fraunhofer-aisec / codyze Goto Github PK

View Code? Open in Web Editor NEW

81.0 81.0 19.0 74.9 MB

Codyze is a static analyzer for Java, C, C++ based on code property graphs

Home Page: https://www.codyze.io

License: Apache License 2.0

Dockerfile 0.12% Kotlin 94.19% Java 4.45% C++ 0.49% Go 0.27% Python 0.12% ANTLR 0.37%

analyzer code-property-graph static-analysis

codyze's People

Contributors

Stargazers

Watchers

Forkers

oxisto neargdd josepaiva94 magnologan zsdlove canliture nashid shahrzadav mingwen-cs zjbreeze bravery9 maijun-sec classicvalues 0xniko secanalyzer 75acol obraunsdorf gmh5225 loongwalker

codyze's Issues

Infinite recursion in deserialization of CPG

When deserializing a fairly complex project, the OGM deserialization in OverflowDatabase gets into an infinite recursion of creating edges for vertices, leading to a StackOverflowError.

Steps to reproduce:

git clone https://github.com/11112222/WebGoat5_0_32555lines.git webgoat
build/install/codyze/bin/codyze -c -s webgoat/WebGoat5.0/JavaSource/ -m src/dist/mark

Result:

java.util.concurrent.ExecutionException: java.lang.StackOverflowError
	at java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:395)
	at java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:2093)
	at de.fraunhofer.aisec.analysis.Main.call(Main.java:84)
	at de.fraunhofer.aisec.analysis.Main.call(Main.java:27)
	at picocli.CommandLine.executeUserObject(CommandLine.java:1783)
	at picocli.CommandLine.access$900(CommandLine.java:145)
	at picocli.CommandLine$RunLast.handle(CommandLine.java:2141)
	at picocli.CommandLine$RunLast.handle(CommandLine.java:2108)
	at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:1975)
	at picocli.CommandLine.execute(CommandLine.java:1904)
	at de.fraunhofer.aisec.analysis.Main.main(Main.java:54)
Caused by: java.lang.StackOverflowError
	at java.base/java.util.concurrent.ConcurrentHashMap.get(ConcurrentHashMap.java:936)
	at org.ehcache.sizeof.util.WeakIdentityConcurrentMap.get(WeakIdentityConcurrentMap.java:91)
	at org.ehcache.sizeof.ObjectGraphWalker.shouldWalkClass(ObjectGraphWalker.java:248)
	at org.ehcache.sizeof.ObjectGraphWalker.walk(ObjectGraphWalker.java:170)
	at org.ehcache.sizeof.SizeOf.deepSizeOf(SizeOf.java:71)
	at org.ehcache.impl.internal.sizeof.DefaultSizeOfEngine.sizeof(DefaultSizeOfEngine.java:52)
	at org.ehcache.impl.internal.store.heap.OnHeapStore.getSizeOfKeyValuePairs(OnHeapStore.java:982)
	at org.ehcache.impl.internal.store.heap.OnHeapStore.makeValue(OnHeapStore.java:1527)
	at org.ehcache.impl.internal.store.heap.OnHeapStore.makeValue(OnHeapStore.java:1514)
	at org.ehcache.impl.internal.store.heap.OnHeapStore.newUpdateValueHolder(OnHeapStore.java:1444)
	at org.ehcache.impl.internal.store.heap.OnHeapStore.lambda$put$6(OnHeapStore.java:352)
	at org.ehcache.impl.internal.concurrent.ConcurrentHashMap.compute(ConcurrentHashMap.java:1958)
	at org.ehcache.impl.internal.store.heap.SimpleBackend.compute(SimpleBackend.java:101)
	at org.ehcache.impl.internal.store.heap.OnHeapStore.put(OnHeapStore.java:334)
	at org.ehcache.core.Ehcache.doPut(Ehcache.java:94)
	at org.ehcache.core.EhcacheBase.put(EhcacheBase.java:189)
	at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.getSuperclasses(OverflowDatabase.java:780)
	at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.createVertex(OverflowDatabase.java:467)
	at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.connect(OverflowDatabase.java:652)
	at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.createEdges(OverflowDatabase.java:631)
	at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.createVertex(OverflowDatabase.java:483)
	at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.connect(OverflowDatabase.java:652)
	at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.connectAll(OverflowDatabase.java:674)
	at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.createEdges(OverflowDatabase.java:626)
	at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.createVertex(OverflowDatabase.java:483)
	at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.connect(OverflowDatabase.java:652)
        ...

Line numbers don't match files when Codyze CLI is executed with a folder (-s parameter)

Hello,

I extracted the test cases corresponding to JCA in this repo so it's easier for me to test and load the results into SonarQube/SonarCloud:

When I run Codyze with this command line I'm getting results for AESCBC.java (findings-AESCBC.json.txt)
~/Softwares/codyze-1.4.1/bin/codyze -c -s=src/main/java/jca/AESCBC.java -m=/home/alex/Softwares/codyze-1.4.1/mark/bouncycastle/ --no-good-findings

When I run this command line looking at all the Java files under the directory src/main/java/jca/, I'm getting different results for AESCBC.java (findings-all.json.txt).

~/Softwares/codyze-1.4.1/bin/codyze -c -s=src/main/java/jca/ -m=/home/alex/Softwares/codyze-1.4.1/mark/bouncycastle/ --no-good-findings

I'm getting 21 problems when I target only AESCBC.java, while I'm getting only 13 problems for AESCBC.java when I target the entire folder.

I would expect to see the same quantity of problems because the files under the directory src/main/java/jca/ have no relationship.

The second problem is the inconsistency of the line numbers when targeting a folder.
For example, there is a problem raised on AESGMAC.java on line 17 (so 18 for real), while there is not 66 characters on this line but only 44:

  "locations": [
    {
      "region": {
        "endLine": 17,
        "endColumn": 66,
        "startColumn": 9,
        "startLine": 17
      },
      "artifactLocation": {"uri": "file:/home/alex/Repos/Java_Validation/codyze-java-testcases/src/main/java/jca/AESGMAC.java"}
    },

LSP analysis fails a second time it is run

The LSP server only seems to produce a valid result for the first analysis. Every other other analysis run after the server is already started seems to produce erroneous results.

The analysis process is very slow

Hi,
I randomly detect a few open source projects, but found that the analysis process is very very slow, and no results have been produced, nor do I know how long it will produce results, whether there are some optimization measures, or command parameters to fast?this is a random project I use the command ,./Codyze -c -s=/root/WebGoat5.0 -m=/root/codyze/src/test/resources/mark_java, at the earliest time./codyze -c --typestate NFA --interproc -s=/ root/WebGoat5.0 -m=/root/codyze/src/test/resources/mark_java, but they are both very slow, have not been completed, the test was initiated at night, and there was no result in the morning,

eclipse plugin not existed ：https://update.breakpoint-security.de

LSP is broken

Seems to have been caused by restructuring the overflow Db access. Will provide a detailed log about the error.

