Skip to content

Commit

Permalink
Remove normalize_crtex_conditions, use "call_info" instead
Browse files Browse the repository at this point in the history 
Summary:
As the title says. This simplifies the handling of CRTEX leaves (though it's still not simple).

With the latest JSON changes, "call_info" is always emitted. For example, taint json at origin:

```
{
  "call_info" : { "call_kind" : "Origin" ... },
  "kinds": [
    {
      "kind": "CRTEXSink1",
      "canonical_names": [ { instantiated = "callee_viaType1" } ]
      "origins": [
        { "canonical_name": "callee_viaType1" , "port": "Anchor.argument(1)" }
      ]
    },
    {
      "kind": "CRTEXSink2",
      "canonical_names": [ { instantiated = "callee_viaType2" } ]
      "origins": [
        { "canonical_name": "callee_viaType2" , "port": "Anchor.argument(1)" }
      ]
    },
    {
      "kind": "NonCRTEXSink",
      "origins": [
        { "method": "callee" , "port": "Anchor.argument(1)" }
      ]
    },
  ]
}
```

**Before change**
**CRTEX callees**: The parser was re-writing the JSON in `normalize_crtex_conditions` so that callee information, represented in "canonical_names" would show up under "call" one level up (renamed "call_info" in latest JSON shown above). After which, it can be handled like any other non-CRTEX.

**Non-CRTEX callees**: The non-CRTEX sink would have had its callee information populated in an "origin" key (instead of "call_info"), which is deprecated in the latest JSON format and will be removed after this.

**With change**
The analysis has been updated to emit the JSON such that the above re-writing isn't needed. CRTEX callees can be handled like any other callee. The "call_info" is emitted for every frame, and the `frame[call_info][call_kind]` indicates if it is a declaration/origin/call-site.

* Declaration frames are ignored as they do not lead to traces (exception being in `IssueCondition` where they are handled like call-site frames).
* Origin frames will get callee information from `frame[kinds][*][origins]`. There can be multiple callees which will result multiple trace frames.
  * Here the callee is an "origin", which may be a method, field, or CRTEX canonical name.
* CallSite frames will get the callee information from `frame[call_info][resolves_to]`.

The above also applies to `PropagationWithTrace:[Declaration|Origin|CallSite]`.

NOTE: Do not land until D50818477 is **released**. Needs new JSON format to work.

Reviewed By: arthaud

Differential Revision: D50526061

fbshipit-source-id: 8a9d7f64bbd6842eda0b23dddb53462662512bfe
  • Loading branch information
@facebook-github-bot
Yuh Shin Ong authored and facebook-github-bot committed Nov 9, 2023
1 parent 68c3bd8 commit 5c0c4ee
Show file tree
Hide file tree
Showing 2 changed files with 722 additions and 615 deletions.
Loading

0 comments on commit 5c0c4ee

Please sign in to comment.