Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check for CWE-337 #439

Merged
merged 7 commits into from
Feb 22, 2024
Merged

Check for CWE-337 #439

merged 7 commits into from
Feb 22, 2024

Conversation

PascalBeyer
Copy link
Collaborator

Implements a check for CWE-337: Predictable Seed in Pseudo-Random Number Generator (PRNG)

The check works by reusing the taint-tracking code from the check for CWE-467 to track return values of "source" functions (e.g.: time) to arguments of "sink" functions (e.g: srand).

Enkelmann
Enkelmann suggested changes Feb 15, 2024
View reviewed changes
Copy link
Contributor

@Enkelmann Enkelmann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need to add acceptance tests for this check! Also, reusing code from the CWE-476 check means that the analysis is dependent on the Pointer Inference analysis, so we have to tell the caller code that the Pointer Inference analysis has to be computed before this check.

src/cwe_checker_lib/src/checkers/cwe_337.rs Outdated Show resolved Hide resolved
src/cwe_checker_lib/src/checkers/cwe_337.rs Outdated Show resolved Hide resolved
src/cwe_checker_lib/src/checkers/cwe_337.rs Outdated Show resolved Hide resolved
src/cwe_checker_lib/src/checkers/cwe_337.rs Outdated Show resolved Hide resolved
src/cwe_checker_lib/src/checkers/cwe_337.rs Outdated Show resolved Hide resolved
src/cwe_checker_lib/src/checkers/cwe_337.rs Outdated Show resolved Hide resolved
src/cwe_checker_lib/src/checkers/cwe_337.rs Outdated Show resolved Hide resolved
src/cwe_checker_lib/src/checkers/cwe_337.rs Outdated Show resolved Hide resolved
src/cwe_checker_lib/src/checkers/cwe_337.rs Outdated Show resolved Hide resolved
Pascal Beyer added 2 commits February 20, 2024 14:37
Implement requested changes.
37e4234 
* Add "artifical_sample"
* Rename `sinks` to `seeding_functions`
* Use `expect()` instead of `unwrap()` for the `Config`
* Bail early if either there are no sinks or no sources
* Only use one `computation` instead of one per call to a source.
Skip some tests which seem to be skipped everywhere else.
694c1e2
Enkelmann
Enkelmann suggested changes Feb 21, 2024
View reviewed changes
Copy link
Contributor

@Enkelmann Enkelmann left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Only two minor things to fix remaining before we can merge the check.

Edit: Oops, I forgot something important! We also have to add the check to the list of checks in the project Readme!

src/cwe_checker_lib/src/checkers/cwe_337.rs Outdated Show resolved Hide resolved
test/src/lib.rs Outdated Show resolved Hide resolved
@Enkelmann Enkelmann merged commit 8030c7e into master Feb 22, 2024
10 checks passed
@Enkelmann Enkelmann deleted the CWE337 branch February 22, 2024 06:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Enkelmann Enkelmann Enkelmann approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@PascalBeyer @Enkelmann