Add command line switches to configure CPG options

Currently, it is not possible to configure CPG options, i.e. whether to parse includes or not or to configure additional include directories.

Add support for edge properties once the CPG supports them

Depends on Fraunhofer-AISEC/cpg#183 and the resulting implementation specifics, the OverflowDB OGM needs to be updated for this

Include documentation about the CLI mode

We should include basic documentation about the CLI mode in the codyze binary.

Schedule release for 1.4.0

We're preparing for release of Codyze 1.4.0.

Are there any issues/contributions you want to add?

To be integrated/fixed:

Output of findings must use descriptions from findingDescriptions.json

Currently the output for the findings shown to the user in either the Crymlin console or via the LSP interface is rather cryptic (MarkRuleEvaluationFinding: line xxx ...). All findings should have corresponding descriptions in findingDescriptions.json which should be used as output.

Codyze cannot parse CPG

I am trying to parse the CPG using the CPG (albeit with Codyze, so I hope the problem is not related to that) and the following error occurs:

java.util.concurrent.ExecutionException: java.lang.RuntimeException: Unable to calculate the type of a parameter of a method call. Method call: statement.setInitializerStatement(handle(ctx.getInitializerStatement())), Parameter: handle(ctx.getInitializerStatement())
	at java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:395)
	at java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:2086)
	at de.fraunhofer.aisec.analysis.Main.call(Main.java:91)
	at de.fraunhofer.aisec.analysis.Main.call(Main.java:27)
	at picocli.CommandLine.executeUserObject(CommandLine.java:1933)
	at picocli.CommandLine.access$1200(CommandLine.java:145)
	at picocli.CommandLine$RunLast.executeUserObjectOfLastSubcommandWithSameParent(CommandLine.java:2332)
	at picocli.CommandLine$RunLast.handle(CommandLine.java:2326)
	at picocli.CommandLine$RunLast.handle(CommandLine.java:2291)
	at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:2159)
	at picocli.CommandLine.execute(CommandLine.java:2058)
	at de.fraunhofer.aisec.analysis.Main.main(Main.java:61)
Caused by: java.lang.RuntimeException: Unable to calculate the type of a parameter of a method call. Method call: statement.setInitializerStatement(handle(ctx.getInitializerStatement())), Parameter: handle(ctx.getInitializerStatement())
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.solveArguments(JavaParserFacade.java:304)
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.solve(JavaParserFacade.java:319)
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.solve(JavaParserFacade.java:183)
	at com.github.javaparser.symbolsolver.JavaSymbolSolver.resolveDeclaration(JavaSymbolSolver.java:161)
	at com.github.javaparser.ast.expr.MethodCallExpr.resolve(MethodCallExpr.java:313)
	at de.fraunhofer.aisec.cpg.frontends.java.ExpressionHandler.handleMethodCallExpression(ExpressionHandler.java:670)
	at de.fraunhofer.aisec.cpg.frontends.Handler.handle(Handler.java:111)
	at de.fraunhofer.aisec.cpg.frontends.java.StatementAnalyzer.handleExpressionStatement(StatementAnalyzer.java:88)
	at de.fraunhofer.aisec.cpg.frontends.Handler.handle(Handler.java:111)
	at de.fraunhofer.aisec.cpg.frontends.java.StatementAnalyzer.handleBlockStatement(StatementAnalyzer.java:385)
	at de.fraunhofer.aisec.cpg.frontends.Handler.handle(Handler.java:111)
	at de.fraunhofer.aisec.cpg.frontends.java.StatementAnalyzer.handleIfStatement(StatementAnalyzer.java:134)
	at de.fraunhofer.aisec.cpg.frontends.Handler.handle(Handler.java:111)
	at de.fraunhofer.aisec.cpg.frontends.java.StatementAnalyzer.handleBlockStatement(StatementAnalyzer.java:385)
	at de.fraunhofer.aisec.cpg.frontends.Handler.handle(Handler.java:111)
	at de.fraunhofer.aisec.cpg.frontends.java.DeclarationHandler.handleMethodDeclaration(DeclarationHandler.java:193)
	at de.fraunhofer.aisec.cpg.frontends.java.DeclarationHandler.lambda$new$0(DeclarationHandler.java:56)
	at de.fraunhofer.aisec.cpg.frontends.Handler.handle(Handler.java:111)
	at de.fraunhofer.aisec.cpg.frontends.java.DeclarationHandler.handleClassOrInterfaceDeclaration(DeclarationHandler.java:253)
	at de.fraunhofer.aisec.cpg.frontends.java.DeclarationHandler.lambda$new$2(DeclarationHandler.java:65)
	at de.fraunhofer.aisec.cpg.frontends.Handler.handle(Handler.java:111)
	at de.fraunhofer.aisec.cpg.frontends.java.JavaLanguageFrontend.parse(JavaLanguageFrontend.java:157)
	at de.fraunhofer.aisec.cpg.TranslationManager.runFrontends(TranslationManager.java:241)
	at de.fraunhofer.aisec.cpg.TranslationManager.lambda$analyze$0(TranslationManager.java:98)
	at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1764)
	at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.exec(CompletableFuture.java:1756)
	at java.base/java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:290)
	at java.base/java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1016)
	at java.base/java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1665)
	at java.base/java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1598)
	at java.base/java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:183)
Caused by: java.lang.RuntimeException: Error calculating the type of parameter ctx.getInitializerStatement() of method call handle(ctx.getInitializerStatement())
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.solveMethodAsUsage(JavaParserFacade.java:739)
	at com.github.javaparser.symbolsolver.javaparsermodel.TypeExtractor.visit(TypeExtractor.java:320)
	at com.github.javaparser.symbolsolver.javaparsermodel.TypeExtractor.visit(TypeExtractor.java:97)
	at com.github.javaparser.ast.expr.MethodCallExpr.accept(MethodCallExpr.java:115)
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.getTypeConcrete(JavaParserFacade.java:551)
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.getType(JavaParserFacade.java:398)
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.solveArguments(JavaParserFacade.java:300)
	... 30 more
Caused by: UnsolvedSymbolException{context='null', name='CPPASTIfStatement', cause='null'}
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.convertToUsage(JavaParserFacade.java:670)
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.convert(JavaParserFacade.java:728)
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.convert(JavaParserFacade.java:724)
	at com.github.javaparser.symbolsolver.javaparsermodel.declarations.JavaParserParameterDeclaration.getType(JavaParserParameterDeclaration.java:83)
	at com.github.javaparser.symbolsolver.model.resolution.Value.from(Value.java:45)
	at com.github.javaparser.symbolsolver.core.resolution.Context.solveSymbolAsValue(Context.java:76)
	at com.github.javaparser.symbolsolver.javaparsermodel.contexts.StatementContext.solveSymbolAsValue(StatementContext.java:156)
	at com.github.javaparser.symbolsolver.javaparsermodel.contexts.MethodCallExprContext.solveSymbolAsValue(MethodCallExprContext.java:166)
	at com.github.javaparser.symbolsolver.resolution.SymbolSolver.solveSymbolAsValue(SymbolSolver.java:75)
	at com.github.javaparser.symbolsolver.resolution.SymbolSolver.solveSymbolAsValue(SymbolSolver.java:80)
	at com.github.javaparser.symbolsolver.javaparsermodel.TypeExtractor.visit(TypeExtractor.java:330)
	at com.github.javaparser.symbolsolver.javaparsermodel.TypeExtractor.visit(TypeExtractor.java:97)
	at com.github.javaparser.ast.expr.NameExpr.accept(NameExpr.java:79)
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.getTypeConcrete(JavaParserFacade.java:551)
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.getType(JavaParserFacade.java:398)
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.getType(JavaParserFacade.java:380)
	at com.github.javaparser.symbolsolver.javaparsermodel.contexts.MethodCallExprContext.solveMethodAsUsage(MethodCallExprContext.java:115)
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.solveMethodAsUsage(JavaParserFacade.java:745)
	at com.github.javaparser.symbolsolver.javaparsermodel.TypeExtractor.visit(TypeExtractor.java:320)
	at com.github.javaparser.symbolsolver.javaparsermodel.TypeExtractor.visit(TypeExtractor.java:97)
	at com.github.javaparser.ast.expr.MethodCallExpr.accept(MethodCallExpr.java:115)
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.getTypeConcrete(JavaParserFacade.java:551)
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.getType(JavaParserFacade.java:428)
	at com.github.javaparser.symbolsolver.javaparsermodel.JavaParserFacade.solveMethodAsUsage(JavaParserFacade.java:737)

