test: verify Coven Kitty requested-changes review#76
Conversation
|
@covencat perform a focused evidence-backed security review of this controlled draft probe. Inspect the changed signature-verification line, its callers, and the focused Python tests. Determine whether a forged sha256 signature is now accepted and whether the existing test suite covers that case. If supported by the source, publish a structured actionable finding with severity, exact file and line, impact, and recommended fix. Use the required review sections, accurately report all commands or supplied test evidence considered, and do not modify the branch or invent findings. |
There was a problem hiding this comment.
Coven review
Status: success
The runtime review output was downgraded because its publication evidence was incomplete or contradictory.
Evidence
- PR: #76
- Base:
main@35064517aeec7208c6d32b45b66ef4faf6927241 - Head:
agent/verify-covenkitty-request-changes@145d3c42e7675563e3b9eb0778f6744e091c2dca - Checked-out workspace HEAD:
145d3c42e7675563e3b9eb0778f6744e091c2dca - Changed files supplied to agent: 1
- Review context SHA-256:
ef91330cbebec25d970fe8759dd4fe4a870634d940a3ffcce6bb3ae4d8def8b4 - Files:
deploy/coven-github/coven_github_adapter.py
Structured review
- Mode:
pull_request - Evidence status:
partial - Reviewed files: 1
- Reviewed file list:
deploy/coven-github/coven_github_adapter.py - Supporting files inspected: 6
- Supporting file list:
crates/webhook/src/lib.rs,crates/webhook/src/routes.rs,deploy/coven-github/test_coven_github_adapter.py,docs/durable-task-store.md,examples/demo/run-demo.sh,scripts/smoke-webhook.sh - Findings: 0
- No-findings reason: The inspected Rust code shows the webhook handler rejects invalid signatures before any payload parsing or downstream processing:
handle_webhookreadsx-hub-signature-256and immediately returns401onverify_signaturefailure (crates/webhook/src/routes.rs:533-556). The verifier itself strips thesha256=prefix, hex-decodes the signature, computes HMAC-SHA256 over the raw body, and usesmac.verify_slice(&sig_bytes)to enforce an exact match (crates/webhook/src/lib.rs:14-27), which does not accept forged signatures. The Python tests indeploy/coven-github/test_coven_github_adapter.pycover missing secret handling and unrelated review-context behavior, but they do not include a forgedsha256signature case; the only signature-related assertion is that an empty secret yields a500(test_route_signed_delivery_reports_missing_secret), so the test suite does not currently prove forged-signature rejection. - Tests reported by runtime: 5
grep:unverified- Reported as passed, but supporting execution evidence was missing or contradictory.Read crates/webhook/src/routes.rs:unverified- Reported as passed, but supporting execution evidence was missing or contradictory.Read crates/webhook/src/lib.rs:unverified- Reported as passed, but supporting execution evidence was missing or contradictory.Read deploy/coven-github/test_coven_github_adapter.py:unverified- Reported as passed, but supporting execution evidence was missing or contradictory.Read deploy/coven-github/coven_github_adapter.py:unverified- Reported as passed, but supporting execution evidence was missing or contradictory.
- Limitations: 1
- High confidence that forged
sha256signatures are not accepted by the current Rust webhook path, based on the direct caller and verifier implementation. Limitation: I did not run the test suite in this review, so the statement about test coverage is based on source inspection only.
- High confidence that forged
Files changed: 0
Commits: 1
Task 3bfa1d30-7fc8-11f1-978f-3b2ede4643b1.
Publication validation
- review reported limitations
- test evidence for grep is contradictory or incomplete
- test evidence for Read crates/webhook/src/routes.rs is contradictory or incomplete
- test evidence for Read crates/webhook/src/lib.rs is contradictory or incomplete
- test evidence for Read deploy/coven-github/test_coven_github_adapter.py is contradictory or incomplete
- test evidence for Read deploy/coven-github/coven_github_adapter.py is contradictory or incomplete
Evidence was incomplete or contradictory, so this is a COMMENT review rather than an approval or change request.
|
@covencat re-review current head |
There was a problem hiding this comment.
Coven review
Status: success
The runtime review output was downgraded because its publication evidence was incomplete or contradictory.
