Skip to content

Commit

Permalink
Merge branch 'rh/abstract-value-analysis' into rh/abstract-value-anal…
Browse files Browse the repository at this point in the history
…ysis-worklist

# Conflicts:
#	cpg-analysis/src/main/kotlin/de/fraunhofer/aisec/cpg/analysis/abstracteval/AbstractEvaluator.kt
#	cpg-core/src/main/kotlin/de/fraunhofer/aisec/cpg/helpers/EOGWorklist.kt
  • Loading branch information
CodingDepot committed Oct 16, 2024
2 parents 3e3c094 + 344ea58 commit cc8eb48
Show file tree
Hide file tree
Showing 305 changed files with 12,079 additions and 6,716 deletions.
4 changes: 2 additions & 2 deletions .github/CODEOWNERS
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -6,8 +6,8 @@ cpg-language-go @oxisto
*.ts @oxisto
cpg-language-typescript @oxisto

*.py @maximiliankaul
cpg-language-python @maximiliankaul
*.py @maximiliankaul @lshala
cpg-language-python @maximiliankaul @lshala

*.c @peckto
*.cpp @peckto
Expand Down
31 changes: 11 additions & 20 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,9 @@ on:

jobs:
build:
runs-on: [self-hosted, linux, x64, faster]
runs-on: self-hosted
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of SonarQube analysis
- run: |
cp gradle.properties.example gradle.properties
- uses: actions/setup-java@v4
Expand All @@ -41,11 +39,6 @@ jobs:
- name: Setup neo4j
run: |
docker run -d --env NEO4J_AUTH=neo4j/password -p7474:7474 -p7687:7687 neo4j || true
- name: Cache SonarCloud packages
uses: actions/cache@v4
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
- name: Determine Version
run: |
# determine version from tag
Expand All @@ -67,23 +60,21 @@ jobs:
if [ -d "/opt/hostedtoolcache/Python" ]; then
find /opt/hostedtoolcache/Python/ -name libjep.so -exec sudo cp '{}' /usr/lib/ \;
fi
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v4
- name: Build ${{ env.version }}
run: |
if [ "$SONAR_TOKEN" != "" ]
then
./gradlew --parallel -Pversion=$VERSION spotlessCheck -x spotlessApply build -x distZip -x distTar sonar performanceTest integrationTest \
-Dsonar.projectKey=Fraunhofer-AISEC_cpg \
-Dsonar.organization=fraunhofer-aisec \
-Dsonar.host.url=https://sonarcloud.io \
-Dsonar.token=$SONAR_TOKEN
else
./gradlew --parallel -Pversion=$VERSION spotlessCheck -x spotlessApply build -x distZip -x distTar performanceTest integrationTest
fi
./gradlew --parallel -Pversion=$VERSION spotlessCheck -x spotlessApply build -x distZip -x distTar koverXmlReport koverHtmlReport performanceTest integrationTest
id: build
env:
VERSION: ${{ env.version }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Code Coverage
uses: codecov/codecov-action@v4
with:
fail_ci_if_error: true
files: ./cpg-all/build/reports/kover/report.xml
token: ${{ secrets.CODECOV_TOKEN }}
verbose: true
- name: Prepare test and coverage reports
if: ${{ always() }}
run: |
Expand Down
1 change: 0 additions & 1 deletion .gitignore
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,6 @@ out
.data/
logs
/lsp/*.log
*.class