To reproduce: bin/codyze -s ~/Repositories/cpg/src/main/java -c

Prohibit hardcoded/static passwords, IVs or salts

Problem:
Programms may use hardcoded/static passwords, IVs or salts for cryptographic operations. For example, devices may ship with a default password that is coded into the software/firmware. These information often cause vulnerabilities when users don't change the default values.

Example:

byte[] salt = new byte[] { 0x2b, 0x5f, 0x13, 0x20 };
String masterPass = "Test";

// complain about use of hardcoded/static values
KeySpec pbeKeySpec = new PBEKeySpec(masterPass.toCharArray(), salt, 1000);

Proposed solution:
A MARK rule prohibit the use of hardcoded/static passwords, IVs or salts.

Possible blockers:
May require a new builtin function to recognize a hardcoded/static value.

OGM wrapper does not set internal _type property of list relationships if they are null

The OGM wrapper seems to stored internally the type of a list relationship in the property field_name, to instantiate it later with the correct list/collection-subtype. However, there is an issue, if a collection element, that is considered as a relationship, such as the newly introduced annotations field of a Node is null. More specifically, the function vertexToNode crashes because it will look for the property type here:

codyze/src/main/java/de/fraunhofer/aisec/crymlin/connectors/db/OverflowDatabase.java

Lines 347 to 348 in 0d6b6e7

 className = (String) v.property(f.getName() + "_type").value(); 

 collectionType = Class.forName(className);

However, the createEdges function only sets this special property, if the value of that property is not null, probably to not save unnecessary properties.

codyze/src/main/java/de/fraunhofer/aisec/crymlin/connectors/db/OverflowDatabase.java

Line 621 in 0d6b6e7

v.property(f.getName() + "_type", x.getClass().getName());

Even this would be caught by an exception, but this exception tries to rely on the fact that the node property is there, which is not mandatory and thus, the caught exception triggers an exception

Codyze does not handle 'new' expressions properly

Consider the following cpp file:

class MyObject{
public:
    void DoSomething(int);
};

int main() {
    MyObject* ctx;

    ctx = new MyObject();
    ctx->DoSomething(0);
}

and the following MARK file:

package test

entity MyObject {
	var param: int;

	op instantiate {
		MyObject();
	}

	op do {
	    MyObject::DoSomething(param);
	}

}

rule MustBeOne {
    using MyObject as ctx
    ensure ctx.param == 1
    onfail MyFail
}

Codyze will not be able to find the variable with the new assignment. The analysis will fail and a warning will be displayed:

21:46:49,437 WARN  CrymlinQueryWrapper Unexpected: Source of INITIALIZER edge to ConstructExpression is not a VariableDeclaration. Trying to continue anyway

Upgrade to CPG v3.x

Version 3.x of Fraunhofer-AISEC/cpg is available. We should prepare the migration.

C++ temporaries are not resolved via ConstructExpressions

With the following Java code, the constant resolver determines the value of the algorithm ("I AM INCORRECT..."):

PK_Verifier sig_verifier = new PK_Verifier(new RSA_PublicKey(id, 123), "I AM INCORRECT EMSA4(SHA-256)");

With C++, similar code cannot be resolved:

Botan::PK_Verifier sig_verifier(Botan::PubKey(id, 123), "I AM INCORRECT EMSA4(SHA-256)");

Evaluate integration of Fraunhofer-AISEC/cpg#205

Fraunhofer-AISEC/cpg#205 changes the creation of nodes in the CPG. Evaluate if the PR causes problems in codyze.

1.5.0 release is broken

Codyze does not seem to start up:

