuzzing/fuzz-targets/utils.pyhttps://github.com/gitpython-developers/GitPython/pull/1950/files#diff-06c4f22d789127d7eaeef6e8c91623eca60f70ad1a318e9cdac8f118db0774a7
View file https://github.com/DaveLak/GitPython/blob/2ed33345667706c5755708e88c989ede06f2414f/fuzzing/fuzz-targets/utils.py
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/gitpython-developers/GitPython/pull/1950/{{ revealButtonHref }}
https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-06c4f22d789127d7eaeef6e8c91623eca60f70ad1a318e9cdac8f118db0774a7
https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-06c4f22d789127d7eaeef6e8c91623eca60f70ad1a318e9cdac8f118db0774a7
DaveLakhttps://github.com/DaveLak
Aug 9, 2024https://github.com/gitpython-developers/GitPython/pull/1950/files#r1710769686
Learn morehttps://docs.github.com/articles/managing-disruptive-comments/#hiding-a-comment
Please reload this pagehttps://github.com/gitpython-developers/GitPython/pull/1950/files
Byronhttps://github.com/Byron
Aug 9, 2024https://github.com/gitpython-developers/GitPython/pull/1950/files#r1710861725
Learn morehttps://docs.github.com/articles/managing-disruptive-comments/#hiding-a-comment
Please reload this pagehttps://github.com/gitpython-developers/GitPython/pull/1950/files
DaveLakhttps://github.com/DaveLak
Aug 9, 2024https://github.com/gitpython-developers/GitPython/pull/1950/files#r1710957558
Learn morehttps://docs.github.com/articles/managing-disruptive-comments/#hiding-a-comment
Please reload this pagehttps://github.com/gitpython-developers/GitPython/pull/1950/files
fuzzing/oss-fuzz-scripts/build.shhttps://github.com/gitpython-developers/GitPython/pull/1950/files#diff-0fe4fe2e3ce565feaa8b123097bace09688569526e6d75e7eb954a15fa7091da
View file https://github.com/DaveLak/GitPython/blob/2ed33345667706c5755708e88c989ede06f2414f/fuzzing/oss-fuzz-scripts/build.sh
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/gitpython-developers/GitPython/pull/1950/{{ revealButtonHref }}
https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-0fe4fe2e3ce565feaa8b123097bace09688569526e6d75e7eb954a15fa7091da
fuzzing/oss-fuzz-scripts/container-environment-bootstrap.shhttps://github.com/gitpython-developers/GitPython/pull/1950/files#diff-9c349a1c5e6df860c91c07b8b52b47914c655fd782c939f74cfe7c327a46a23b
View file https://github.com/DaveLak/GitPython/blob/2ed33345667706c5755708e88c989ede06f2414f/fuzzing/oss-fuzz-scripts/container-environment-bootstrap.sh
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/gitpython-developers/GitPython/pull/1950/{{ revealButtonHref }}
https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-9c349a1c5e6df860c91c07b8b52b47914c655fd782c939f74cfe7c327a46a23b
https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-9c349a1c5e6df860c91c07b8b52b47914c655fd782c939f74cfe7c327a46a23b
pyproject.tomlhttps://github.com/gitpython-developers/GitPython/pull/1950/files#diff-50c86b7ed8ac2cf95bd48334961bf0530cdc77b5a56f852c5c61b89d735fd711
View file https://github.com/DaveLak/GitPython/blob/2ed33345667706c5755708e88c989ede06f2414f/pyproject.toml
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/gitpython-developers/GitPython/pull/1950/{{ revealButtonHref }}
https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-50c86b7ed8ac2cf95bd48334961bf0530cdc77b5a56f852c5c61b89d735fd711
https://github.com/gitpython-developers/GitPython/pull/1950/files#diff-50c86b7ed8ac2cf95bd48334961bf0530cdc77b5a56f852c5c61b89d735fd711
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width

URLs of crawlers that visited me.