rapx/analysis/opt/checking/encoding_checking/
vec_encoding.rs

1use std::collections::HashSet;
2
3use once_cell::sync::OnceCell;
4
5use rustc_middle::mir::Local;
6use rustc_middle::ty::TyCtxt;
7use rustc_span::Span;
8
9use super::{report_encoding_bug, value_is_from_const};
10use crate::analysis::core::dataflow::graph::{DFSStatus, Direction, Graph, GraphNode, NodeOp};
11use crate::analysis::utils::def_path::DefPath;
12
13static DEFPATHS: OnceCell<DefPaths> = OnceCell::new();
14
15struct DefPaths {
16    string_from_utf8: DefPath,
17    string_from_utf8_lossy: DefPath,
18    vec_new: DefPath,
19    vec_with_capacity: DefPath,
20    vec_push: DefPath,
21}
22
23impl DefPaths {
24    // only supports push operation (can't support direct assignment)
25    pub fn new(tcx: &TyCtxt<'_>) -> Self {
26        Self {
27            string_from_utf8: DefPath::new("std::string::String::from_utf8", tcx),
28            string_from_utf8_lossy: DefPath::new("std::string::String::from_utf8_lossy", tcx),
29            vec_new: DefPath::new("std::vec::Vec::new", tcx),
30            vec_with_capacity: DefPath::new("std::vec::Vec::with_capacity", tcx),
31            vec_push: DefPath::new("std::vec::Vec::push", tcx),
32        }
33    }
34}
35
36use crate::analysis::opt::OptCheck;
37
38pub struct VecEncodingCheck {
39    record: Vec<Span>,
40}
41
42fn extract_vec_if_is_string_from(graph: &Graph, node: &GraphNode) -> Option<Local> {
43    let def_paths = &DEFPATHS.get().unwrap();
44    for op in node.ops.iter() {
45        if let NodeOp::Call(def_id) = op {
46            if *def_id == def_paths.string_from_utf8.last_def_id()
47                || *def_id == def_paths.string_from_utf8_lossy.last_def_id()
48            {
49                let in_edge = &graph.edges[node.in_edges[0]];
50                return Some(in_edge.src);
51            }
52        }
53    }
54    None
55}
56
57fn find_upside_vec_new_node(graph: &Graph, node_idx: Local) -> Option<Local> {
58    let mut vec_new_node_idx = None;
59    let def_paths = &DEFPATHS.get().unwrap();
60    // Warning: may traverse all upside nodes and the new result will overwrite on the previous result
61    let mut node_operator = |graph: &Graph, idx: Local| -> DFSStatus {
62        let node = &graph.nodes[idx];
63        for op in node.ops.iter() {
64            if let NodeOp::Call(def_id) = op {
65                if *def_id == def_paths.vec_new.last_def_id()
66                    || *def_id == def_paths.vec_with_capacity.last_def_id()
67                {
68                    vec_new_node_idx = Some(idx);
69                    return DFSStatus::Stop;
70                }
71            }
72        }
73        DFSStatus::Continue
74    };
75    let mut seen = HashSet::new();
76    graph.dfs(
77        node_idx,
78        Direction::Upside,
79        &mut node_operator,
80        &mut Graph::always_true_edge_validator,
81        false,
82        &mut seen,
83    );
84    vec_new_node_idx
85}
86
87// todo: we can find downside index node too
88
89fn find_downside_push_node(graph: &Graph, node_idx: Local) -> Vec<Local> {
90    let mut push_node_idxs: Vec<Local> = Vec::new();
91    let def_paths = &DEFPATHS.get().unwrap();
92    // Warning: traverse all downside nodes
93    let mut node_operator = |graph: &Graph, idx: Local| -> DFSStatus {
94        let node = &graph.nodes[idx];
95        for op in node.ops.iter() {
96            if let NodeOp::Call(def_id) = op {
97                if *def_id == def_paths.vec_push.last_def_id() {
98                    push_node_idxs.push(idx);
99                    break;
100                }
101            }
102        }
103        DFSStatus::Continue
104    };
105    let mut seen = HashSet::new();
106    graph.dfs(
107        node_idx,
108        Direction::Downside,
109        &mut node_operator,
110        &mut Graph::always_true_edge_validator,
111        true,
112        &mut seen,
113    );
114    push_node_idxs
115}
116
117impl OptCheck for VecEncodingCheck {
118    fn new() -> Self {
119        Self { record: Vec::new() }
120    }
121
122    fn check(&mut self, graph: &Graph, tcx: &TyCtxt) {
123        let _ = &DEFPATHS.get_or_init(|| DefPaths::new(tcx));
124        for node in graph.nodes.iter() {
125            if let Some(vec_node_idx) = extract_vec_if_is_string_from(graph, node) {
126                if let Some(vec_new_idx) = find_upside_vec_new_node(graph, vec_node_idx) {
127                    let vec_push_indice = find_downside_push_node(graph, vec_new_idx);
128                    for vec_push_idx in vec_push_indice {
129                        let pushed_value_edge = &graph.edges[graph.nodes[vec_push_idx].in_edges[1]]; // The second parameter
130                        let pushed_value_idx = pushed_value_edge.src;
131                        if !value_is_from_const(graph, pushed_value_idx) {
132                            self.record.clear();
133                            return;
134                        }
135                    }
136                    self.record.push(node.span);
137                }
138            }
139        }
140    }
141
142    fn report(&self, graph: &Graph) {
143        for span in self.record.iter() {
144            report_encoding_bug(graph, *span);
145        }
146    }
147
148    fn cnt(&self) -> usize {
149        self.record.len()
150    }
151}
rapx/analysis/opt/checking/encoding_checking/vec_encoding.rs

rapx/analysis/opt/checking/encoding_checking/
vec_encoding.rs
