update

wh1t3p1g · Feb 22, 2024 · f3e1d92 · f3e1d92
1 parent aa022d9
commit f3e1d92
Show file tree

Hide file tree

Showing 26 changed files with 1,144 additions and 466 deletions.
diff --git a/build.gradle b/build.gradle
@@ -31,7 +31,8 @@ dependencies {
 //    implementation 'org.springframework.boot:spring-boot-starter-data-neo4j'
 //    implementation 'org.soot-oss:soot:4.2.1'
 //    implementation 'org.soot-oss:soot:4.3.0-SNAPSHOT'
-    implementation 'org.soot-oss:soot:4.4.1'
+//    implementation 'org.soot-oss:soot:4.4.1'
+    implementation 'org.soot-oss:soot:4.5.0-SNAPSHOT'
 //    implementation 'ca.mcgill.sable:soot:4.0.0'
 
     implementation 'com.google.code.gson:gson:2.10.1'

diff --git a/config/settings.properties b/config/settings.properties
@@ -6,6 +6,7 @@ tabby.output.directory                    = ./output/dev
 
 # debug
 tabby.debug.details                       = false
+tabby.debug.print.current.methods         = true
 
 # jdk settings
 tabby.build.useSettingJRE                 = false
@@ -22,4 +23,7 @@ tabby.build.checkFatJar                   = true
 # pointed-to analysis
 tabby.build.isFullCallGraphCreate         = false
 tabby.build.thread.timeout                = 2
-tabby.build.isNeedToCreateIgnoreList      = false
+tabby.build.method.timeout                = 5
+tabby.build.isNeedToCreateIgnoreList      = false
+tabby.build.timeout.forceStop             = false
+tabby.build.isNeedToDealNewAddedMethod    = true
diff --git a/rules/commonJars.json b/rules/commonJars.json
@@ -1,21 +1,5 @@
 [
-  "commons-collections",
-  "commons-codec",
-  "commons-fileupload",
-  "commons-io",
-  "commons-configuration",
-  "commons-dbcp",
-  "commons-lang",
-  "commons-logging",
-  "commons-pool",
-  "commons-beanutils",
-  "commons-httpclient",
-  "commons-cli",
-  "commons-dbutils",
-  "commons-digester",
-  "commons-discovery",
-  "commons-email",
-  "commons-jxpath",
+  "commons-",
   "poi-",
   "jetty-",
   "apache-el",
@@ -44,26 +28,22 @@
   "crypto-",
   "ognl-",
   "logback-",
-  "taglibs-standard-",
   "zookeeper-",
   "jfreechart-",
   "jline-",
-  "xercesImpl-",
   "slf4j-api",
   "com.springsource.",
-  "sofa-runtime",
   "abatis-sqlmap",
-  "ojdbc14",
+  "ojdbc",
   "kryo-",
   "guice-",
   "xstream-",
   "struts",
   "xml-",
   "log4j-",
-  "zdal-",
   "aspectjweaver-",
   "oceanbase-",
-  "org.eclipse.osgi-",
+  "org.eclipse",
   "jboss-",
   "hibernate-",
   "castor-",
@@ -82,6 +62,149 @@
   "validation-api",
   "javax.servlet-",
   "jconsole-",
-  "xpp3_min",
-  "toolkit-common-"
+  "toolkit-common-",
+  "hessian-",
+  "antlr",
+  "axis2-",
+  "log4j-",
+  "jersey-",
