Skip to content
This repository was archived by the owner on Sep 1, 2022. It is now read-only.

Commit ee98065

Browse files
xcorailxcorail
authored
Merge pull request #21 from github/adityasharad/ctf/guarded-alloca-calls
SEGV CTF: Expect `alloca` calls in step 10 instead of their basic blocks.
2 parents ba1ff67 + 28818bb commit ee98065

File tree

2 files changed

+64
-65
lines changed

2 files changed

+64
-65
lines changed

courses/cpp/ctf-segv/answers/10_guarded_alloca.ql

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -23,10 +23,9 @@ DataFlow::Node use_alloca(boolean branch) {
2323
result.asExpr().(NotExpr).getOperand() = use_alloca(branch.booleanNot()).asExpr()
2424
}
2525

26-
from GuardCondition guard, BasicBlock block, boolean branch, FunctionCall alloca
26+
from GuardCondition guard, boolean branch, FunctionCall alloca
2727
where
2828
guard = use_alloca(branch).asExpr() and
29-
guard.controls(block, branch) and
30-
alloca.getTarget().getName() = "__builtin_alloca" and
31-
block.contains(alloca)
32-
select block, "safe call to __builtin_alloca"
29+
guard.controls(alloca.getBasicBlock(), branch) and
30+
alloca.getTarget().getName() = "__builtin_alloca"
31+
select alloca, "safe call to __builtin_alloca"

