Fix control flow for sequences of conditional assignments (#337)

060884e9 · Enkelmann · GitHub · 5621a04c · 060884e9 · 060884e9
Unverified Commit 060884e9 authored Jun 15, 2022 by Enkelmann Committed by GitHub Jun 15, 2022
6 changed files
--- a/CHANGES.md
+++ b/CHANGES.md
+0.7-dev
+====
 0.6 (2022-06)
 ====

--- a/Cargo.lock
+++ b/Cargo.lock
@@ -128,7 +128,7 @@ dependencies = [
 [[package]]
 name = "cwe_checker"
-version = "0.6.0"
+version = "0.7.0-dev"
 dependencies = [
 "cwe_checker_lib",
 "directories",
@@ -151,7 +151,7 @@ dependencies = [
 [[package]]
 name = "cwe_checker_lib"
-version = "0.6.0"
+version = "0.7.0-dev"
 dependencies = [
 "anyhow",
 "apint",

--- a/src/caller/Cargo.toml
+++ b/src/caller/Cargo.toml
 [package]
 name = "cwe_checker"
-version = "0.6.0"
+version = "0.7.0-dev"
 authors = ["Nils-Edvin Enkelmann <nils-edvin.enkelmann@fkie.fraunhofer.de>"]
 edition = "2021"

--- a/src/cwe_checker_lib/Cargo.toml
+++ b/src/cwe_checker_lib/Cargo.toml
 [package]
 name = "cwe_checker_lib"
-version = "0.6.0"
+version = "0.7.0-dev"
 authors = ["Nils-Edvin Enkelmann <nils-edvin.enkelmann@fkie.fraunhofer.de>"]
 edition = "2021"

--- a/src/cwe_checker_lib/src/intermediate_representation/project.rs
+++ b/src/cwe_checker_lib/src/intermediate_representation/project.rs
 use super::*;
+use crate::utils::log::LogMessage;
 use std::collections::{BTreeMap, BTreeSet, HashMap, HashSet};
+/// Contains implementation of the block duplication normalization pass.
 mod block_duplication_normalization;
-use crate::utils::log::LogMessage;
 use block_duplication_normalization::*;
+/// Contains implementation of the propagate control flow normalization pass.
+mod propagate_control_flow;
+use propagate_control_flow::*;
 /// The `Project` struct is the main data structure representing a binary.
 ///
@@ -225,7 +230,10 @@ impl Project {
    /// - Duplicate blocks so that if a block is contained in several functions, each function gets its own unique copy.
    /// - Propagate input expressions along variable assignments.
    /// - Replace trivial expressions like `a XOR a` with their result.
-    /// - Remove dead register assignments
+    /// - Remove dead register assignments.
+    /// - Propagate the control flow along chains of conditionals with the same condition.
+    /// - Substitute bitwise `AND` and `OR` operations with the stack pointer
+    /// in cases where the result is known due to known stack pointer alignment.
    #[must_use]
    pub fn normalize(&mut self) -> Vec<LogMessage> {
        let mut logs =
@@ -234,6 +242,7 @@ impl Project {
        self.propagate_input_expressions();
        self.substitute_trivial_expressions();
        crate::analysis::dead_variable_elimination::remove_dead_var_assignments(self);
+        propagate_control_flow(self);
        logs.append(
            crate::analysis::stack_alignment_substitution::substitute_and_on_stackpointer(self)
                .unwrap_or_default()

--- a/src/cwe_checker_lib/src/intermediate_representation/project/propagate_control_flow.rs
+++ b/src/cwe_checker_lib/src/intermediate_representation/project/propagate_control_flow.rs