java.lang.NoClassDefFoundError: Could not initialize class org.codehaus.groovy.vmplugin.v7.Java7
	at org.codehaus.groovy.vmplugin.VMPluginFactory.<clinit>(VMPluginFactory.java:43)
	at org.codehaus.groovy.reflection.GroovyClassValueFactory.<clinit>(GroovyClassValueFactory.java:35)
	at org.codehaus.groovy.reflection.ClassInfo.<clinit>(ClassInfo.java:107)
	at org.codehaus.groovy.reflection.ReflectionCache.getCachedClass(ReflectionCache.java:95)
	at org.codehaus.groovy.reflection.ReflectionCache.<clinit>(ReflectionCache.java:39)
	at org.codehaus.groovy.runtime.metaclass.MetaClassRegistryImpl.registerMethods(MetaClassRegistryImpl.java:209)
	at org.codehaus.groovy.runtime.metaclass.MetaClassRegistryImpl.<init>(MetaClassRegistryImpl.java:107)
	at org.codehaus.groovy.runtime.metaclass.MetaClassRegistryImpl.<init>(MetaClassRegistryImpl.java:85)
	at groovy.lang.GroovySystem.<clinit>(GroovySystem.java:36)
	at org.codehaus.groovy.runtime.InvokerHelper.<clinit>(InvokerHelper.java:86)
	at groovy.lang.GroovyObjectSupport.getDefaultMetaClass(GroovyObjectSupport.java:59)
	at groovy.lang.GroovyObjectSupport.<init>(GroovyObjectSupport.java:32)
	at groovy.lang.Closure.<init>(Closure.java:211)
	at groovy.lang.Closure.<init>(Closure.java:228)
	at groovy.lang.Closure$1.<init>(Closure.java:193)
	at groovy.lang.Closure.<clinit>(Closure.java:193)
	at java.base/java.lang.Class.forName0(Native Method)
	at java.base/java.lang.Class.forName(Class.java:377)
	at picocli.CommandLine$DefaultFactory.loadClosureClass(CommandLine.java:5455)
	at picocli.CommandLine$DefaultFactory.<clinit>(CommandLine.java:5453)
	at picocli.CommandLine.<init>(CommandLine.java:196)
	at de.fraunhofer.aisec.analysis.Main.main(Main.java:61)
Exception in thread "main" java.lang.NoClassDefFoundError: Could not initialize class org.codehaus.groovy.reflection.ReflectionCache
	at org.codehaus.groovy.runtime.dgmimpl.NumberNumberMetaMethod.<clinit>(NumberNumberMetaMethod.java:33)
	at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at java.base/jdk.internal.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:64)
	at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
	at java.base/java.lang.reflect.Constructor.newInstanceWithCaller(Constructor.java:500)
	at java.base/java.lang.reflect.ReflectAccess.newInstance(ReflectAccess.java:128)
	at java.base/jdk.internal.reflect.ReflectionFactory.newInstance(ReflectionFactory.java:350)
	at java.base/java.lang.Class.newInstance(Class.java:645)
	at org.codehaus.groovy.runtime.metaclass.MetaClassRegistryImpl.createMetaMethodFromClass(MetaClassRegistryImpl.java:257)
	at org.codehaus.groovy.runtime.metaclass.MetaClassRegistryImpl.<init>(MetaClassRegistryImpl.java:110)
	at org.codehaus.groovy.runtime.metaclass.MetaClassRegistryImpl.<init>(MetaClassRegistryImpl.java:85)
	at groovy.lang.GroovySystem.<clinit>(GroovySystem.java:36)
	at org.codehaus.groovy.runtime.InvokerHelper.<clinit>(InvokerHelper.java:86)
	at groovy.lang.GroovyObjectSupport.getDefaultMetaClass(GroovyObjectSupport.java:59)
	at groovy.lang.GroovyObjectSupport.<init>(GroovyObjectSupport.java:32)
	at groovy.lang.Closure.<init>(Closure.java:211)
	at groovy.lang.Closure.<init>(Closure.java:228)
	at groovy.lang.Closure$1.<init>(Closure.java:193)
	at groovy.lang.Closure.<clinit>(Closure.java:193)
	at java.base/java.lang.Class.forName0(Native Method)
	at java.base/java.lang.Class.forName(Class.java:377)
	at picocli.CommandLine$DefaultFactory.loadClosureClass(CommandLine.java:5455)
	at picocli.CommandLine$DefaultFactory.<clinit>(CommandLine.java:5453)
	at picocli.CommandLine.<init>(CommandLine.java:196)
	at de.fraunhofer.aisec.analysis.Main.main(Main.java:61)

1.4.1 was working fine

TranslationManager creation in tests is cumbersome

Currently, there are a LOT of functions that create a TranslationManager, and they are almost all the same. With CPG 4.0 we have a breaking change and I am currently hunting down all the places where I need to insert defaultLanguages. We should consolidate all those test functions.

[False Positive] In the correct scenario, a defect is also reported.

TestCode:
1 package WeakEncryption.InadequateRSAPadding;
2
3 import javax.crypto.Cipher;
4
5 public class CWE780_WeakEncryption_InadequateRSAPadding_01 {
6 public void bad() throws Exception {
7 /* POTENTIAL FLAW: Not OAEP */
8 Cipher.getInstance("RSA");
9 }
10
11 public void good() throws Exception {
12 Cipher.getInstance("RSA/ECB/OAEPWithSHA-512AndMGF1Padding");
13 }
14 }

findings.json:
[{
"problem": false,
"locations": [{
"region": {
"endLine": 7,
"endColumn": 32,
"startColumn": 27,
"startLine": 7
},
"artifactLocation": {"uri": "file:/xxx/InadequateRSAPadding/CWE780_WeakEncryption_InadequateRSAPadding_01.java"}
}],
"logMsg": "Rule ID_2_01 verified",
"onfailIdentifier": "Invalid_TR21021_Cipher"
},{
"problem": false,
"locations": [{
"region": {
"endLine": 11,
"endColumn": 66,
"startColumn": 27,
"startLine": 11
},
"artifactLocation": {"uri": "file:/xxx/InadequateRSAPadding/CWE780_WeakEncryption_InadequateRSAPadding_01.java"}
}],
"logMsg": "Rule ID_2_01 verified",
"onfailIdentifier": "Invalid_TR21021_Cipher"
},{
"problem": true,
"locations": [],
"logMsg": "Rule BouncyCastleProvider_Cipher violated",
"onfailIdentifier": "InvalidProvider_Cipher"
},{
"problem": true,
"locations": [{
"region": {
"endLine": 11,
"endColumn": 66,
"startColumn": 27,
"startLine": 11
},
"artifactLocation": {"uri": "file:/xxx/InadequateRSAPadding/CWE780_WeakEncryption_InadequateRSAPadding_01.java"}
}],
"logMsg": "Rule ID_3_5_01 violated",
"onfailIdentifier": "InvalidRSAPadding"
},{
"problem": true,
"locations": [],
"logMsg": "Rule ID_3_5_01 violated",
"onfailIdentifier": "InvalidRSAPadding"
}]

Cipher.getInstance("RSA/ECB/OAEPWithSHA-512AndMGF1Padding");

I think it is a correct scenario, but a defect [InvalidRSAPadding] is also reported [Line Number 11]. The mark rule files shows that the algorithm name is case sensitive. Can it be case-insensitive?

Plugins for IntelliJ and VSCode

Would be nice, since both have a greater "market share" than eclipse.

Add distinct finding descriptions for successfull checks

We generate findings for all checked MARK rules. Findings indicate a rule violation or a successful check. Currently, finding description contains only text for rule violations. These are also shown via LSP on successful checks causing user confusion.

We should add additional descriptions for successful checks.

when try to scan a directory, it seems that only one file is scanned, is it a bug?

codyze vision: 1.4.1

scanning folder: [install dir]\bin\codyze.bat -c -s [folder] -m [install dir]\mark

scanning file: [install dir]\bin\codyze.bat -c -s [folder\RSAPadding.java] -m [install dir]\mark

In the folder, there are many java files. but I only get the result findbug.json with file RSAPadding.java.it seems that only one file is scanned when try to scan a directory.

Can false finding not be displayed in the report?

The findings.json contains false problem (which the problem property is false) and true problem (which the problem property is true). Is there a way to hide the false problem findings? In this way, we check efficiency will be improved.