courses/cpp/ctf-segv/image/config/2.5_guarded_alloca.csv

Lines changed: 60 additions & 60 deletions
Original file line numberDiff line numberDiff line change
@@ -1,60 +1,60 @@
1-
"block","URL for block","col1"
2-
"ExprStmt","file:///opt/src/crypt/md5-crypt.c:119:2:119:59","safe call to __builtin_alloca"
3-
"ExprStmt","file:///opt/src/crypt/sha256-crypt.c:151:2:151:69","safe call to __builtin_alloca"
4-
"ExprStmt","file:///opt/src/crypt/sha256-crypt.c:248:5:248:44","safe call to __builtin_alloca"
5-
"ExprStmt","file:///opt/src/crypt/sha512-crypt.c:151:2:151:69","safe call to __builtin_alloca"
6-
"ExprStmt","file:///opt/src/crypt/sha512-crypt.c:247:5:247:44","safe call to __builtin_alloca"
7-
"ExprStmt","file:///opt/src/iconv/iconv_open.c:40:5:40:46","safe call to __builtin_alloca"
8-
"ExprStmt","file:///opt/src/iconv/iconv_open.c:55:5:55:50","safe call to __builtin_alloca"
9-
"ExprStmt","file:///opt/src/nptl/pthread_create.c:643:6:643:35","safe call to __builtin_alloca"
10-
"ExprStmt","file:///opt/src/nscd/grpcache.c:231:6:231:54","safe call to __builtin_alloca"
11-
"ExprStmt","file:///opt/src/nscd/nscd_getserv_r.c:96:5:96:46","safe call to __builtin_alloca"
12-
"ExprStmt","file:///opt/src/nscd/nscd_getserv_r.c:255:3:257:23","safe call to __builtin_alloca"
13-
"ExprStmt","file:///opt/src/nscd/nscd_netgroup.c:174:5:174:26","safe call to __builtin_alloca"
14-
"ExprStmt","file:///opt/src/posix/fnmatch_loop.c:1070:6:1070:16","safe call to __builtin_alloca"
15-
"ExprStmt","file:///opt/src/posix/fnmatch_loop.c:1077:6:1077:16","safe call to __builtin_alloca"
16-
"ExprStmt","file:///opt/src/posix/fnmatch_loop.c:1070:6:1070:16","safe call to __builtin_alloca"
17-
"ExprStmt","file:///opt/src/posix/fnmatch_loop.c:1077:6:1077:16","safe call to __builtin_alloca"
18-
"ExprStmt","file:///opt/src/posix/getopt.c:253:6:253:35","safe call to __builtin_alloca"
19-
"ExprStmt","file:///opt/src/stdio-common/fxprintf.c:47:5:47:42","safe call to __builtin_alloca"
20-
"ExprStmt","file:///opt/src/stdio-common/printf_fp.c:923:7:923:53","safe call to __builtin_alloca"
21-
"ExprStmt","file:///opt/src/stdio-common/printf_fp.c:1212:6:1212:39","safe call to __builtin_alloca"
22-
"32","file:///opt/src/stdio-common/vfprintf-internal.c:1969:28:1971:29","safe call to __builtin_alloca"
23-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:2026:4:2026:45","safe call to __builtin_alloca"
24-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:2026:4:2026:45","safe call to __builtin_alloca"
25-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1481:8:1481:60","safe call to __builtin_alloca"
26-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1513:6:1513:58","safe call to __builtin_alloca"
27-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1589:6:1589:57","safe call to __builtin_alloca"
28-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1645:4:1645:53","safe call to __builtin_alloca"
29-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1645:4:1645:53","safe call to __builtin_alloca"
30-
"32","file:///opt/src/stdio-common/vfprintf-internal.c:1969:28:1971:29","safe call to __builtin_alloca"
31-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:2026:4:2026:45","safe call to __builtin_alloca"
32-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:2026:4:2026:45","safe call to __builtin_alloca"
33-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1481:8:1481:60","safe call to __builtin_alloca"
34-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1513:6:1513:58","safe call to __builtin_alloca"
35-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1589:6:1589:57","safe call to __builtin_alloca"
36-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1645:4:1645:53","safe call to __builtin_alloca"
37-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1645:4:1645:53","safe call to __builtin_alloca"
38-
"32","file:///opt/src/stdio-common/vfprintf-internal.c:1969:28:1971:29","safe call to __builtin_alloca"
39-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:2026:4:2026:45","safe call to __builtin_alloca"
40-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1481:8:1481:60","safe call to __builtin_alloca"
41-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1513:6:1513:58","safe call to __builtin_alloca"
42-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1589:6:1589:57","safe call to __builtin_alloca"
43-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1645:4:1645:53","safe call to __builtin_alloca"
44-
"32","file:///opt/src/stdio-common/vfprintf-internal.c:1969:28:1971:29","safe call to __builtin_alloca"
45-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:2026:4:2026:45","safe call to __builtin_alloca"
46-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1481:8:1481:60","safe call to __builtin_alloca"
47-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1513:6:1513:58","safe call to __builtin_alloca"
48-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1589:6:1589:57","safe call to __builtin_alloca"
49-
"ExprStmt","file:///opt/src/stdio-common/vfprintf-internal.c:1645:4:1645:53","safe call to __builtin_alloca"
50-
"ExprStmt","file:///opt/src/stdlib/putenv.c:68:2:68:44","safe call to __builtin_alloca"
51-
"ExprStmt","file:///opt/src/stdlib/setenv.c:186:6:186:41","safe call to __builtin_alloca"
52-
"ExprStmt","file:///opt/src/sysdeps/posix/getaddrinfo.c:2303:2:2303:30","safe call to __builtin_alloca"
53-
"ExprStmt","file:///opt/src/sysdeps/posix/getaddrinfo.c:2303:2:2303:30","safe call to __builtin_alloca"
54-
"ExprStmt","file:///opt/src/sysdeps/unix/sysv/linux/check_native.c:92:5:92:27","safe call to __builtin_alloca"
55-
"ExprStmt","file:///opt/src/sysdeps/unix/sysv/linux/getipv4sourcefilter.c:41:5:41:49","safe call to __builtin_alloca"
56-
"ExprStmt","file:///opt/src/sysdeps/unix/sysv/linux/getsourcefilter.c:103:5:103:48","safe call to __builtin_alloca"
57-
"ExprStmt","file:///opt/src/sysdeps/unix/sysv/linux/ifaddrs.c:145:5:145:27","safe call to __builtin_alloca"
58-
"ExprStmt","file:///opt/src/sysdeps/unix/sysv/linux/setipv4sourcefilter.c:41:5:41:49","safe call to __builtin_alloca"
59-
"ExprStmt","file:///opt/src/sysdeps/unix/sysv/linux/setsourcefilter.c:42:5:42:48","safe call to __builtin_alloca"
60-
"ExprStmt","file:///opt/src/time/getdate.c:160:2:160:27","safe call to __builtin_alloca"
1+
"alloca","URL for alloca","col1"
2+
"call to __builtin_alloca","file:///opt/src/crypt/md5-crypt.c:119:17:119:59","safe call to __builtin_alloca"
3+