*.dylib
*.so
Expand Down
21 changes: 11 additions & 10 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# Code Property Graph
[![Actions Status](https://github.com/Fraunhofer-AISEC/cpg/workflows/build/badge.svg)](https://github.com/Fraunhofer-AISEC/cpg/actions)
[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=Fraunhofer-AISEC_cpg&metric=alert_status)](https://sonarcloud.io/dashboard?id=Fraunhofer-AISEC_cpg) [![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=Fraunhofer-AISEC_cpg&metric=security_rating)](https://sonarcloud.io/dashboard?id=Fraunhofer-AISEC_cpg) [![Coverage](https://sonarcloud.io/api/project_badges/measure?project=Fraunhofer-AISEC_cpg&metric=coverage)](https://sonarcloud.io/dashboard?id=Fraunhofer-AISEC_cpg) [![](https://jitpack.io/v/Fraunhofer-AISEC/cpg.svg)](https://jitpack.io/#Fraunhofer-AISEC/cpg)
[![codecov](https://codecov.io/gh/Fraunhofer-AISEC/cpg/graph/badge.svg?token=XBXZZOQIID)](https://codecov.io/gh/Fraunhofer-AISEC/cpg) [![](https://jitpack.io/v/Fraunhofer-AISEC/cpg.svg)](https://jitpack.io/#Fraunhofer-AISEC/cpg)

A simple library to extract a *code property graph* out of source code. It has support for multiple passes that can extend the analysis after the graph is constructed. It currently supports C/C++ (C17), Java (Java 13) and has experimental support for Golang, Python and TypeScript. Furthermore, it has support for the [LLVM IR](http://llvm.org/docs/LangRef.html) and thus, theoretically support for all languages that compile using LLVM.

Expand Down Expand Up @@ -128,15 +128,16 @@ Languages are maintained to different degrees, and are noted in the table below

The current state of languages is:

| Language | Module | Branch | State |
|---|---|---|---|
| Java | cpg-language-java | [main](https://github.com/Fraunhofer-AISEC/cpg) | `maintained` |
| C++ | cpg-language-cxx | [main](https://github.com/Fraunhofer-AISEC/cpg) | `maintained` |
| Python | cpg-language-python | [main](https://github.com/Fraunhofer-AISEC/cpg) | `maintained` |
| Go | cpg-language-go | [main](https://github.com/Fraunhofer-AISEC/cpg) | `maintained` |
| LLVM | cpg-language-llvm | [main](https://github.com/Fraunhofer-AISEC/cpg) | `incubating` |
| TypeScript/JavaScript | cpg-language-typescript | [main](https://github.com/Fraunhofer-AISEC/cpg) | `experimental` |
| Ruby | cpg-language-ruby | [main](https://github.com/Fraunhofer-AISEC/cpg) | `experimental` |
| Language | Module | Branch | State |
|--------------------------|---------------------------------------|-------------------------------------------------------------------------|----------------|
| Java (Source) | cpg-language-java | [main](https://github.com/Fraunhofer-AISEC/cpg) | `maintained` |
| C++ | cpg-language-cxx | [main](https://github.com/Fraunhofer-AISEC/cpg) | `maintained` |
| Python | cpg-language-python | [main](https://github.com/Fraunhofer-AISEC/cpg) | `maintained` |
| Go | cpg-language-go | [main](https://github.com/Fraunhofer-AISEC/cpg) | `maintained` |
| JVM (Bytecode) | cpg-language-jvm | [main](https://github.com/Fraunhofer-AISEC/cpg) | `incubating` |
| LLVM | cpg-language-llvm | [main](https://github.com/Fraunhofer-AISEC/cpg) | `incubating` |
| TypeScript/JavaScript | cpg-language-typescript | [main](https://github.com/Fraunhofer-AISEC/cpg) | `experimental` |
| Ruby | cpg-language-ruby | [main](https://github.com/Fraunhofer-AISEC/cpg) | `experimental` |
| {OpenQASM,Python-Qiskit} | cpg-language-{openqasm,python-qiskit} | [quantum-cpg](https://github.com/Fraunhofer-AISEC/cpg/tree/quantum-cpg) | `experimental` |

### Languages and Configuration
Expand Down
19 changes: 6 additions & 13 deletions build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@
//
plugins {
id("org.jetbrains.dokka")
id("org.sonarqube")
id("io.github.gradle-nexus.publish-plugin")
}

Expand Down Expand Up @@ -77,18 +76,6 @@ fun generateDokkaWithVersionTag(dokkaMultiModuleTask: org.jetbrains.dokka.gradle
}