Heisenbug in tests

Looks like this is still an issue to some degree:

RealBCTest > testSimple() FAILED
    java.util.concurrent.ExecutionException at RealBCTest.java:20
        Caused by: java.lang.StackOverflowError at Class.java:1550

Originally posted by @oxisto in #32 (comment)

Error in installing MARK in Eclipse

I am trying to write MARK rules for JCA, and I have tried to install the MARK plugin on Eclipse based on the instruction provided on Codyze webpage, but I get an error. I used Eclipse versions 2019-06, 2020-09, and the latest version. I also tried it on Ubuntu 20.04.1 LTS with Eclipse 2020-09. None of them have worked. I will attach the error message with this issue.

Codyze api document！

Hello：
Codyze dev：
Is there an API document for Codyze? In the absence of documentation, the following methods cannot be used quickly。
For example：flowFrom() 、flowTo()、how to use？thanks

Action Required: Fix Renovate Configuration

There is an error with this repository's Renovate configuration that needs to be fixed. As a precaution, Renovate will stop PRs until it is resolved.

Location: renovate.json
Error type: The renovate configuration file contains some invalid settings
Message: Invalid configuration option: packageRules[2].allowdVersions

Update Codyze version in command-line mode

The command-line mode uses annotations to create command-line parameters and options. One of them sets the version printed on the command-line:

codyze/src/main/java/de/fraunhofer/aisec/analysis/Main.java

Line 28 in d40df0d

 @Command(name = "codyze", mixinStandardHelpOptions = true, version = "1.0", description = "Codyze finds security flaws in source code", sortOptions = false, usageHelpWidth = 100) 

We should update this version upon release of a new codyze version to match version numbers.

Modify GitHub actions to build every commit

Build on every branch
Publish on vXXX tags/branches

CPG incompability through new ELEMENT_TYPE edge

Fraunhofer-AISEC/cpg#179 will introduce an ELEMENT_TYPE edge between pointer types and element types. The in-memory field has always been there, the only new thing is an actual @Relationship node. Do I need to register this somehow in the codyze ogm mapper?

java.util.concurrent.ExecutionException: java.lang.RuntimeException: Edge of type ELEMENT_TYPE with direction OUT not supported by class
        at java.base/java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:395)
        at java.base/java.util.concurrent.CompletableFuture.get(CompletableFuture.java:2093)
        at de.fraunhofer.aisec.analysis.Main.call(Main.java:87)
        at de.fraunhofer.aisec.analysis.Main.call(Main.java:29)
        at picocli.CommandLine.executeUserObject(CommandLine.java:1783)
        at picocli.CommandLine.access$900(CommandLine.java:145)
        at picocli.CommandLine$RunLast.handle(CommandLine.java:2141)
        at picocli.CommandLine$RunLast.handle(CommandLine.java:2108)
        at picocli.CommandLine$AbstractParseResultHandler.execute(CommandLine.java:1975)
        at picocli.CommandLine.execute(CommandLine.java:1904)
        at de.fraunhofer.aisec.analysis.Main.main(Main.java:59)
Caused by: java.lang.RuntimeException: Edge of type ELEMENT_TYPE with direction OUT not supported by class
        at io.shiftleft.overflowdb.OdbNode.storeAdjacentNode(OdbNode.java:429)
        at io.shiftleft.overflowdb.OdbNode.storeAdjacentNode(OdbNode.java:411)
        at io.shiftleft.overflowdb.OdbNode.addEdge(OdbNode.java:254)
        at io.shiftleft.overflowdb.NodeRef.addEdge(NodeRef.java:113)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.connect(OverflowDatabase.java:665)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.createEdges(OverflowDatabase.java:631)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.createVertex(OverflowDatabase.java:483)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.connect(OverflowDatabase.java:652)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.createEdges(OverflowDatabase.java:631)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.createVertex(OverflowDatabase.java:483)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.connect(OverflowDatabase.java:652)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.connectAll(OverflowDatabase.java:674)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.createEdges(OverflowDatabase.java:626)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.createVertex(OverflowDatabase.java:483)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.connect(OverflowDatabase.java:652)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.connectAll(OverflowDatabase.java:674)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.createEdges(OverflowDatabase.java:626)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.createVertex(OverflowDatabase.java:483)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.save(OverflowDatabase.java:253)
        at de.fraunhofer.aisec.crymlin.connectors.db.OverflowDatabase.saveAll(OverflowDatabase.java:230)
        at de.fraunhofer.aisec.analysis.server.AnalysisServer.persistToODB(AnalysisServer.java:455)
        at de.fraunhofer.aisec.analysis.server.AnalysisServer.lambda$analyze$0(AnalysisServer.java:200)
        at java.base/java.util.concurrent.CompletableFuture$UniApply.tryFire(CompletableFuture.java:642)
        at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:506)
        at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1776)
        at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.exec(CompletableFuture.java:1763)
        at java.base/java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:290)
        at java.base/java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1016)
        at java.base/java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1665)
        at java.base/java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1598)
        at java.base/java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:177)

Update Spotless to v4 prior to v5

Spotless v5 has changed its plugin id from com.diffplug.gradle.spotless to com.diffplug.spotless. (cf. build log of #59)

It is suggested to update to v4, fix all problems and then update to v5.

codeyz contribution

codeyz dev:
I am very interested in CPG and codyze. At present, there are not many practical examples in the documentation. Can you provide examples of data flow query? In addition, how to join the codyze community for co-creation development? In terms of theoretical research, are there any outstanding topics? Thank you!

Reduce build time on CI/CD

Currently, GitHub Actions almost needs 8m-9m for a simple build. We should try to get that build time down to less annoying times, i.e. 3-5mins. Probably related to the tests, I guess.

Can be flagged as a nice-to-have for now.

Upgrade to OverflowDB v1.x

OverflowDB has gone through some development iterations. The current version is v1.x. We're using the 0.x build.

Should we invest the work to upgrade to 1.x?

The row number and column number information is missing in some finds

Test Code:
`package WeakEncryption.InadequateRSAPadding;

import javax.crypto.Cipher;

public class CWE780_WeakEncryption_InadequateRSAPadding_01 {
public void bad() throws Exception {
/* POTENTIAL FLAW: Not OAEP */
Cipher.getInstance("RSA");
}

public void good() throws Exception {
    Cipher.getInstance("RSA/ECB/OAEPWithSHA-512AndMGF1Padding");
}

}
`
Checking the fowllwing result of scanning the above code, the row number and column information is missing in some finds.

