From 965a822457f8bf38d077de54cad55227e4eb2364 Mon Sep 17 00:00:00 2001 From: Daniel Romano <108014683+daniel-romano-DD@users.noreply.github.com> Date: Mon, 16 Sep 2024 14:27:41 +0200 Subject: [PATCH] [IAST] Fix system test weak_cipher system test (#6034) ## Summary of changes Return first frame of the stack trace as location if no suitable one was found, but no exclusion either ## Reason for change System tests for weak cipher were broken due to a rare situation where no location was detected for the vulnerability ## Implementation details If no excluded frame was found, but the rest were skipped, we are returning the first stack frame ## Test coverage system tests should pass now --- tracer/src/Datadog.Trace/Iast/IastModule.cs | 3 +-- tracer/src/Datadog.Trace/Iast/StackWalker.cs | 10 ++++++---- 2 files changed, 7 insertions(+), 6 deletions(-) diff --git a/tracer/src/Datadog.Trace/Iast/IastModule.cs b/tracer/src/Datadog.Trace/Iast/IastModule.cs index 5532cbeb79ea..aebbbd75fa50 100644 --- a/tracer/src/Datadog.Trace/Iast/IastModule.cs +++ b/tracer/src/Datadog.Trace/Iast/IastModule.cs @@ -694,8 +694,7 @@ private static IastModuleResponse GetScope(string evidenceValue, IntegrationId i private static Location? GetLocation(StackTrace? stack = null, Span? currentSpan = null) { stack ??= StackWalker.GetStackTrace(); - var stackFrame = StackWalker.GetFrame(stack); - if (stackFrame is null) + if (!StackWalker.TryGetFrame(stack, out var stackFrame)) { return null; } diff --git a/tracer/src/Datadog.Trace/Iast/StackWalker.cs b/tracer/src/Datadog.Trace/Iast/StackWalker.cs index 8d2230fabeb6..ff81a686fdf8 100644 --- a/tracer/src/Datadog.Trace/Iast/StackWalker.cs +++ b/tracer/src/Datadog.Trace/Iast/StackWalker.cs @@ -52,8 +52,9 @@ public static StackTrace GetStackTrace() return new StackTrace(DefaultSkipFrames, true); } - public static StackFrame? GetFrame(StackTrace stackTrace) + public static bool TryGetFrame(StackTrace stackTrace, out StackFrame? targetFrame) { + targetFrame = null; foreach (var frame in stackTrace.GetFrames()) { var declaringType = frame?.GetMethod()?.DeclaringType; @@ -62,18 +63,19 @@ public static StackTrace GetStackTrace() { if (excludeType == declaringType?.FullName) { - return null; + return false; } } var assembly = declaringType?.Assembly.GetName().Name; if (assembly != null && !MustSkipAssembly(assembly)) { - return frame; + targetFrame = frame; + break; } } - return null; + return true; } public static bool MustSkipAssembly(string assembly)