//
// Configure sonarqube for the whole cpg project
//
sonarqube {
properties {
property("sonar.sourceEncoding", "UTF-8")
// The report part is either relative to the submodules or the main module. We want to specify our
// aggregated jacoco report here
property("sonar.coverage.jacoco.xmlReportPaths", "../cpg-all/build/reports/kover/report.xml,cpg-all/build/reports/kover/report.xml")
}
}

/**
* Publishing to maven central
*/
Expand Down Expand Up @@ -150,3 +137,9 @@ val enableRubyFrontend: Boolean by extra {
enableRubyFrontend.toBoolean()
}
project.logger.lifecycle("Ruby frontend is ${if (enableRubyFrontend) "enabled" else "disabled"}")

val enableJVMFrontend: Boolean by extra {
val enableJVMFrontend: String? by project
enableJVMFrontend.toBoolean()
}
project.logger.lifecycle("JVM frontend is ${if (enableJVMFrontend) "enabled" else "disabled"}")
1 change: 0 additions & 1 deletion buildSrc/build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,6 @@ dependencies {
implementation(libs.kotlin.gradle)
implementation(libs.dokka.gradle)
implementation(libs.kover.gradle)
implementation(libs.sonarqube.gradle)
implementation(libs.spotless.gradle)
implementation(libs.nexus.publish.gradle)
implementation(files(libs.javaClass.superclass.protectionDomain.codeSource.location)) // this is only there to be able to import 'LibrariesForLibs' in the convention plugins to access the version catalog in buildSrc
Expand Down
4 changes: 1 addition & 3 deletions buildSrc/src/main/kotlin/cpg.common-conventions.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -107,7 +107,7 @@ kotlin {

tasks.withType<KotlinCompile> {
compilerOptions {
freeCompilerArgs = listOf("-opt-in=kotlin.RequiresOptIn", "-Xcontext-receivers")
freeCompilerArgs = listOf("-opt-in=kotlin.RequiresOptIn", "-opt-in=kotlin.uuid.ExperimentalUuidApi", "-Xcontext-receivers")
}
}

Expand Down Expand Up @@ -148,8 +148,6 @@ val performanceTest = tasks.register<Test>("performanceTest") {
maxParallelForks = 1
// make sure that several performance tests (e.g. in different frontends) also do NOT run in parallel
usesService(serialExecutionService)

mustRunAfter(tasks.getByPath(":sonar"))
}

// A build service that ensures serial execution of a group of tasks
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,12 +11,17 @@ val enablePythonFrontend: Boolean by rootProject.extra
val enableLLVMFrontend: Boolean by rootProject.extra
val enableTypeScriptFrontend: Boolean by rootProject.extra
val enableRubyFrontend: Boolean by rootProject.extra
val enableJVMFrontend: Boolean by rootProject.extra

dependencies {
if (enableJavaFrontend) {
api(project(":cpg-language-java"))
kover(project(":cpg-language-java"))
}
if (enableJVMFrontend) {
api(project(":cpg-language-jvm"))
kover(project(":cpg-language-jvm"))
}
if (enableCXXFrontend) {
api(project(":cpg-language-cxx"))
kover(project(":cpg-language-cxx"))
Expand Down
12 changes: 12 additions & 0 deletions codecov.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
coverage:
range: "70...95"
status:
project:
default:
target: auto
threshold: 0.5%
patch:
default:
target: 75%
comment:
layout: "condensed_header, files, condensed_footer"
2 changes: 2 additions & 0 deletions configure_frontends.sh
Original file line number Diff line number Diff line change
Expand Up @@ -58,3 +58,5 @@ answerTypescript=$(ask "Do you want to enable the TypeScript frontend? (currentl
setProperty "enableTypeScriptFrontend" $answerTypescript
answerRuby=$(ask "Do you want to enable the Ruby frontend? (currently $(getProperty "enableRubyFrontend"))")
setProperty "enableRubyFrontend" $answerRuby
answerJVM=$(ask "Do you want to enable the JVM frontend? (currently $(getProperty "enableJVMFrontend"))")
setProperty "enableJVMFrontend" $answerJVM
10 changes: 6 additions & 4 deletions cpg-all/build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,12 @@ publishing {
}
}