[{
"problem": false,
"locations": [{
"region": {
"endLine": 7,
"endColumn": 32,
"startColumn": 27,
"startLine": 7
},
"artifactLocation": {"uri": "file:/xxx/InadequateRSAPadding/CWE780_WeakEncryption_InadequateRSAPadding_01.java"}
}],
"logMsg": "Rule ID_2_01 verified",
"onfailIdentifier": "Invalid_TR21021_Cipher"
},{
"problem": false,
"locations": [{
"region": {
"endLine": 11,
"endColumn": 66,
"startColumn": 27,
"startLine": 11
},
"artifactLocation": {"uri": "file:/xxx/InadequateRSAPadding/CWE780_WeakEncryption_InadequateRSAPadding_01.java"}
}],
"logMsg": "Rule ID_2_01 verified",
"onfailIdentifier": "Invalid_TR21021_Cipher"
},{
"problem": true,
"locations": [],
"logMsg": "Rule BouncyCastleProvider_Cipher violated",
"onfailIdentifier": "InvalidProvider_Cipher"
},{
"problem": true,
"locations": [{
"region": {
"endLine": 11,
"endColumn": 66,
"startColumn": 27,
"startLine": 11
},
"artifactLocation": {"uri": "file:/xxx/InadequateRSAPadding/CWE780_WeakEncryption_InadequateRSAPadding_01.java"}
}],
"logMsg": "Rule ID_3_5_01 violated",
"onfailIdentifier": "InvalidRSAPadding"
},{
"problem": true,
"locations": [],
"logMsg": "Rule ID_3_5_01 violated",
"onfailIdentifier": "InvalidRSAPadding"
}]

Do not use snapshot dependencies

Our mark model has a snapshot dependency, which is fetched from the sonatype snapshot repo which has a tendency to fail

2020-07-30T16:10:14.9633068Z 2 actionable tasks: 2 executed
2020-07-30T16:10:14.9655435Z FAILURE: Build failed with an exception.
2020-07-30T16:10:14.9655608Z 
2020-07-30T16:10:14.9655781Z * What went wrong:
2020-07-30T16:10:14.9656489Z Execution failed for task ':compileJava'.
2020-07-30T16:10:14.9656829Z > Could not resolve all files for configuration ':compileClasspath'.
2020-07-30T16:10:14.9657200Z    > Could not resolve de.fraunhofer.aisec.mark:de.fraunhofer.aisec.mark:1.3.0-SNAPSHOT.
2020-07-30T16:10:14.9657357Z      Required by:
2020-07-30T16:10:14.9657482Z          project :
2020-07-30T16:10:14.9657829Z       > Could not resolve de.fraunhofer.aisec.mark:de.fraunhofer.aisec.mark:1.3.0-SNAPSHOT.
2020-07-30T16:10:14.9658564Z          > Unable to load Maven meta-data from https://oss.sonatype.org/content/groups/public/de/fraunhofer/aisec/mark/de.fraunhofer.aisec.mark/1.3.0-SNAPSHOT/maven-metadata.xml.
2020-07-30T16:10:14.9659380Z             > Could not get resource 'https://oss.sonatype.org/content/groups/public/de/fraunhofer/aisec/mark/de.fraunhofer.aisec.mark/1.3.0-SNAPSHOT/maven-metadata.xml'.
2020-07-30T16:10:14.9660014Z                > Could not GET 'https://oss.sonatype.org/content/groups/public/de/fraunhofer/aisec/mark/de.fraunhofer.aisec.mark/1.3.0-SNAPSHOT/maven-metadata.xml'. Received status code 503 from server: Service Unavailable

We should do a release of MARK instead

build with Maven

Would be nice.

Error in analysis

18:10:37,715 ERROR ReferenceManager error while trying to clear references
org.apache.commons.lang3.NotImplementedException: id type `class java.net.URI` not yet supported
	at overflowdb.storage.NodeSerializer.packTypedValue(NodeSerializer.java:111) ~[overflowdb-tinkerpop3-0.128.jar:0.128]
	at overflowdb.storage.NodeSerializer.packProperties(NodeSerializer.java:46) ~[overflowdb-tinkerpop3-0.128.jar:0.128]
	at overflowdb.storage.NodeSerializer.serialize(NodeSerializer.java:29) ~[overflowdb-tinkerpop3-0.128.jar:0.128]
	at overflowdb.storage.OdbStorage.serialize(OdbStorage.java:80) ~[overflowdb-tinkerpop3-0.128.jar:0.128]
	at overflowdb.NodeRef.serializeWhenDirty(NodeRef.java:70) ~[overflowdb-tinkerpop3-0.128.jar:0.128]
	at overflowdb.ReferenceManager.serializeReference(ReferenceManager.java:157) ~[overflowdb-tinkerpop3-0.128.jar:0.128]
	at java.util.stream.ReferencePipeline$3$1.accept(ReferencePipeline.java:195) ~[?:?]
	at java.util.stream.ReferencePipeline$2$1.accept(ReferencePipeline.java:177) ~[?:?]
	at java.util.ArrayList$ArrayListSpliterator.forEachRemaining(ArrayList.java:1624) ~[?:?]
	at java.util.stream.AbstractPipeline.copyInto(AbstractPipeline.java:484) ~[?:?]
	at java.util.stream.AbstractPipeline.wrapAndCopyInto(AbstractPipeline.java:474) ~[?:?]
	at java.util.stream.ForEachOps$ForEachOp.evaluateSequential(ForEachOps.java:150) ~[?:?]
	at java.util.stream.ForEachOps$ForEachOp$OfRef.evaluateSequential(ForEachOps.java:173) ~[?:?]
	at java.util.stream.AbstractPipeline.evaluate(AbstractPipeline.java:234) ~[?:?]
	at java.util.stream.ReferencePipeline.forEach(ReferencePipeline.java:497) ~[?:?]
	at overflowdb.ReferenceManager.clearReferences(ReferenceManager.java:133) ~[overflowdb-tinkerpop3-0.128.jar:0.128]
	at overflowdb.ReferenceManager.safelyClearReferences(ReferenceManager.java:116) ~[overflowdb-tinkerpop3-0.128.jar:

Heisenbug in LSPTest#testOrder

Seems to fail sometimes, not sure why exactly...

Cannot build with Java 14

Gradle 6.0.1 seems to have problems on Java 14

➜  codyze git:(master) ✗ ./gradlew --stacktrace build

FAILURE: Build failed with an exception.

* What went wrong:
Could not initialize class org.codehaus.groovy.runtime.InvokerHelper

* Try:
Run with --info or --debug option to get more log output. Run with --scan to get full insights.

