Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
C
cwe_checker
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
fact-depend
cwe_checker
Commits
1b0f0b48
Unverified
Commit
1b0f0b48
authored
2 years ago
by
Enkelmann
Committed by
GitHub
2 years ago
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
prevent huge expressions during expression propagation (#412)
parent
1fcc30cb
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
23 additions
and
1 deletions
+23
-1
mod.rs
...we_checker_lib/src/analysis/expression_propagation/mod.rs
+7
-1
expression.rs
...checker_lib/src/intermediate_representation/expression.rs
+16
-0
No files found.
src/cwe_checker_lib/src/analysis/expression_propagation/mod.rs
View file @
1b0f0b48
...
@@ -55,9 +55,15 @@ impl<'a> crate::analysis::forward_interprocedural_fixpoint::Context<'a> for Cont
...
@@ -55,9 +55,15 @@ impl<'a> crate::analysis::forward_interprocedural_fixpoint::Context<'a> for Cont
let
mut
extended_expression
=
expression
.clone
();
let
mut
extended_expression
=
expression
.clone
();
for
input_var
in
expression
.input_vars
()
.into_iter
()
{
for
input_var
in
expression
.input_vars
()
.into_iter
()
{
if
let
Some
(
expr
)
=
insertable_expressions
.get
(
input_var
)
{
if
let
Some
(
expr
)
=
insertable_expressions
.get
(
input_var
)
{
extended_expression
.substitute_input_var
(
input_var
,
expr
)
// We limit the complexity of expressions to insert.
// This prevents extremely large expressions that can lead to extremely high RAM usage.
// FIXME: Right now this limit is quite arbitrary. Maybe there is a better way to achieve the same result?
if
expr
.recursion_depth
()
<
10
{
extended_expression
.substitute_input_var
(
input_var
,
expr
)
}
}
}
}
}
extended_expression
.substitute_trivial_operations
();
insertable_expressions
.insert
(
var
.clone
(),
extended_expression
.clone
());
insertable_expressions
.insert
(
var
.clone
(),
extended_expression
.clone
());
// Expressions dependent on the assigned variable are no longer insertable.
// Expressions dependent on the assigned variable are no longer insertable.
insertable_expressions
.retain
(|
_input_var
,
input_expr
|
{
insertable_expressions
.retain
(|
_input_var
,
input_expr
|
{
...
...
This diff is collapsed.
Click to expand it.
src/cwe_checker_lib/src/intermediate_representation/expression.rs
View file @
1b0f0b48
...
@@ -208,6 +208,22 @@ impl Expression {
...
@@ -208,6 +208,22 @@ impl Expression {
}
}
}
}
}
}
/// Compute a recursion depth for the expression.
///
/// Because of the recursive nature of the [Expression] type,
/// overly complex expressions are very costly to clone, which in turn can negatively affect some analyses.
/// The recursion depth measure can be used to detect and handle such cases.
pub
fn
recursion_depth
(
&
self
)
->
u64
{
use
Expression
::
*
;
match
self
{
Const
(
_
)
|
Unknown
{
..
}
|
Var
(
_
)
=>
0
,
Subpiece
{
arg
,
..
}
|
Cast
{
arg
,
..
}
|
UnOp
{
arg
,
..
}
=>
arg
.recursion_depth
()
+
1
,
BinOp
{
lhs
,
rhs
,
..
}
=>
{
std
::
cmp
::
max
(
lhs
.recursion_depth
(),
rhs
.recursion_depth
())
+
1
}
}
}
}
}
impl
fmt
::
Display
for
Expression
{
impl
fmt
::
Display
for
Expression
{
...
...
This diff is collapsed.
Click to expand it.
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
