Verified Commit c5511798 authored by Nadim Kobeissi's avatar Nadim Kobeissi 💾
Browse files

Resolve analysis crash pointed out by Friedrich Wiemer

parent 25e53e0b
......@@ -25,21 +25,23 @@ func attackerStateInit(active bool) {
func attackerStateAbsorbPhaseValues(valPrincipalState *PrincipalState) error {
attackerStateMutex.Lock()
for i, c := range valPrincipalState.Constants {
cc := &Value{Kind: typesEnumConstant, Data: c}
if c.Qualifier != typesEnumPublic {
continue
}
earliestPhase, err := minIntInSlice(valPrincipalState.Phase[i])
if err == nil && earliestPhase > attackerStateShared.CurrentPhase {
continue
}
if valueEquivalentValueInValues(cc, attackerStateShared.Known) < 0 {
valPrincipalStateClone := constructPrincipalStateClone(valPrincipalState, false)
attackerStateShared.Known = append(attackerStateShared.Known, cc)
attackerStateShared.PrincipalState = append(
attackerStateShared.PrincipalState, valPrincipalStateClone,
)
for i := 0; i < len(valPrincipalState.Constants); i++ {
switch valPrincipalState.Assigned[i].Kind {
case typesEnumConstant:
if valPrincipalState.Assigned[i].Data.(*Constant).Qualifier != typesEnumPublic {
continue
}
earliestPhase, err := minIntInSlice(valPrincipalState.Phase[i])
if err == nil && earliestPhase > attackerStateShared.CurrentPhase {
continue
}
if valueEquivalentValueInValues(valPrincipalState.Assigned[i], attackerStateShared.Known) < 0 {
valPrincipalStateClone := constructPrincipalStateClone(valPrincipalState, false)
attackerStateShared.Known = append(attackerStateShared.Known, valPrincipalState.Assigned[i])
attackerStateShared.PrincipalState = append(
attackerStateShared.PrincipalState, valPrincipalStateClone,
)
}
}
}
for i, c := range valPrincipalState.Constants {
......
......@@ -15,17 +15,6 @@ func inject(
if verifyResultsAllResolved() {
return []*Value{}
}
if primitiveIsCorePrim(p.ID) {
prim, _ := primitiveCoreGet(p.ID)
if !prim.Injectable {
return []*Value{}
}
} else {
prim, _ := primitiveGet(p.ID)
if !prim.Injectable {
return []*Value{}
}
}
return injectPrimitive(
p, valPrincipalState, valAttackerState, injectDepth, stage,
)
......@@ -62,7 +51,7 @@ func injectPrimitiveRules(k *Primitive, arg int, p *Primitive, stage int) bool {
case injectPrimitiveStageRestricted(k, stage):
return false
}
return injectSkeletonNotDeeper(k, p.Arguments[arg].Data.(*Primitive))
return injectSkeletonEquivalent(k, p.Arguments[arg].Data.(*Primitive))
}
func injectEquationRules(e *Equation, arg int, p *Primitive) bool {
......@@ -108,10 +97,8 @@ func injectPrimitiveSkeleton(p *Primitive, depth int) (*Primitive, int) {
case typesEnumConstant:
skeleton.Arguments[i] = valueNil
case typesEnumPrimitive:
pp, dd := injectPrimitiveSkeleton(a.Data.(*Primitive), depth)
if dd > depth {
depth = dd
}
var pp *Primitive
pp, depth = injectPrimitiveSkeleton(a.Data.(*Primitive), depth+1)
aa := &Value{
Kind: typesEnumPrimitive,
Data: pp,
......@@ -138,6 +125,19 @@ func injectSkeletonNotDeeper(p *Primitive, reference *Primitive) bool {
return pd <= sd
}
func injectSkeletonEquivalent(p *Primitive, reference *Primitive) bool {
if p.ID != reference.ID {
return false
}
p1, pd := injectPrimitiveSkeleton(p, 0)
p2, sd := injectPrimitiveSkeleton(reference, 0)
if sd > pd {
return false
}
e, _, _ := valueEquivalentPrimitives(p1, p2, false)
return e
}
func injectMatchSkeletons(p *Primitive, skeleton *Primitive) bool {
if p.ID != skeleton.ID {
return false
......
