Skip to content

C++: Add InBoundsPointerDeref.qll to experimental #3422

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
May 13, 2020
Merged

C++: Add InBoundsPointerDeref.qll to experimental #3422

merged 4 commits into from
May 13, 2020

Conversation

criemen
Copy link
Collaborator

@criemen criemen commented May 6, 2020

This library proves that a subset of pointer dereferences in a progam are safe, i.e. in-bounds.

On its own, it is not very useful.
However, it
a) showcases how to use the IR-based RangeAnalysis and the experimental ArrayLengthAnalysis together
b) It can be a starting point to detect out-of-bounds-pointer accesses
c) The analysis can be used as a filter on imprecise (bug-finding) queries that detect potentially OOB memory accesses, to remove false positives.

criemen added 2 commits May 6, 2020 16:36
@criemen
This library proves that a subset of pointer dereferences in a progra…
1c9fa4e 
…m are safe, i.e. in-bounds.

It does so by first defining what a pointer dereference is (on the IR
`Instruction` level), and then using the array length analysis and the range
analysis together to prove that some of these pointer dereferences are safe.
@criemen
Add new testcase to arraylengthanalysis library.
e397e5d
@criemen criemen requested a review from a team as a code owner May 6, 2020 14:40
@jbj jbj added the C++ label May 7, 2020
jbj
jbj reviewed May 7, 2020
View reviewed changes
rdmarsh2
rdmarsh2 reviewed May 7, 2020
View reviewed changes
rdmarsh2
rdmarsh2 approved these changes May 13, 2020
View reviewed changes
Copy link
Contributor

@rdmarsh2 rdmarsh2 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM now. Thanks!

@rdmarsh2 rdmarsh2 merged commit 396ccda into github:master May 13, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jbj jbj jbj left review comments

+1 more reviewer

@rdmarsh2 rdmarsh2 rdmarsh2 approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees

@rdmarsh2 rdmarsh2

Labels
C++
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@criemen @jbj @rdmarsh2