trailofbits/multiplier
Fork: 27 Star: 438 (更新于 2024-11-03 23:34:11)
license: Apache-2.0
Language: C++ .
Code auditing productivity multiplier.
最后发布版本: e6773ed ( 2024-09-30 01:14:47)
Multiplier finds more bugs faster
Multiplier provides precise and comprehensive code understanding capabilities. It does so by saving build artifacts into a database, and then making them persistently accessible using a C++ or Python API.
Multiplier emphasizes the ability to uniquely identify all entities in a build process, including individual tokens, AST nodes, and intermediate representations. With Multiplier, an analyst can identify code patterns of interest over one of the representations, and then accurately relay results back to humans in a readable form, or to follow-on scripts via entity IDs.
Multiplier's APIs are extensive, and often provide as-good or better-than compiler-level quality information, but linked at a whole-program granularity. We like to say that with its APIs, you can get everywhere from anywhere.
- About
- How do other indexers work, and why the normal way of indexing code is insufficient for C/C++
- Why Multiplier? What analysis challenges does Multiplier solve?
- Usage
- Writeups
- Included Python tools
- Included C++ tools
- Find function calls inside macro argument lists
- Find possible divergent representations
-
Find uses of
copy_to_user
in the Linux kernel that overwrite flexible array members - Find data structures containing self-referential pointers, such as linked lists and trees
- Find "sketchy" casts flowing to function arguments and to return sites
- Extract an entity, e.g. a function, and all of its dependencies into a file
- Highlight a specific entity within its surrounding code
- Highlight all references to an entity
- Print a call graph
- Print the reference graph
- Print a graph relating source code, macros, parsed tokens, and AST nodes
- Print the taint graph given a taint source, and treating memory dereferences as taint sinks
- Included utilities
License
This research was developed with funding from the Defense Advanced Research Projects Agency (DARPA). The views, opinions and/or findings expressed are those of the author and should not be interpreted as representing the official views or policies of the Department of Defense or the U.S. Government.
Distribution Statement "A" (Approved for Public Release, Distribution Unlimited).
最近版本更新:(数据更新于 2024-10-12 22:11:28)
2024-09-30 01:14:47 e6773ed
2024-09-17 05:48:48 a7f12c2
2024-08-29 04:18:49 8e16df0
2024-08-27 03:15:10 fcf121a
2024-08-25 04:49:11 30bc397
2024-08-24 18:54:07 42546c2
2024-08-21 14:45:39 bb6f258
2024-08-20 16:37:14 41194fc
2024-08-15 18:05:41 352cd05
2024-08-14 09:06:22 90a3c81
主题(topics):
analysis, audit, clang, mlir
trailofbits/multiplier同语言 C++最近更新仓库
2024-11-21 04:48:41 PCSX2/pcsx2
2024-11-20 09:02:24 dail8859/NotepadNext
2024-11-20 04:28:15 microsoft/terminal
2024-11-18 22:35:05 ClickHouse/ClickHouse
2024-11-18 14:36:13 cxasm/notepad--
2024-11-18 00:19:27 MaaAssistantArknights/MaaAssistantArknights