......@@ -49,9 +49,8 @@ var primitiveCoreSpecs = []PrimitiveCoreSpec{
}
return false, v
},
Check: true,
Injectable: false,
Explosive: false,
Check: true,
Explosive: false,
},
{
ID: primitiveEnumCONCAT,
......@@ -63,9 +62,8 @@ var primitiveCoreSpecs = []PrimitiveCoreSpec{
v := []*Value{{Kind: typesEnumPrimitive, Data: p}}
return false, v
},
Check: false,
Injectable: true,
Explosive: true,
Check: false,
Explosive: true,
},
{
ID: primitiveEnumSPLIT,
......@@ -90,9 +88,8 @@ var primitiveCoreSpecs = []PrimitiveCoreSpec{
}
return false, v
},
Check: true,
Injectable: false,
Explosive: false,
Check: true,
Explosive: false,
},
}
......@@ -115,7 +112,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: false,
Injectable: true,
Explosive: false,
PasswordHashing: []int{0, 1, 2, 3, 4},
},
......@@ -137,7 +133,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: false,
Injectable: true,
Explosive: true,
PasswordHashing: []int{},
},
......@@ -159,7 +154,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: false,
Injectable: true,
Explosive: true,
PasswordHashing: []int{},
},
......@@ -186,7 +180,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: false,
Injectable: true,
Explosive: false,
PasswordHashing: []int{1},
},
......@@ -231,7 +224,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: true,
Injectable: false,
Explosive: false,
PasswordHashing: []int{},
},
......@@ -258,7 +250,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: false,
Injectable: true,
Explosive: false,
PasswordHashing: []int{1},
},
......@@ -300,7 +291,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: false,
Injectable: false,
Explosive: false,
PasswordHashing: []int{},
},
......@@ -322,7 +312,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: false,
Injectable: true,
Explosive: false,
PasswordHashing: []int{1},
},
......@@ -344,7 +333,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: false,
Injectable: true,
Explosive: false,
PasswordHashing: []int{1},
},
......@@ -398,7 +386,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: true,
Injectable: false,
Explosive: false,
PasswordHashing: []int{},
},
......@@ -445,7 +432,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: false,
Injectable: true,
Explosive: false,
PasswordHashing: []int{1},
},
......@@ -497,7 +483,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: false,
Injectable: false,
Explosive: false,
PasswordHashing: []int{},
},
......@@ -528,7 +513,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: false,
Injectable: false,
Explosive: false,
PasswordHashing: []int{},
},
......@@ -563,7 +547,6 @@ var primitiveSpecs = []PrimitiveSpec{
},
},
Check: false,
Injectable: false,
Explosive: false,
PasswordHashing: []int{},
},
......@@ -585,7 +568,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: false,
Injectable: true,
Explosive: false,
PasswordHashing: []int{3},
},
......@@ -645,7 +627,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: true,
Injectable: false,
Explosive: false,
PasswordHashing: []int{},
},
......@@ -672,7 +653,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: false,
Injectable: true,
Explosive: false,
PasswordHashing: []int{1},
},
......@@ -731,7 +711,6 @@ var primitiveSpecs = []PrimitiveSpec{
HasRule: false,
},
Check: false,
Injectable: true,
Explosive: false,
PasswordHashing: []int{},
},
......
......@@ -261,15 +261,14 @@ type RebuildRule struct {
// PrimitiveCoreSpec contains the definition of a core primitive.
type PrimitiveCoreSpec struct {
Name string
ID primitiveEnum
Arity []int
Output []int
HasRule bool
CoreRule func(*Primitive) (bool, []*Value)
Check bool
Injectable bool
Explosive bool
Name string
ID primitiveEnum
Arity []int
Output []int
HasRule bool
CoreRule func(*Primitive) (bool, []*Value)
Check bool
Explosive bool
}
// PrimitiveSpec contains the definition of a primitive.
......@@ -283,7 +282,6 @@ type PrimitiveSpec struct {
Rewrite RewriteRule
Rebuild RebuildRule
Check bool
Injectable bool
Explosive bool
PasswordHashing []int
}
......
......@@ -115,7 +115,12 @@ func verifyPassive(valKnowledgeMap *KnowledgeMap, valPrincipalStates []*Principa
phase := 0
for phase <= valKnowledgeMap.MaxPhase {
attackerStateInit(false)
err := attackerStatePutPhaseUpdate(valPrincipalStates[0], phase)
valPrincipalStatePureResolved := constructPrincipalStateClone(valPrincipalStates[0], true)
valPrincipalStatePureResolved, err := valueResolveAllPrincipalStateValues(valPrincipalStatePureResolved, attackerStateGetRead())
if err != nil {
return err
}
err = attackerStatePutPhaseUpdate(valPrincipalStatePureResolved, phase)
if err != nil {
return err
}
......
......@@ -16,7 +16,12 @@ func verifyActive(valKnowledgeMap *KnowledgeMap, valPrincipalStates []*Principal
var stageGroup sync.WaitGroup
InfoMessage(fmt.Sprintf("Running at phase %d.", phase), "info", false)
attackerStateInit(true)
err := attackerStatePutPhaseUpdate(valPrincipalStates[0], phase)
valPrincipalStatePureResolved := constructPrincipalStateClone(valPrincipalStates[0], true)
valPrincipalStatePureResolved, err := valueResolveAllPrincipalStateValues(valPrincipalStatePureResolved, attackerStateGetRead())
if err != nil {
return err
}
err = attackerStatePutPhaseUpdate(valPrincipalStatePureResolved, phase)
if err != nil {
return err
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment