Skip to content

Commit af060e8

Browse files
authored
Merge branch 'main' into timing-attack-py
2 parents 700eb04 + d3c3f2d commit af060e8

File tree

276 files changed

+14148
-3643
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

276 files changed

+14148
-3643
lines changed

.github/workflows/ruby-build.yml

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ jobs:
5050
echo "/usr/local/opt/gnu-tar/libexec/gnubin" >> $GITHUB_PATH
5151
- name: Install cargo-cross
5252
if: runner.os == 'Linux'
53-
run: cargo install cross --version 0.2.1
53+
run: cargo install cross --version 0.2.5
5454
- uses: ./.github/actions/os-version
5555
id: os_version
5656
- name: Cache entire extractor
@@ -85,7 +85,12 @@ jobs:
8585
# This ensures we don't depend on glibc > 2.17.
8686
- name: Release build (linux)
8787
if: steps.cache-extractor.outputs.cache-hit != 'true' && runner.os == 'Linux'
88-
run: cd extractor && cross build --release
88+
run: |
89+
cd extractor
90+
cross build --release
91+
mv target/x86_64-unknown-linux-gnu/release/extractor target/release/
92+
mv target/x86_64-unknown-linux-gnu/release/autobuilder target/release/
93+
mv target/x86_64-unknown-linux-gnu/release/generator target/release/
8994
- name: Release build (windows and macos)
9095
if: steps.cache-extractor.outputs.cache-hit != 'true' && runner.os != 'Linux'
9196
run: cd extractor && cargo build --release

cpp/ql/lib/experimental/semmle/code/cpp/rangeanalysis/ExtendedRangeAnalysis.qll

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,3 +3,4 @@ import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
33
// Import each extension we want to enable
44
import extensions.SubtractSelf
55
import extensions.ConstantBitwiseAndExprRange
6+
import extensions.StrlenLiteralRangeExpr
Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,18 @@
1+
private import cpp
2+
private import experimental.semmle.code.cpp.models.interfaces.SimpleRangeAnalysisExpr
3+
4+
/**
5+
* Provides range analysis information for calls to `strlen` on literal strings.
6+
* For example, the range of `strlen("literal")` will be 7.
7+
*/
8+
class StrlenLiteralRangeExpr extends SimpleRangeAnalysisExpr, FunctionCall {
9+
StrlenLiteralRangeExpr() {
10+
getTarget().hasGlobalOrStdName("strlen") and getArgument(0).isConstant()
11+
}
12+
13+
override int getLowerBounds() { result = getArgument(0).getValue().length() }
14+
15+
override int getUpperBounds() { result = getArgument(0).getValue().length() }
16+
17+
override predicate dependsOnChild(Expr e) { none() }
18+
}

cpp/ql/lib/qlpack.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,3 +8,4 @@ upgrades: upgrades
88
dependencies:
99
codeql/ssa: ${workspace}
1010
codeql/tutorial: ${workspace}
11+
codeql/util: ${workspace}

cpp/ql/lib/semmle/code/cpp/dataflow/internal/DataFlowPrivate.qll

Lines changed: 1 addition & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ private import DataFlowUtil
33
private import DataFlowDispatch
44
private import FlowVar
55
private import DataFlowImplConsistency
6+
import codeql.util.Unit
67

78
/** Gets the callable in which this node occurs. */
89
DataFlowCallable nodeGetEnclosingCallable(Node n) { result = n.getEnclosingCallable() }
@@ -264,15 +265,6 @@ int accessPathLimit() { result = 5 }
264265
*/
265266
predicate forceHighPrecision(Content c) { none() }
266267

267-
/** The unit type. */
268-
private newtype TUnit = TMkUnit()
269-
270-
/** The trivial type with a single element. */
271-
class Unit extends TUnit {
272-
/** Gets a textual representation of this element. */
273-
string toString() { result = "unit" }
274-
}
275-
276268
/** Holds if `n` should be hidden from path explanations. */
277269
predicate nodeIsHidden(Node n) { none() }
278270

cpp/ql/lib/semmle/code/cpp/ir/dataflow/internal/DataFlowPrivate.qll

Lines changed: 1 addition & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@ private import DataFlowImplConsistency
66
private import semmle.code.cpp.ir.internal.IRCppLanguage
77
private import SsaInternals as Ssa
88
private import DataFlowImplCommon as DataFlowImplCommon
9+
import codeql.util.Unit
910

1011
cached
1112
private module Cached {
@@ -799,15 +800,6 @@ int accessPathLimit() { result = 5 }
799800
*/
800801
predicate forceHighPrecision(Content c) { none() }
801802