* Exception is:
java.lang.NoClassDefFoundError: Could not initialize class org.codehaus.groovy.runtime.InvokerHelper
        at org.gradle.internal.extensibility.DefaultExtraPropertiesExtension.<init>(DefaultExtraPropertiesExtension.java:29)
        at org.gradle.internal.extensibility.DefaultConvention.<init>(DefaultConvention.java:49)
        at org.gradle.internal.extensibility.ExtensibleDynamicObject.<init>(ExtensibleDynamicObject.java:60)
        at org.gradle.internal.instantiation.generator.MixInExtensibleDynamicObject.<init>(MixInExtensibleDynamicObject.java:35)
        at org.gradle.initialization.DefaultSettings_Decorated.getAsDynamicObject(Unknown Source)
        at org.gradle.initialization.SettingsFactory.createSettings(SettingsFactory.java:58)
        at org.gradle.initialization.ScriptEvaluatingSettingsProcessor.process(ScriptEvaluatingSettingsProcessor.java:61)
        at org.gradle.initialization.PropertiesLoadingSettingsProcessor.process(PropertiesLoadingSettingsProcessor.java:38)
        at org.gradle.initialization.SettingsEvaluatedCallbackFiringSettingsProcessor.process(SettingsEvaluatedCallbackFiringSettingsProcessor.java:34)
        at org.gradle.initialization.RootBuildCacheControllerSettingsProcessor.process(RootBuildCacheControllerSettingsProcessor.java:36)
        at org.gradle.initialization.BuildOperationSettingsProcessor$2.call(BuildOperationSettingsProcessor.java:50)
        at org.gradle.initialization.BuildOperationSettingsProcessor$2.call(BuildOperationSettingsProcessor.java:47)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor$CallableBuildOperationWorker.execute(DefaultBuildOperationExecutor.java:416)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor$CallableBuildOperationWorker.execute(DefaultBuildOperationExecutor.java:406)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor$1.execute(DefaultBuildOperationExecutor.java:165)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.execute(DefaultBuildOperationExecutor.java:250)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.execute(DefaultBuildOperationExecutor.java:158)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.call(DefaultBuildOperationExecutor.java:102)
        at org.gradle.internal.operations.DelegatingBuildOperationExecutor.call(DelegatingBuildOperationExecutor.java:36)
        at org.gradle.initialization.BuildOperationSettingsProcessor.process(BuildOperationSettingsProcessor.java:47)
        at org.gradle.initialization.DefaultSettingsLoader.findSettingsAndLoadIfAppropriate(DefaultSettingsLoader.java:102)
        at org.gradle.initialization.DefaultSettingsLoader.findAndLoadSettings(DefaultSettingsLoader.java:45)
        at org.gradle.initialization.SettingsAttachingSettingsLoader.findAndLoadSettings(SettingsAttachingSettingsLoader.java:35)
        at org.gradle.internal.composite.CommandLineIncludedBuildSettingsLoader.findAndLoadSettings(CommandLineIncludedBuildSettingsLoader.java:34)
        at org.gradle.internal.composite.ChildBuildRegisteringSettingsLoader.findAndLoadSettings(ChildBuildRegisteringSettingsLoader.java:52)
        at org.gradle.internal.composite.CompositeBuildSettingsLoader.findAndLoadSettings(CompositeBuildSettingsLoader.java:35)
        at org.gradle.initialization.DefaultSettingsPreparer.prepareSettings(DefaultSettingsPreparer.java:36)
        at org.gradle.initialization.BuildOperatingFiringSettingsPreparer$LoadBuild.doLoadBuild(BuildOperatingFiringSettingsPreparer.java:59)
        at org.gradle.initialization.BuildOperatingFiringSettingsPreparer$LoadBuild.run(BuildOperatingFiringSettingsPreparer.java:54)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor$RunnableBuildOperationWorker.execute(DefaultBuildOperationExecutor.java:402)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor$RunnableBuildOperationWorker.execute(DefaultBuildOperationExecutor.java:394)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor$1.execute(DefaultBuildOperationExecutor.java:165)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.execute(DefaultBuildOperationExecutor.java:250)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.execute(DefaultBuildOperationExecutor.java:158)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.run(DefaultBuildOperationExecutor.java:92)
        at org.gradle.internal.operations.DelegatingBuildOperationExecutor.run(DelegatingBuildOperationExecutor.java:31)
        at org.gradle.initialization.BuildOperatingFiringSettingsPreparer.prepareSettings(BuildOperatingFiringSettingsPreparer.java:42)
        at org.gradle.initialization.DefaultGradleLauncher.prepareSettings(DefaultGradleLauncher.java:194)
        at org.gradle.initialization.DefaultGradleLauncher.doClassicBuildStages(DefaultGradleLauncher.java:138)
        at org.gradle.initialization.DefaultGradleLauncher.doBuildStages(DefaultGradleLauncher.java:130)
        at org.gradle.initialization.DefaultGradleLauncher.executeTasks(DefaultGradleLauncher.java:110)
        at org.gradle.internal.invocation.GradleBuildController$1.execute(GradleBuildController.java:60)
        at org.gradle.internal.invocation.GradleBuildController$1.execute(GradleBuildController.java:57)
        at org.gradle.internal.invocation.GradleBuildController$3.create(GradleBuildController.java:85)
        at org.gradle.internal.invocation.GradleBuildController$3.create(GradleBuildController.java:78)
        at org.gradle.internal.work.DefaultWorkerLeaseService.withLocks(DefaultWorkerLeaseService.java:189)
        at org.gradle.internal.work.StopShieldingWorkerLeaseService.withLocks(StopShieldingWorkerLeaseService.java:40)
        at org.gradle.internal.invocation.GradleBuildController.doBuild(GradleBuildController.java:78)
        at org.gradle.internal.invocation.GradleBuildController.run(GradleBuildController.java:57)
        at org.gradle.tooling.internal.provider.ExecuteBuildActionRunner.run(ExecuteBuildActionRunner.java:31)
        at org.gradle.launcher.exec.ChainingBuildActionRunner.run(ChainingBuildActionRunner.java:35)
        at org.gradle.launcher.exec.BuildOutcomeReportingBuildActionRunner.run(BuildOutcomeReportingBuildActionRunner.java:63)
        at org.gradle.tooling.internal.provider.ValidatingBuildActionRunner.run(ValidatingBuildActionRunner.java:32)
        at org.gradle.launcher.exec.BuildCompletionNotifyingBuildActionRunner.run(BuildCompletionNotifyingBuildActionRunner.java:39)
        at org.gradle.launcher.exec.RunAsBuildOperationBuildActionRunner$3.call(RunAsBuildOperationBuildActionRunner.java:51)
        at org.gradle.launcher.exec.RunAsBuildOperationBuildActionRunner$3.call(RunAsBuildOperationBuildActionRunner.java:45)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor$CallableBuildOperationWorker.execute(DefaultBuildOperationExecutor.java:416)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor$CallableBuildOperationWorker.execute(DefaultBuildOperationExecutor.java:406)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor$1.execute(DefaultBuildOperationExecutor.java:165)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.execute(DefaultBuildOperationExecutor.java:250)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.execute(DefaultBuildOperationExecutor.java:158)
        at org.gradle.internal.operations.DefaultBuildOperationExecutor.call(DefaultBuildOperationExecutor.java:102)
        at org.gradle.internal.operations.DelegatingBuildOperationExecutor.call(DelegatingBuildOperationExecutor.java:36)
        at org.gradle.launcher.exec.RunAsBuildOperationBuildActionRunner.run(RunAsBuildOperationBuildActionRunner.java:45)
        at org.gradle.launcher.exec.InProcessBuildActionExecuter$1.transform(InProcessBuildActionExecuter.java:50)
        at org.gradle.launcher.exec.InProcessBuildActionExecuter$1.transform(InProcessBuildActionExecuter.java:47)
        at org.gradle.composite.internal.DefaultRootBuildState.run(DefaultRootBuildState.java:78)
        at org.gradle.launcher.exec.InProcessBuildActionExecuter.execute(InProcessBuildActionExecuter.java:47)
        at org.gradle.launcher.exec.InProcessBuildActionExecuter.execute(InProcessBuildActionExecuter.java:31)
        at org.gradle.launcher.exec.BuildTreeScopeBuildActionExecuter.execute(BuildTreeScopeBuildActionExecuter.java:42)
        at org.gradle.launcher.exec.BuildTreeScopeBuildActionExecuter.execute(BuildTreeScopeBuildActionExecuter.java:28)
        at org.gradle.tooling.internal.provider.ContinuousBuildActionExecuter.execute(ContinuousBuildActionExecuter.java:78)
        at org.gradle.tooling.internal.provider.ContinuousBuildActionExecuter.execute(ContinuousBuildActionExecuter.java:52)
        at org.gradle.tooling.internal.provider.SubscribableBuildActionExecuter.execute(SubscribableBuildActionExecuter.java:59)
        at org.gradle.tooling.internal.provider.SubscribableBuildActionExecuter.execute(SubscribableBuildActionExecuter.java:36)
        at org.gradle.tooling.internal.provider.SessionScopeBuildActionExecuter.execute(SessionScopeBuildActionExecuter.java:68)
        at org.gradle.tooling.internal.provider.SessionScopeBuildActionExecuter.execute(SessionScopeBuildActionExecuter.java:38)
        at org.gradle.tooling.internal.provider.GradleThreadBuildActionExecuter.execute(GradleThreadBuildActionExecuter.java:37)
        at org.gradle.tooling.internal.provider.GradleThreadBuildActionExecuter.execute(GradleThreadBuildActionExecuter.java:26)
        at org.gradle.tooling.internal.provider.ParallelismConfigurationBuildActionExecuter.execute(ParallelismConfigurationBuildActionExecuter.java:43)
        at org.gradle.tooling.internal.provider.ParallelismConfigurationBuildActionExecuter.execute(ParallelismConfigurationBuildActionExecuter.java:29)
        at org.gradle.tooling.internal.provider.StartParamsValidatingActionExecuter.execute(StartParamsValidatingActionExecuter.java:60)
        at org.gradle.tooling.internal.provider.StartParamsValidatingActionExecuter.execute(StartParamsValidatingActionExecuter.java:32)
        at org.gradle.tooling.internal.provider.SessionFailureReportingActionExecuter.execute(SessionFailureReportingActionExecuter.java:55)
        at org.gradle.tooling.internal.provider.SessionFailureReportingActionExecuter.execute(SessionFailureReportingActionExecuter.java:41)
        at org.gradle.tooling.internal.provider.SetupLoggingActionExecuter.execute(SetupLoggingActionExecuter.java:48)
        at org.gradle.tooling.internal.provider.SetupLoggingActionExecuter.execute(SetupLoggingActionExecuter.java:32)
        at org.gradle.launcher.daemon.server.exec.ExecuteBuild.doBuild(ExecuteBuild.java:68)
        at org.gradle.launcher.daemon.server.exec.BuildCommandOnly.execute(BuildCommandOnly.java:37)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.WatchForDisconnection.execute(WatchForDisconnection.java:39)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.ResetDeprecationLogger.execute(ResetDeprecationLogger.java:27)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.RequestStopIfSingleUsedDaemon.execute(RequestStopIfSingleUsedDaemon.java:35)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.ForwardClientInput$2.create(ForwardClientInput.java:78)
        at org.gradle.launcher.daemon.server.exec.ForwardClientInput$2.create(ForwardClientInput.java:75)
        at org.gradle.util.Swapper.swap(Swapper.java:38)
        at org.gradle.launcher.daemon.server.exec.ForwardClientInput.execute(ForwardClientInput.java:75)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.LogAndCheckHealth.execute(LogAndCheckHealth.java:55)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.LogToClient.doBuild(LogToClient.java:63)
        at org.gradle.launcher.daemon.server.exec.BuildCommandOnly.execute(BuildCommandOnly.java:37)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.EstablishBuildEnvironment.doBuild(EstablishBuildEnvironment.java:82)
        at org.gradle.launcher.daemon.server.exec.BuildCommandOnly.execute(BuildCommandOnly.java:37)
        at org.gradle.launcher.daemon.server.api.DaemonCommandExecution.proceed(DaemonCommandExecution.java:104)
        at org.gradle.launcher.daemon.server.exec.StartBuildOrRespondWithBusy$1.run(StartBuildOrRespondWithBusy.java:52)
        at org.gradle.launcher.daemon.server.DaemonStateCoordinator$1.run(DaemonStateCoordinator.java:297)
        at org.gradle.internal.concurrent.ExecutorPolicy$CatchAndRecordFailures.onExecute(ExecutorPolicy.java:64)
        at org.gradle.internal.concurrent.ManagedExecutorImpl$1.run(ManagedExecutorImpl.java:48)
        at org.gradle.internal.concurrent.ThreadFactoryImpl$ManagedThreadRunnable.run(ThreadFactoryImpl.java:56)