repositories {
maven {
setUrl("https://jitpack.io")
}
}

dependencies {
// this exposes all of our (published) modules as dependency
api(projects.cpgConsole)
Expand All @@ -28,7 +34,3 @@ dependencies {
kover(projects.cpgAnalysis)
kover(projects.cpgNeo4j)
}

val sonar = tasks.getByPath(":sonar")
sonar.dependsOn(tasks.named("koverHtmlReport"))
sonar.dependsOn(tasks.named("koverXmlReport"))
Original file line number Diff line number Diff line change
Expand Up @@ -32,16 +32,10 @@ import de.fraunhofer.aisec.cpg.graph.invoke
import de.fraunhofer.aisec.cpg.graph.statements.DeclarationStatement
import de.fraunhofer.aisec.cpg.graph.statements.ForStatement
import de.fraunhofer.aisec.cpg.graph.statements.expressions.*
import de.fraunhofer.aisec.cpg.passes.EdgeCachePass
import de.fraunhofer.aisec.cpg.passes.astParent
import org.slf4j.Logger
import org.slf4j.LoggerFactory

/**
* This [ValueEvaluator] can resolve multiple possible values of a node.
*
* It requires running the [EdgeCachePass] after the translation to add all necessary edges.
*/
/** This [ValueEvaluator] can resolve multiple possible values of a node. */
class MultiValueEvaluator : ValueEvaluator() {
companion object {
const val MAX_DEPTH: Int = 20
Expand Down Expand Up @@ -268,7 +262,8 @@ class MultiValueEvaluator : ValueEvaluator() {
forStatement.initializerStatement == node || // The node is the initialization
(initializerDecl != null &&
initializerDecl ==
node.astParent) || // The parent of the node is the initializer of the loop
node.astParent) || // The parent of the node is the initializer of the
// loop
// variable
forStatement.iterationStatement ==
node || // The node or its parent are the iteration statement of the loop
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -180,7 +180,7 @@ open class ValueEvaluator(
"<=" -> handleLEq(lhsValue, rhsValue, expr)
"==" -> handleEq(lhsValue, rhsValue, expr)
"!=" -> handleNEq(lhsValue, rhsValue, expr)
else -> cannotEvaluate(expr as Node, this)
else -> cannotEvaluate(expr, this)
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -28,14 +28,11 @@ package de.fraunhofer.aisec.cpg.analysis.fsm
import de.fraunhofer.aisec.cpg.graph.Node
import de.fraunhofer.aisec.cpg.graph.declarations.ParameterDeclaration
import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration
import de.fraunhofer.aisec.cpg.graph.edge.Properties
import de.fraunhofer.aisec.cpg.graph.edge.PropertyEdge
import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement
import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression
import de.fraunhofer.aisec.cpg.graph.statements.expressions.ConstructExpression
import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression
import de.fraunhofer.aisec.cpg.graph.statements.expressions.Reference
import de.fraunhofer.aisec.cpg.passes.astParent
import org.slf4j.Logger
import org.slf4j.LoggerFactory

Expand Down Expand Up @@ -435,14 +432,12 @@ open class DFAOrderEvaluator(
val outNodes = mutableListOf<Node>()
outNodes +=
if (eliminateUnreachableCode) {
PropertyEdge.unwrap(
node.nextEOGEdges.filter { e -> e.getProperty(Properties.UNREACHABLE) != true }
)
node.nextEOGEdges.filter { e -> e.unreachable != true }.map { it.end }
} else {
node.nextEOG
}

if (outNodes.size == 1 && node.nextEOG.size == 1) {
if (outNodes.size == 1 && node.nextEOGEdges.size == 1) {
// We only have one node following this node, so we
// simply propagate the current eogPath to the next node.
outNodes[0].addEogPath(eogPath)
Expand Down
Loading

0 comments on commit cc8eb48

Please sign in to comment.