lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 4 Jul 2019 16:21:30 -0400
From:   Alexander Aring <aring@...atatu.com>
To:     Lucas Bates <lucasb@...atatu.com>
Cc:     davem@...emloft.net, netdev@...r.kernel.org, jhs@...atatu.com,
        xiyou.wangcong@...il.com, jiri@...nulli.us, mleitner@...hat.com,
        vladbu@...lanox.com, dcaratti@...hat.com, kernel@...atatu.com
Subject: Re: [PATCH v2 net-next 1/3] tc-testing: Add JSON verification to tdc

Hi,

On Wed, Jul 03, 2019 at 08:45:00PM -0400, Lucas Bates wrote:
> This patch allows tdc to process JSON output to perform secondary
> verification of the command under test. If the verifyCmd generates
> JSON, one can provide the 'matchJSON' key to process it
> instead of a regex.
> 
> matchJSON has two elements: 'path' and 'value'. The 'path' key is a
> list of integers and strings that provide the key values for tdc to
> navigate the JSON information. The value is an integer or string
> that tdc will compare against what it finds in the provided path.
> 
> If the numerical position of an element can vary, it's possible to
> substitute an asterisk as a wildcard. tdc will search all possible
> entries in the array.
> 
> Multiple matches are possible, but everything specified must
> match for the test to pass.
> 
> If both matchPattern and matchJSON are present, tdc will only
> operate on matchPattern. If neither are present, verification
> is skipped.
> 
> Example:
> 
>   "cmdUnderTest": "$TC actions add action pass index 8",
>   "verifyCmd": "$TC actions list action gact",
>   "matchJSON": [
>       {
>           "path": [
>               0,
>               "actions",
>               0,
>               "control action",
>               "type"
>           ],
>           "value": "gact"
>       },
>       {
>           "path": [
>               0,
>               "actions",
>               0,
>               "index"
>           ],
>           "value": 8
>       }
>   ]

why you just use eval() as pattern matching operation and let the user
define how to declare a matching mechanism instead you introduce another
static matching scheme based on a json description?

Whereas in eval() you could directly use the python bool expression
parser to make whatever you want.

I don't know, I see at some points you will hit limitations what you can
express with this matchFOO and we need to introduce another matchBAR,
whereas in providing the code it should be no problem expression
anything. If you want smaller shortcuts writing matching patterns you
can implement them and using in your eval() operation.

- Alex

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