"call to __builtin_alloca","file:///opt/src/crypt/sha256-crypt.c:151:8:151:69","safe call to __builtin_alloca"
4+
"call to __builtin_alloca","file:///opt/src/crypt/sha256-crypt.c:248:29:248:44","safe call to __builtin_alloca"
5+
"call to __builtin_alloca","file:///opt/src/crypt/sha512-crypt.c:151:8:151:69","safe call to __builtin_alloca"
6+
"call to __builtin_alloca","file:///opt/src/crypt/sha512-crypt.c:247:29:247:44","safe call to __builtin_alloca"
7+
"call to __builtin_alloca","file:///opt/src/iconv/iconv_open.c:40:28:40:46","safe call to __builtin_alloca"
8+
"call to __builtin_alloca","file:///opt/src/iconv/iconv_open.c:55:30:55:50","safe call to __builtin_alloca"
9+
"call to __builtin_alloca","file:///opt/src/nptl/pthread_create.c:643:15:643:35","safe call to __builtin_alloca"
10+
"call to __builtin_alloca","file:///opt/src/nscd/grpcache.c:231:16:231:54","safe call to __builtin_alloca"
11+
"call to __builtin_alloca","file:///opt/src/nscd/nscd_getserv_r.c:96:11:96:46","safe call to __builtin_alloca"
12+
"call to __builtin_alloca","file:///opt/src/nscd/nscd_getserv_r.c:255:17:257:23","safe call to __builtin_alloca"
13+
"call to __builtin_alloca","file:///opt/src/nscd/nscd_netgroup.c:174:11:174:26","safe call to __builtin_alloca"
14+
"call to __builtin_alloca","file:///opt/src/posix/fnmatch_loop.c:1070:6:1070:16","safe call to __builtin_alloca"
15+
"call to __builtin_alloca","file:///opt/src/posix/fnmatch_loop.c:1077:6:1077:16","safe call to __builtin_alloca"
16+
"call to __builtin_alloca","file:///opt/src/posix/fnmatch_loop.c:1070:6:1070:16","safe call to __builtin_alloca"
17+
"call to __builtin_alloca","file:///opt/src/posix/fnmatch_loop.c:1077:6:1077:16","safe call to __builtin_alloca"
18+
"call to __builtin_alloca","file:///opt/src/posix/getopt.c:253:18:253:35","safe call to __builtin_alloca"
19+
"call to __builtin_alloca","file:///opt/src/stdio-common/fxprintf.c:47:12:47:42","safe call to __builtin_alloca"
20+
"call to __builtin_alloca","file:///opt/src/stdio-common/printf_fp.c:923:29:923:53","safe call to __builtin_alloca"
21+
"call to __builtin_alloca","file:///opt/src/stdio-common/printf_fp.c:1212:24:1212:39","safe call to __builtin_alloca"
22+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1969:28:1970:25","safe call to __builtin_alloca"
23+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:2026:4:2026:45","safe call to __builtin_alloca"
24+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:2026:4:2026:45","safe call to __builtin_alloca"
25+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1481:29:1481:43","safe call to __builtin_alloca"
26+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1513:27:1513:41","safe call to __builtin_alloca"
27+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1589:27:1589:41","safe call to __builtin_alloca"
28+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1645:4:1645:53","safe call to __builtin_alloca"
29+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1645:4:1645:53","safe call to __builtin_alloca"
30+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1969:28:1970:25","safe call to __builtin_alloca"
31+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:2026:4:2026:45","safe call to __builtin_alloca"
32+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:2026:4:2026:45","safe call to __builtin_alloca"
33+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1481:29:1481:43","safe call to __builtin_alloca"
34+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1513:27:1513:41","safe call to __builtin_alloca"
35+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1589:27:1589:41","safe call to __builtin_alloca"
36+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1645:4:1645:53","safe call to __builtin_alloca"
37+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1645:4:1645:53","safe call to __builtin_alloca"
38+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1969:28:1970:25","safe call to __builtin_alloca"
39+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:2026:4:2026:45","safe call to __builtin_alloca"
40+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1481:29:1481:43","safe call to __builtin_alloca"
41+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1513:27:1513:41","safe call to __builtin_alloca"
42+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1589:27:1589:41","safe call to __builtin_alloca"
43+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1645:4:1645:53","safe call to __builtin_alloca"
44+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1969:28:1970:25","safe call to __builtin_alloca"
45+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:2026:4:2026:45","safe call to __builtin_alloca"
46+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1481:29:1481:43","safe call to __builtin_alloca"
47+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1513:27:1513:41","safe call to __builtin_alloca"
48+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1589:27:1589:41","safe call to __builtin_alloca"
49+
"call to __builtin_alloca","file:///opt/src/stdio-common/vfprintf-internal.c:1645:4:1645:53","safe call to __builtin_alloca"
50+
"call to __builtin_alloca","file:///opt/src/stdlib/putenv.c:68:9:68:44","safe call to __builtin_alloca"
51+
"call to __builtin_alloca","file:///opt/src/stdlib/setenv.c:186:27:186:41","safe call to __builtin_alloca"
52+
"call to __builtin_alloca","file:///opt/src/sysdeps/posix/getaddrinfo.c:2303:12:2303:30","safe call to __builtin_alloca"
53+
"call to __builtin_alloca","file:///opt/src/sysdeps/posix/getaddrinfo.c:2303:12:2303:30","safe call to __builtin_alloca"
54+
"call to __builtin_alloca","file:///opt/src/sysdeps/unix/sysv/linux/check_native.c:92:11:92:27","safe call to __builtin_alloca"
55+
"call to __builtin_alloca","file:///opt/src/sysdeps/unix/sysv/linux/getipv4sourcefilter.c:41:35:41:49","safe call to __builtin_alloca"
56+
"call to __builtin_alloca","file:///opt/src/sysdeps/unix/sysv/linux/getsourcefilter.c:103:34:103:48","safe call to __builtin_alloca"
57+
"call to __builtin_alloca","file:///opt/src/sysdeps/unix/sysv/linux/ifaddrs.c:145:11:145:27","safe call to __builtin_alloca"
58+
"call to __builtin_alloca","file:///opt/src/sysdeps/unix/sysv/linux/setipv4sourcefilter.c:41:35:41:49","safe call to __builtin_alloca"
59+
"call to __builtin_alloca","file:///opt/src/sysdeps/unix/sysv/linux/setsourcefilter.c:42:34:42:48","safe call to __builtin_alloca"
60+
"call to __builtin_alloca","file:///opt/src/time/getdate.c:160:10:160:27","safe call to __builtin_alloca"

0 commit comments

Comments
 (0)