+  "snakeyaml-",
+  "jakarta.annotation-",
+  "lombok-",
+  "xmlbeans-",
+  "velocity-",
+  "javax.servlet",
+  "freemarker-",
+  "slf4j-",
+  "dom4j-",
+  "c3p0-",
+  "standard-",
+  "bsh-",
+  "jstl-",
+  "tomcat-",
+  "jul-to-",
+  "jcl-to-",
+  "h2-",
+  "grpc-",
+  "java-jwt",
+  "okhttp-",
+  "annotations-",
+  "protobuf-",
+  "jedis-",
+  "lucene-",
+  "reflections-",
+  "htmlparser",
+  "xbean-",
+  "javax.mail",
+  "xmlsec-",
+  "java-uuid",
+  "xerces-",
+  "svg-",
+  "joda-",
+  "easy-okhttp",
+  "opensaml-",
+  "aspect",
+  "sms-",
+  "cglib-",
+  "xalan",
+  "org.apache.",
+  "ant.",
+  "graph-java-",
+  "mvel2-",
+  "jdom",
+  "google-oauth-",
+  "postgresql-",
+  "activemq-",
+  "flex-",
+  "swagger-",
+  "batik-",
+  "batik-",
+  "ehcache-",
+  "cssparser-",
+  "HikariCP-",
+  "pdfbox-",
+  "ibatis-",
+  "rhino-",
+  "cas-client-",
+  "dom4j.",
+  "itextpdf-",
+  "jna-",
+  "hutool-",
+  "javassist.",
+  "ooxml-",
+  "oracle.",
+  "quartz.",
+  "google-",
+  "jakarta-",
+  "dom.",
+  "org.restlet-",
+  "aws-sdk-",
+  "xerces.",
+  "log4j.",
+  "forms-",
+  "jni.",
+  "jmx.",
+  "mail-",
+  "activation",
+  "gson-",
+  "healthcheck-",
+  "notify-",
+  "ecj-",
+  "schema-sync-connector-",
+  "caffeine-",
+  "xfire-",
+  "avro-",
+  "javers-",
+  "sketch-jar",
+  "jsqlparser-",
+  "layout-",
+  "aviator-",
+  "classgraph-",
+  "jctools-",
+  "antlr4-",
+  "lookout",
+  "hadoop-",
+  "xmlbeans-",
+  "mvel2-",
+  "doom-",
+  "quartz-",
+  "snappy-",
+  "rxjava-",
+  "jedis-",
+  "lettuce-",
+  "spymemcached-",
+  "org.apache",
+  "org.springframework",
+  "freemarker-",
+  "wsdl4j-",
+  "lucene-",
+  "scheduler-",
+  "disaster-",
+  "rocketmq-",
+  "velocity-",
+  "jakarta.commons.",
+  "ram-",
+  "osgi-resource",
+  "sourceforge.",
+  "elasticsearch-",
+  "jsoup",
+  "basement-",
+  "script.juel",
+  "logger",
+  "umid-",
+  "mockito-",
+  "ibatis2-",
+  "jdbc.mysql",
+  "geronimo-",
+  "xmlschema-",
+  "axis-",
+  "http-agent-",
+  "javase-",
+  "smtp-",
+  "xmlpull-",
+  "openws-",
+  "reactor-",
+  "jcc-",
+  "byte-buddy",
+  "websocket-"
 ]
diff --git a/src/main/java/tabby/App.java b/src/main/java/tabby/App.java
@@ -10,6 +10,7 @@
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.boot.autoconfigure.domain.EntityScan;
 import org.springframework.context.annotation.Bean;
+import org.springframework.scheduling.annotation.EnableScheduling;
 import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor;
 import sun.misc.Signal;
 import tabby.common.utils.FileUtils;
@@ -18,6 +19,7 @@
 
 @Slf4j
 @SpringBootApplication
+@EnableScheduling
 @EntityScan({"tabby.common.bean"})
 public class App {
 
