[OpenWrt-Devel] CI testing of rpcd project [Was: Re: [PATCH] rpcd: fix respawn settings]

Petr Štetiar ynezz at true.cz
Fri Mar 6 05:42:17 EST 2020

Michael Jones <mike at meshplusplus.com> [2020-03-05 14:00:29]:

> How can I help?

You can for example continue[1] adding CI support to rpcd (or any other C
projects), which means fixing all issues found by the static code analyzer[2].
Next step is runtime testing, to assure, that rpcd is working and producing
expected results, somehow make automaticaly sure on CI, that next steps wont
introduce regressions.

Then for the start I would probably try to identify important parts (auth,
session handling?) and refactor the code so some unit testing would be
possible, then I would start adding fuzzing as well.

It's in short the bare minimum of what I've done with libubox/ubus so far,
where you can take a look for some examples of unit tests and fuzzing, it's in
`tests` directory.

You can find small details about the CI in my "OpenWrt GitLab CI details"[3]

IMHO uhttpd[4] should be preferably tackled first, rpcd is down the stack.

> Tools like https://klee.github.io/ can get you so close to 100% certainty
> that it's effectively 100%.

If I read it correctly, KLEE can generate inputs which would cover all code
paths, thus having 100% code test coverage, which doesn't mean 100% secure
software. Achieving 100% test coverage on rpcd isn't low hanging fruit as

1. https://gitlab.com/ynezz/openwrt-rpcd/-/commits/wip/
2. https://ynezz.gitlab.io/-/openwrt-rpcd/-/jobs/461909741/artifacts/build/scan/2020-03-06-092943-106-1/index.html
3. http://lists.infradead.org/pipermail/openwrt-devel/2019-December/020831.html
4. https://gitlab.com/ynezz/openwrt-uhttpd/-/commits/wip/

-- ynezz

openwrt-devel mailing list
openwrt-devel at lists.openwrt.org

More information about the openwrt-devel mailing list