802-
/** The unit type. */
803-
private newtype TUnit = TMkUnit()
804-
805-
/** The trivial type with a single element. */
806-
class Unit extends TUnit {
807-
/** Gets a textual representation of this element. */
808-
string toString() { result = "unit" }
809-
}
810-
811803
/** Holds if `n` should be hidden from path explanations. */
812804
predicate nodeIsHidden(Node n) {
813805
n instanceof OperandNode and
Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,2 @@
1+
| test.cpp:4:3:4:8 | call to strlen | 7.0 | 7.0 |
2+
| test.cpp:5:3:5:8 | call to strlen | 1.8446744073709552E19 | 0.0 |
Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
import cpp
2+
import semmle.code.cpp.rangeanalysis.SimpleRangeAnalysis
3+
import experimental.semmle.code.cpp.rangeanalysis.extensions.StrlenLiteralRangeExpr
4+
5+
from FunctionCall fc
6+
select fc, upperBound(fc), lowerBound(fc)
Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,6 @@
1+
unsigned long strlen(const char *);
2+
3+
void func(const char *s) {
4+
strlen("literal");
5+
strlen(s);
6+
}
Lines changed: 19 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -1,35 +1,21 @@
1-
| CPP-205.cpp:0:0:0:0 | CPP-205.cpp | |
2-
| CPP-205.cpp:1:20:1:20 | T | |
3-
| CPP-205.cpp:1:20:1:20 | definition of T | |
4-
| CPP-205.cpp:2:5:2:5 | definition of fn | function declaration entry for int fn<int>(int) |
5-
| CPP-205.cpp:2:5:2:5 | fn | function int fn<int>(int) |
6-
| CPP-205.cpp:2:5:2:6 | definition of fn | function declaration entry for int fn<T>(T) |
7-
| CPP-205.cpp:2:5:2:6 | fn | function int fn<T>(T) |
8-
| CPP-205.cpp:2:10:2:12 | definition of out | parameter declaration entry for int fn<T>(T) |
9-
| CPP-205.cpp:2:10:2:12 | definition of out | parameter declaration entry for int fn<int>(int) |
10-
| CPP-205.cpp:2:10:2:12 | out | parameter for int fn<T>(T) |
11-
| CPP-205.cpp:2:10:2:12 | out | parameter for int fn<int>(int) |
12-
| CPP-205.cpp:2:15:5:1 | { ... } | |
13-
| CPP-205.cpp:2:15:5:1 | { ... } | |
14-
| CPP-205.cpp:3:3:3:33 | declaration | |
15-
| CPP-205.cpp:3:3:3:33 | declaration | |
16-
| CPP-205.cpp:3:15:3:15 | declaration of y | |
17-
| CPP-205.cpp:3:15:3:15 | y | |
18-
| CPP-205.cpp:3:17:3:31 | 5 | |
19-
| CPP-205.cpp:4:3:4:11 | return ... | |
20-
| CPP-205.cpp:4:3:4:11 | return ... | |
21-
| CPP-205.cpp:4:10:4:10 | 0 | |
22-
| CPP-205.cpp:4:10:4:10 | 0 | |
1+
| CPP-205.cpp:2:5:2:5 | definition of fn | function declaration entry for int fn<int>(int), isFromTemplateInstantiation(fn) |
2+
| CPP-205.cpp:2:5:2:5 | fn | function int fn<int>(int), isFromTemplateInstantiation(fn) |
3+
| CPP-205.cpp:2:5:2:6 | definition of fn | function declaration entry for int fn<T>(T), isFromUninstantiatedTemplate(fn) |
4+
| CPP-205.cpp:2:5:2:6 | fn | function int fn<T>(T), isFromUninstantiatedTemplate(fn) |
5+
| CPP-205.cpp:2:10:2:12 | definition of out | isFromTemplateInstantiation(fn), parameter declaration entry for int fn<int>(int) |
6+
| CPP-205.cpp:2:10:2:12 | definition of out | isFromUninstantiatedTemplate(fn), parameter declaration entry for int fn<T>(T) |
7+
| CPP-205.cpp:2:10:2:12 | out | isFromTemplateInstantiation(fn), parameter for int fn<int>(int) |
8+
| CPP-205.cpp:2:10:2:12 | out | isFromUninstantiatedTemplate(fn), parameter for int fn<T>(T) |
9+
| CPP-205.cpp:2:15:5:1 | { ... } | isFromTemplateInstantiation(fn) |
10+
| CPP-205.cpp:2:15:5:1 | { ... } | isFromUninstantiatedTemplate(fn) |
11+
| CPP-205.cpp:3:3:3:33 | declaration | isFromTemplateInstantiation(fn) |
12+
| CPP-205.cpp:3:3:3:33 | declaration | isFromUninstantiatedTemplate(fn) |
13+
| CPP-205.cpp:3:15:3:15 | declaration of y | isFromUninstantiatedTemplate(fn) |
14+
| CPP-205.cpp:3:15:3:15 | y | isFromUninstantiatedTemplate(fn) |
15+
| CPP-205.cpp:3:17:3:31 | 5 | isFromTemplateInstantiation(fn) |
16+
| CPP-205.cpp:4:3:4:11 | return ... | isFromTemplateInstantiation(fn) |
17+
| CPP-205.cpp:4:3:4:11 | return ... | isFromUninstantiatedTemplate(fn) |
18+
| CPP-205.cpp:4:10:4:10 | 0 | isFromTemplateInstantiation(fn) |
19+
| CPP-205.cpp:4:10:4:10 | 0 | isFromUninstantiatedTemplate(fn) |
2320
| CPP-205.cpp:7:5:7:8 | definition of main | function declaration entry for int main() |
2421
| CPP-205.cpp:7:5:7:8 | main | function int main() |
25-
| CPP-205.cpp:7:12:9:1 | { ... } | |
26-
| CPP-205.cpp:8:3:8:15 | return ... | |
27-
| CPP-205.cpp:8:10:8:11 | call to fn | |
28-
| CPP-205.cpp:8:13:8:13 | 0 | |
29-
| file://:0:0:0:0 | (unnamed parameter 0) | parameter for __va_list_tag& __va_list_tag::operator=(__va_list_tag const&) |
30-
| file://:0:0:0:0 | (unnamed parameter 0) | parameter for __va_list_tag& __va_list_tag::operator=(__va_list_tag&&) |
31-
| file://:0:0:0:0 | __super | |
32-
| file://:0:0:0:0 | __va_list_tag | |
33-
| file://:0:0:0:0 | operator= | function __va_list_tag& __va_list_tag::operator=(__va_list_tag const&) |
34-
| file://:0:0:0:0 | operator= | function __va_list_tag& __va_list_tag::operator=(__va_list_tag&&) |
35-
| file://:0:0:0:0 | y | |

0 commit comments

Comments
 (0)