@@ -63,15 +65,21 @@ CommandLineRunner run(){
                 setLogDebugLevel();
                 Signal.handle(new Signal("INT"),  // SIGINT
                         signal -> {
-                            log.error("Force Stop by control+c");
+                            log.error("Force Stop by Control + C");
                             stopThreads(GlobalConfiguration.tabbyCollectorExecutor);
+                            stopThreads(GlobalConfiguration.tabbySaverExecutor);
                             System.exit(0);
                         });
                 analyser.run();
             }catch (IllegalArgumentException e){
                 log.error(e.getMessage() + ", Please check your settings.properties file.");
             }
-            log.info("Done. Bye!");
+
+            if(GlobalConfiguration.GLOBAL_FORCE_STOP){
+                log.info("OOM ERROR!");
+            }else{
+                log.info("Done. Bye!");
+            }
         };
     }
 

diff --git a/src/main/java/tabby/analysis/PollutedVarsPointsToAnalysis.java b/src/main/java/tabby/analysis/PollutedVarsPointsToAnalysis.java
@@ -7,15 +7,15 @@
 import soot.jimple.InstanceFieldRef;
 import soot.toolkits.graph.DirectedGraph;
 import soot.toolkits.scalar.ForwardFlowAnalysis;
-import tabby.config.GlobalConfiguration;
-import tabby.common.bean.ref.MethodReference;
 import tabby.analysis.data.Context;
-import tabby.core.container.DataContainer;
 import tabby.analysis.data.TabbyVariable;
 import tabby.analysis.switcher.stmt.SimpleStmtSwitcher;
 import tabby.analysis.switcher.stmt.StmtSwitcher;
 import tabby.analysis.switcher.value.SimpleLeftValueSwitcher;
 import tabby.analysis.switcher.value.SimpleRightValueSwitcher;
+import tabby.common.bean.ref.MethodReference;
+import tabby.config.GlobalConfiguration;
+import tabby.core.container.DataContainer;
 
 import java.util.ArrayList;
 import java.util.HashMap;
@@ -38,6 +38,8 @@ public class PollutedVarsPointsToAnalysis extends ForwardFlowAnalysis<Unit, Map<
     private StmtSwitcher stmtSwitcher;
     private MethodReference methodRef;
     private Body body;
+    private boolean isNormalExit = true;
+
     /**
      * Construct the analysis from a DirectedGraph representation of a Body.
      *
@@ -108,7 +110,19 @@ public void doAnalysis(){
 
     @Override
     protected void flowThrough(Map<Local, TabbyVariable> in, Unit d, Map<Local, TabbyVariable> out) {
-        if(GlobalConfiguration.isNeedStop){
+        if(GlobalConfiguration.isNeedStop || context.isAnalyseTimeout() || GlobalConfiguration.GLOBAL_FORCE_STOP){
+            return;
+        }
+
+        if(context.getMethodReference().isInitialed()){
+            // 多个线程同时分析一个函数，且当前线程落后其他线程，则直接跳过后续的分析，且不保存当前分析所得的调用边
+            isNormalExit = false;
+            return;
+        }
+
+        if(context.isTimeout()){ // 如果当前函数分析超多最大限时，则停止分析当前函数
+            context.setAnalyseTimeout(true);
+            isNormalExit = false; // 下一次会重新分析，这里先不保存call边
             return;
         }
 
@@ -135,6 +149,21 @@ protected void flowThrough(Map<Local, TabbyVariable> in, Unit d, Map<Local, Tabb
         //  这里暂时为了效率舍弃了部分可控边
     }
 
+    public void doEnd(){
+        MethodReference ref = context.getMethodReference();
+
+        if(context.isAnalyseTimeout()){
+            if(context.isTopContext()){
+                dataContainer.getAnalyseTimeoutMethodSigs().add(context.getMethodSignature());
+            }else{
+                Context preContext = context.getPreContext();
+                preContext.setAnalyseTimeout(true);
+            }
+        }
+
+        ref.setRunning(false);
+    }
+
     @Override
     protected Map<Local, TabbyVariable> newInitialFlow() {
         return new HashMap<>(emptyMap);
@@ -198,6 +227,7 @@ public static PollutedVarsPointsToAnalysis makeDefault(MethodReference methodRef
         analysis.setMethodRef(methodRef);
         // 进行分析
         analysis.doAnalysis();
+        analysis.doEnd();
         return analysis;
     }
 }