SA-MP Forums

Go Back   SA-MP Forums > SA-MP Scripting and Plugins > Scripting Help > Discussion

Reply
 
Thread Tools Display Modes
Old 30/01/2018, 06:07 PM   #31
yugecin
Big Clucker
 
Join Date: Oct 2009
Location: Belgium
Posts: 83
Reputation: 82
Default Re: Pawn Linting/Static Analysis

There's a lot of cool stuff you can do once you have an AST. It's fun to do, too.

I built a basic PAWN lexer/parser for my bachelor thesis which was about using static analysis to find possible vulnerabilities.
By traversing the AST, it could find buffer overflows due to format size being larger than the enum element size, which was an actual scenario a friend struggled with when trying to find the cause of an unexplainable bug.



I would open source it but this is kinda what I got to do at work (it's also where I wrote that thesis) and it's probably not allowed due to IP transfer etc.

edit: image url
__________________
robin_be

Last edited by yugecin; 27/04/2018 at 09:14 PM.
yugecin is offline   Reply With Quote
Old 30/01/2018, 07:32 PM   #32
Misiur
High-roller
 
Misiur's Avatar
 
Join Date: Jul 2009
Location: Poland
Posts: 2,535
Reputation: 552
Default Re: Pawn Linting/Static Analysis

Damn! That's a shame. Can you answer a few questions for me though? In which language did you write it? What's the performance of it for a "standard", non-modular, say, 100k lines project? How it deals with preprocessor macros, or does it work with output dumped via "-l"?
Misiur is offline   Reply With Quote
Old 30/01/2018, 07:43 PM   #33
jeffparker
Little Clucker
 
Join Date: Jan 2018
Posts: 1
Reputation: 0
Default Re: Pawn Linting/Static Analysis

Good Luck
jeffparker is offline   Reply With Quote
Old 30/01/2018, 09:40 PM   #34
yugecin
Big Clucker
 
Join Date: Oct 2009
Location: Belgium
Posts: 83
Reputation: 82
Default Re: Pawn Linting/Static Analysis

Quote:
Originally Posted by Misiur View Post
Damn! That's a shame. Can you answer a few questions for me though? In which language did you write it? What's the performance of it for a "standard", non-modular, say, 100k lines project? How it deals with preprocessor macros, or does it work with output dumped via "-l"?
Java, it was the easiest to get going quickly at that time
It uses the -l output
It's far from complete, it can barely do the test code I used for the POC I made. I basically started making a tokenizer and parser from the concepts I know and continued from there, so there were some things I did terribly and hacked together quite a few things (I wanted the POC to work and I postponed too much), so it's not the best code at all, but it taught me a lot and I have some things that I would do in different way if I ever redo or complete this.
So that being said, I just copied the 25-ish lines of the test code I used until I got a 101k line lst, took 131188ms to process.
__________________
robin_be
yugecin is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Static NPC - Help Lumabd Scripting Help 1 08/07/2015 04:42 AM
[Ajuda] Static! Wallker Português/Portuguese 6 04/08/2012 07:51 PM
[Tool/Web/Other] PAWN Scanner - Scan PAWN files for information. Slice Tools and Files 10 15/07/2012 07:09 PM


All times are GMT. The time now is 01:16 PM.


Powered by vBulletin® Version 3.8.6
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.