improve leak functions

DataDog · Oct 7, 2024 · 40ea4b5 · 40ea4b5
1 parent 183cba3
commit 40ea4b5
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 6 deletions.
diff --git a/.gitlab/tests/appsec.yml b/.gitlab/tests/appsec.yml
@@ -61,7 +61,7 @@ appsec aggregated leak testing:
   variables:
     SUITE_NAME: "appsec_aggregated_leak_testing"
   retry: 2
-  timeout: 25m
+  timeout: 35m
 
 appsec iast native:
   extends: .test_base_hatch

diff --git a/hatch.toml b/hatch.toml
@@ -339,6 +339,7 @@ dependencies = [
     "pytest-cov",
     "hypothesis",
     "requests",
+    "pytest-asyncio",
     "anyio",
     "pydantic",
     "pydantic-settings",

diff --git a/scripts/iast/leak_functions.py b/scripts/iast/leak_functions.py
@@ -37,21 +37,22 @@ def _pre_checks(module, aspect_to_check="add_aspect"):
 
 @pytest.mark.asyncio
 async def iast_leaks(iterations: int, fail_percent: float, print_every: int):
-    if iterations < 60000:
+    mem_reference_iterations = 50000
+    if iterations < mem_reference_iterations:
         print(
             "Error: not running with %d iterations. At least 60.000 are needed to stabilize the RSS info" % iterations
         )
         sys.exit(1)
 
     try:
-        mem_reference_iterations = 50000
+
         print("Test %d iterations" % iterations)
         current_rss = 0
         half_rss = 0
         enable_iast_propagation()
         from scripts.iast.mod_leak_functions import test_doit
 
-        # TODO(avara1986): pydantic is in the DENY_LIST
+        # TODO(avara1986): pydantic is in the DENY_LIST, remove from it and uncomment this lines
         #  from pydantic import main
         #  _pre_checks(main, "index_aspect")
 

diff --git a/scripts/iast/mod_leak_functions.py b/scripts/iast/mod_leak_functions.py
@@ -318,7 +318,7 @@ async def test_doit():
     tmp_str2 = "_extend"
     string27 += tmp_str2
 
-    # TODO(avara1986): Pydantic is in the deny list, remove from it and uncomment this lines
+    # TODO(avara1986): pydantic is in the DENY_LIST, remove from it and uncomment this lines
     # result = await anyio.to_thread.run_sync(functools.partial(pydantic_object, string_tainted=string27), string27)
     # result = pydantic_object(tag="test2", string_tainted=string27)
     # return result.tuple_strings[0]

diff --git a/tests/appsec/iast_aggregated_memcheck/test_aggregated_memleaks.py b/tests/appsec/iast_aggregated_memcheck/test_aggregated_memleaks.py
@@ -8,5 +8,5 @@ async def test_aggregated_leaks():
     with override_env({"DD_IAST_ENABLED": "true"}):
         from scripts.iast.leak_functions import iast_leaks
 
-        result = await iast_leaks(75000, 2.0, 100) == 0
+        result = await iast_leaks(65000, 2.0, 100) == 0
         assert result