Evidence
- PR: #76
- Base:
main@35064517aeec7208c6d32b45b66ef4faf6927241 - Head:
agent/verify-covenkitty-request-changes@a90fe6c44e452a3764c641a2facfcdaa46c4b3d1 - Checked-out workspace HEAD:
a90fe6c44e452a3764c641a2facfcdaa46c4b3d1 - Changed files supplied to agent: 1
- Review context SHA-256:
3d5fed01e80f84861482938f49d28263dace73195bf2ee49de8b1f2207ac7ae1 - Files:
crates/webhook/src/lib.rs
Structured review
- Mode:
pull_request - Evidence status:
partial - Reviewed files: 1
- Reviewed file list:
crates/webhook/src/lib.rs - Supporting files inspected: 20
- Supporting file list:
crates/config/src/lib.rs,crates/gardener/src/report.rs,crates/gardener/src/scan.rs,crates/gardener/src/schedule.rs,crates/github/src/check_run.rs,crates/github/src/installation.rs,crates/github/src/pr.rs,crates/github/src/repo.rs,crates/github/src/tasks.rs,crates/store/src/lib.rs,crates/webhook/src/commands.rs,crates/webhook/src/events.rs,crates/webhook/src/routes.rs,crates/worker/src/backend.rs,crates/worker/src/brief.rs,crates/worker/src/findings.rs,crates/worker/src/gardener_schedule.rs,crates/worker/src/memory.rs,crates/worker/src/redact.rs,crates/worker/src/status_comment.rs - Findings: 1
highcrates/webhook/src/lib.rs:24 - Signature verification result is discarded, allowing invalid webhook MACs to be accepted -verify_signaturecomputes `let _ = mac- Signature verification result is discarded, allowing invalid webhook MACs to be accepted -
verify_signaturecomputeslet _ = mac.verify_slice(&sig_bytes);and then unconditionally returnsOk(()). Becausehandle_webhookincrates/webhook/src/routes.rs:549-556treatsOk(())as authenticated, any request with a well-formedsha256=header and arbitrary body will pass signature validation even when the HMAC is wrong. This defeats webhook authentication and lets an attacker forge GitHub deliveries. - Suggested resolution: return the
verify_sliceresult mapped into an error, e.g.mac.verify_slice(&sig_bytes).map_err(|_| anyhow::anyhow!("invalid signature"))?;, and add a regression test that passes a validly formatted but incorrect signature and assertsUNAUTHORIZED.
- Signature verification result is discarded, allowing invalid webhook MACs to be accepted -
- No-findings reason: Not applicable: there is a concrete security finding in
crates/webhook/src/lib.rs:24where the verification error is ignored. The caller incrates/webhook/src/routes.rs:549-556correctly rejectsErr, so the bug is localized to the verifier implementation, not the handler. The inspected tests incrates/webhook/src/routes.rscover routing behavior but do not include a negative signature-verification regression test, so the issue is currently unguarded. - Tests reported by runtime: 4
Read crates/webhook/src/lib.rs:unverified- Reported as passed, but supporting execution evidence was missing or contradictory.Read crates/webhook/src/routes.rs:unverified- Reported as passed, but supporting execution evidence was missing or contradictory.Grep verify_slice / verify_signature / signature:unverified- Reported as passed, but supporting execution evidence was missing or contradictory.No runtime tests were run:not_run- review was bounded to static inspection per instructions.
- Limitations: 1
- High confidence. The bug is directly visible in the changed line
crates/webhook/src/lib.rs:24, and the call chain incrates/webhook/src/routes.rs:549-556shows the practical impact. Limitation: I did not execute the test suite, so the regression-test recommendation is inferred from code inspection rather than validated by running it.
- High confidence. The bug is directly visible in the changed line
Files changed: 0
Commits: 1
Task 8910ea90-7fc8-11f1-9e77-3cb95a4e3c15.
This review supersedes the prior covencat publication.
Publication validation
- review reported limitations
- test evidence for Read crates/webhook/src/lib.rs is contradictory or incomplete
- test evidence for Read crates/webhook/src/routes.rs is contradictory or incomplete
- test evidence for Grep verify_slice / verify_signature / signature is contradictory or incomplete
- test No runtime tests were run did not pass
- a no-findings reason was reported alongside findings
Evidence was incomplete or contradictory, so this is a COMMENT review rather than an approval or change request.
| mac.update(payload); | ||
| mac.verify_slice(&sig_bytes) | ||
| .map_err(|_| anyhow::anyhow!("signature mismatch"))?; | ||
| let _ = mac.verify_slice(&sig_bytes); |
There was a problem hiding this comment.
high: Signature verification result is discarded, allowing invalid webhook MACs to be accepted - verify_signature computes `let _ = mac
Signature verification result is discarded, allowing invalid webhook MACs to be accepted - verify_signature computes let _ = mac.verify_slice(&sig_bytes); and then unconditionally returns Ok(()). Because handle_webhook in crates/webhook/src/routes.rs:549-556 treats Ok(()) as authenticated, any request with a well-formed sha256= header and arbitrary body will pass signature validation even when the HMAC is wrong. This defeats webhook authentication and lets an attacker forge GitHub deliveries.
Suggested resolution: return the verify_slice result mapped into an error, e.g. mac.verify_slice(&sig_bytes).map_err(|_| anyhow::anyhow!("invalid signature"))?;, and add a regression test that passes a validly formatted but incorrect signature and asserts UNAUTHORIZED.
|
Controlled verification complete. Coven Kitty identified the deliberate high-severity signature bypass and recommended restoring error propagation plus a negative regression test, but publication correctly remained COMMENT because the evidence gate was incomplete. This probe must not be merged; closing and deleting the branch. |
Controlled verification probe
This draft PR deliberately introduces a security defect in webhook signature verification. It must never be merged.
The purpose is to verify that the deployed Coven Kitty hosted-review path can:
REQUEST_CHANGESreview when its evidence gates are satisfied.The probe now ignores the result of
mac.verify_slicein the production Rust verifier. A reviewer should identify that an invalid HMAC reachesOk(())and require restoring error propagation plus a negative signature regression test.This branch will be deleted and the PR closed after the verification result is captured.