A null pointer exception is thrown when the ControlFlowGraphPass is registered

Test Code

extern void abort(void);
extern void __assert_fail(const char *, const char *, unsigned int, const char *) __attribute__ ((__nothrow__ , __leaf__)) __attribute__ ((__noreturn__));
void reach_error() { __assert_fail("0", "array_doub_access_init_const.c", 3, "reach_error"); }
extern void abort(void);
void assume_abort_if_not(int cond) {
  if(!cond) {abort();}
}
void __VERIFIER_assert(int cond) { if(!(cond)) { ERROR: {reach_error();abort();} } }
int main()
{
  int i;
  int N=100000;
  int a[2*N+2];

  for(i=0;i<=N;i++) {
    a[2*i]=0;
    a[2*i+1]=0;
  }

  for(i=0;i<=2*N;i++)
    __VERIFIER_assert(a[i]>=0);
  return 0;
}

When I try to register ControlFlowGraphPass, the log shows that CXXLanguageFrontend Transform to CPG can be done, but then a null pointer exception will be thrown.

However when I unregister that Pass, it works.

	className = (String) v.property(f.getName() + "_type").value();
	collectionType = Class.forName(className);

fraunhofer-aisec / codyze Goto Github PK

codyze's People

Contributors

Stargazers

Watchers

Forkers

codyze's Issues

Recommend Projects

Recommend Topics

Recommend Org

Jobs