| Parent functions | " - html += "Callpaths | " - html += "" + html = "" + count = 0 for parent_func in callpath_dict.keys(): func_link, line = self._retrieve_function_link( - parent_func, proj_profile, target_name) + parent_func, proj_profile, target_func.function_name) callpath_list = callpath_dict[parent_func] - html += "
|---|---|
| "
- html += f"{parent_func.function_name} " - html += f"in " - html += f"{parent_func.function_source_file}:{line}" - html += " | "
- count = 0
# Sort callpath by its depth, assuming shallowest depth is
# the function call closest to the target function
@@ -407,13 +399,11 @@ def _handle_callpath_dict(
for callpath in callpath_list:
count += 1
self.index += 1
+ callpath.append(target_func)
callpath_link = self._generate_callpath_page(
callpath, proj_profile)
if count <= 20:
html += f"Path {count} " - html += " |
" - "This section contains multiple tables, each table contains " - "list of sink functions/methods found in the project for one " - "of the CWE supported by the sink analyser, together with " - "information likes which fuzzers statically reach the sink " - "functions/methods and possible call path to that sink " - "fucntions/methods if it is not statically reached by any " - "fuzzers. Column 1 is the function/method name of the sink " - "functions/methods found in the project. Column 2 lists all " - "fuzzers (or no fuzzers at all) that have covered that particular " - "function method statically. Column 3 shows list of possible callpath " - "to reach the specific function/method call if none of the fuzzers " - "cover the target function/method calls. Lastly, column 4 shows possible " - "fuzzer blockers that avoid an existing fuzzer reaching the target sink " - "functions/methods dynamically." + "This section contains multiple tables, each table " + "contains a list of sink functions/methods found in " + "the project for one of the CWE supported by the sink " + "analyser, together with information like which fuzzers " + "statically reach the sink functions/methods and possible " + "call path to that sink functions/methods if it is not " + "statically reached by any fuzzers. Column 1 is the " + "function/method name of the sink functions/methods found " + "in the project. Column 2 lists all fuzzers (or no fuzzers " + "at all) that have covered that particular function method " + "statically. Column 3 shows a list of possible call paths " + "to reach the specific function/method call if none of the " + "fuzzers cover the target function/method calls. Lastly, " + "column 4 shows possible fuzzer blockers that prevent an " + "existing fuzzer from reaching the target sink functions/methods " + "dynamically." "
") for cwe in CWES: @@ -620,11 +614,14 @@ def analysis_func(self, "Is this code reachable by any fuzzer functions? " "Based on static analysis."), ("Function call path", - "All call path of the project calling to each sink function. " - "Group by functions directly calling the sink function."), + "All call paths of the project calling to each sink function. " + "This column is only shown if no fuzzer statically reached " + "the target sink function.") ("Possible branch blockers", "Determine which branch blockers avoid fuzzers to cover the" - "sink function during runtime and its information")]) + "sink function during runtime and its information. This column " + "is only shown if there is fuzzer statically reached the " + "target sink function but failed to reach it dynamically.")]) html_string += html_rows html_string += ""