Address translation (#62)

Change the address translation function so that we are able to report more precise incident locations.

Address translation (#62)
Change the address translation function so that we are able to report more precise incident locations.
79f828f4 · Melvin Klimke · GitHub · 944313ec · 79f828f4 · 79f828f4
Unverified Commit 79f828f4 authored Jun 08, 2020 by Melvin Klimke Committed by GitHub Jun 08, 2020
4 changed files
--- a/src/utils/address_translation.ml
+++ b/src/utils/address_translation.ml
@@ -9,11 +9,21 @@ let translate_tid_to_assembler_address_string (tid : tid) (tid_map : word Tid.Ma


 let generate_tid_map (prog : program term) : word Tid.Map.t =
+
+  let last_addr = ref None in
+
  (object
    inherit [addr Tid.Map.t] Term.visitor
    method! enter_term _ t addrs = match Term.get_attr t address with
-      | None -> addrs
-      | Some addr -> Map.add_exn addrs ~key:(Term.tid t) ~data:addr
+      | None -> begin
+          match !last_addr with
+          | Some addr -> Map.add_exn addrs ~key:(Term.tid t) ~data:addr
+          | None -> addrs
+      end
+      | Some addr -> begin
+          last_addr := Some addr;
+          Map.add_exn addrs ~key:(Term.tid t) ~data:addr
+        end
    end)#run prog Tid.Map.empty



--- a/test/unit/cwe_checker_unit_tests.ml
+++ b/test/unit/cwe_checker_unit_tests.ml
@@ -12,6 +12,7 @@ let run_tests project =
    "Cconv_tests", Cconv_test.tests;
    "CWE_476_tests", Cwe_476_test.tests;
    "CWE_560_tests", Cwe_560_test.tests;
+    "Address_translation_tests", Address_translation_test.tests;
     ]

 let () =

--- a/test/unit/utils/address_translation_test.ml
+++ b/test/unit/utils/address_translation_test.ml
+open Bap.Std
+open Core_kernel
+open Cwe_checker_core
+
+open Address_translation
+
+
+let check msg x = Alcotest.(check bool) msg true x
+
+
+let test_translate_tid_to_assembler_address_string () =
+  let tid_map = Tid.Map.empty in
+  let tid_1 = Tid.create () in
+  let tid_2 = Tid.create () in
+  let tid_map = Map.add_exn tid_map ~key:tid_1 ~data:(Addr.of_bool true) in
+  let () = check "TID not correctly mapped to address" (translate_tid_to_assembler_address_string tid_1 tid_map = "1:1u") in
+  let () = check "TID not correctly mapped to address" (translate_tid_to_assembler_address_string tid_2 tid_map = "UNKNOWN") in
+  ()
+
+
+let test_generate_tid_map () =
+  let program = Program.create () in
+  let program = Term.set_attr program address (Addr.of_bool false) in
+
+  let s = Sub.create () in
+  let b = Blk.create () in
+  let x = Var.create "x" (Bil.Imm 8) in
+  let y = Var.create "y" (Bil.Imm 8) in
+  let z = Var.create "z" (Bil.Imm 8) in
+  let d_1 = Def.create x Bil.(var y + var z) in
+  let b = Term.append def_t b d_1 in
+  let b = Term.set_attr b address (Addr.of_bool true) in
+  let s = Term.append blk_t s b in
+
+  let program = Term.append sub_t program s in
+  let tid_map = generate_tid_map program in
+
+  let () = check "address not in vicinity" (translate_tid_to_assembler_address_string (Term.tid s) tid_map = "UNKNOWN") in
+  let () = check "address not in vicinity" (translate_tid_to_assembler_address_string (Term.tid d_1) tid_map = "1:1u") in
+  ()
+
+
+let tests = [
+  "Generate TID map", `Quick, test_generate_tid_map;
+  "Translate TID to assembler address string", `Quick, test_translate_tid_to_assembler_address_string
+]
--- a/test/unit/utils/address_translation_test.mli
+++ b/test/unit/utils/address_translation_test.mli
+val tests: unit Alcotest.test_case list