mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-18 20:15:14 +02:00
43 lines
1.5 KiB
Rust
43 lines
1.5 KiB
Rust
|
//! Verdict types returned by the dynamic layer.
|
||
|
|
//!
|
||
|
|
//! Kept separate from the run pipeline so the CLI / JSON output side can
|
||
|
|
//! depend on this without pulling in sandbox or harness deps.
|
||
|
|
|
||
|
|
use serde::{Deserialize, Serialize};
|
||
|
|
|
||
|
|
#[derive(Debug, Clone, Copy, PartialEq, Eq, Serialize, Deserialize)]
|
||
|
|
pub enum VerifyStatus {
|
||
|
|
/// Sink fired with at least one payload. Static finding is exploitable
|
||
|
|
/// against the live target.
|
||
|
|
Confirmed,
|
||
|
|
/// All payloads ran cleanly. Either the path is infeasible at runtime
|
||
|
|
/// or the corpus is too narrow. Treat as "static-only" not "false".
|
||
|
|
NotConfirmed,
|
||
|
|
/// Could not build, run, or observe (toolchain missing, sandbox refused,
|
||
|
|
/// timeout on every attempt, etc.).
|
||
|
|
Inconclusive,
|
||
|
|
/// We do not yet know how to drive this finding (missing language
|
||
|
|
/// support, unsupported entry kind, no payloads for cap).
|
||
|
|
Unsupported,
|
||
|
|
}
|
||
|
|
|
||
|
|
#[derive(Debug, Clone, Serialize, Deserialize)]
|
||
|
|
pub struct VerifyResult {
|
||
|
|
pub finding_id: String,
|
||
|
|
pub status: VerifyStatus,
|
||
|
|
/// Label of the payload that triggered, when [`VerifyStatus::Confirmed`].
|
||
|
|
pub triggered_payload: Option<String>,
|
||
|
|
/// Free-form note for inconclusive/unsupported cases.
|
||
|
|
pub reason: Option<String>,
|
||
|
|
/// Per-attempt log (payload label, exit code, timed_out flag).
|
||
|
|
pub attempts: Vec<AttemptSummary>,
|
||
|
|
}
|
||
|
|
|
||
|
|
#[derive(Debug, Clone, Serialize, Deserialize)]
|
||
|
|
pub struct AttemptSummary {
|
||
|
|
pub payload_label: String,
|
||
|
|
pub exit_code: Option<i32>,
|
||
|
|
pub timed_out: bool,
|
||
|
|
pub triggered: bool,
|
||
|
|
}
|