MCPcopy
hub / github.com/microsoft/retina / TestBuildIPFilter

Function TestBuildIPFilter

shell/tracescript_test.go:310–373  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

308}
309
310func TestBuildIPFilter(t *testing.T) {
311 tests := []struct {
312 name string
313 ips []string
314 expectHexIPs []string
315 noStringIPs bool // Verify original strings don't appear
316 }{
317 {
318 name: "single IP",
319 ips: []string{"10.0.0.1"},
320 expectHexIPs: []string{"0x0a000001"},
321 noStringIPs: true,
322 },
323 {
324 name: "multiple IPs",
325 ips: []string{"10.0.0.1", "192.168.1.1"},
326 expectHexIPs: []string{"0x0a000001", "0xc0a80101"},
327 noStringIPs: true,
328 },
329 {
330 name: "Class B network",
331 ips: []string{"172.16.0.1"},
332 expectHexIPs: []string{"0xac100001"},
333 noStringIPs: true,
334 },
335 }
336
337 for _, tt := range tests {
338 t.Run(tt.name, func(t *testing.T) {
339 var parsedIPs []net.IP
340 for _, ipStr := range tt.ips {
341 ip := net.ParseIP(ipStr)
342 if ip == nil {
343 t.Fatalf("failed to parse IP: %s", ipStr)
344 }
345 parsedIPs = append(parsedIPs, ip)
346 }
347
348 config := TraceConfig{
349 FilterIPs: parsedIPs,
350 OutputJSON: false,
351 }
352
353 gen := NewScriptGenerator(config)
354 filter := gen.buildSkbIPFilterCondition()
355
356 // Verify hex IPs are present
357 for _, hexIP := range tt.expectHexIPs {
358 if !strings.Contains(filter, hexIP) {
359 t.Errorf("expected filter to contain %s, got: %s", hexIP, filter)
360 }
361 }
362
363 // Verify original string IPs are NOT present (security)
364 if tt.noStringIPs {
365 for _, ipStr := range tt.ips {
366 if strings.Contains(filter, ipStr) {
367 t.Errorf("filter should not contain original IP string %s - security risk", ipStr)

Callers

nothing calls this directly

Calls 4

NewScriptGeneratorFunction · 0.85
ContainsMethod · 0.80
RunMethod · 0.65

Tested by

no test coverage detected