feat: rebuild attack chains for 5 entries with multi-stage semantics#20
Open
perhaps468 wants to merge 1 commit into
Open
feat: rebuild attack chains for 5 entries with multi-stage semantics#20perhaps468 wants to merge 1 commit into
perhaps468 wants to merge 1 commit into
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
概述
Closes #7
本 PR 针对 5 个 VulnGym 样本进行人工辅助的链路重建。这些样本并非单点行号偏移,而是整条数据流或调用链的语义错位——节点能找到代码,但位置不在利用链上;或漏洞需要多阶段触发,单一入口点难以表达完整利用过程。
修复目标:
每个 entry 的 entry_point / critical_operation / trace 均经 GitHub raw 远程字节级匹配 + 本地 SCHEMA 校验双重复核(33 个 {file,line,code} 节点 H1/H2/H3/H4 全 0),并补全 desc 字段。
多阶段样本处理:
变更内容
data/entries.fixed.jsonldata/entries.jsonl入库,二者内容等价)。rebuild_report.mdfix_diff.csvscripts/apply_entry_patches.pyscripts/runtime_audit.pydebug-b5f720.log。scripts/verify_patched_entries.py验收对照
跑了 3 个脚本,全部 =0 通过:
python scripts/runtime_audit.py --use-remote5 条 target 的 entry_point / critical_operation / 全部 trace 共 33 个
{file,line,code}节点,到 GitHub raw 对应 commit 拉源码行级精确匹配,H1/H2/H3/H4 全 0;NDJSON 落在debug-b5f720.log(gitignored)。python scripts/verify_patched_entries.py对 5 条 target 校验 entry_point / critical_operation / 全部 trace 节点的 desc 非空、
line合法、code形态正确;H3=0 全条目 schema clean。wc -l data/entries.fixed.jsonl修复后 408 行,与
data/entries.jsonl一致;本轮只对 5 条 target 做语义重建,未截断其它 entry。