Skip to content

Instantly share code, notes, and snippets.

@vlad902
vlad902 / octopus_misc.groovy
Last active Dec 1, 2016
Random Octopus helper steps
View octopus_misc.groovy
/**
* Find code paths that go from a source function to a destination function
* (only detects direct calls)
*/
allPathsThatCanReach = { srcFunc, dstFunc ->
__allPathsThatCanReach(srcFunc, dstFunc, [dstFunc])
}
__allPathsThatCanReach = { srcFunc, dstFunc, path ->
if (srcFunc == dstFunc) {
@vlad902
vlad902 / cfgwalk.groovy
Created Nov 13, 2016
Octopus CFG walking code with very crude alias and taint analysis.
View cfgwalk.groovy
// Simplify the argument, e.g. '( struct foo* ) & bar' to 'bar'
strip = { traversal ->
if (traversal.clone().values('type')[0] == 'CastExpression') {
traversal = traversal.ithChildren('1')
}
traversal.values('code')[0].replace("& ", "").replace("* ", "")
}
// { 'aliasing_function': [ 'src_arg', 'dst_arg' ], ... }
@vlad902
vlad902 / negation_query.groovy
Last active Nov 6, 2016
Find likely signed integer overflows with octopus/gremlin
View negation_query.groovy
// Cute octopus/gremlin query to find all expressions of the form 'foo < 0 ? foo : -foo', these cases are
// likely to not take signed overflow into account, e.g. 0x80000000 (negative signed int max) * -1 = 0x80000000.
g.V().has('type', 'ConditionalExpression')
.sideEffect { lval = g.V(it.get()).out(AST_EDGE).has('childNum', '1')[0].value('code').replace("- ", "") }
.filter { lval.matches("[^0-9].*") }
.sideEffect { rval = g.V(it.get()).out(AST_EDGE).has('childNum', '2')[0].value('code').replace("- ", "") }
.filter { lval == rval }
.out(AST_EDGE).has('childNum', '0').astNodes().filter { it.get().value('code') == lval }
@vlad902
vlad902 / prettyprint.groovy
Created Oct 31, 2016
Octopus pretty print
View prettyprint.groovy
addStep('pp', { verbose=false ->
delegate.map({
result = ""
switch(it.get().class) {
case com.thinkaurelius.titan.graphdb.vertices.CacheVertex:
result = String.format("vertex id: %s\t%s", it.get().id().toString(),
it.get().properties().toList().stream()
.filter({ prop -> prop.value() != "" })
.sorted(Comparator.comparing({ prop -> prop.type.toString() }))
.map({ prop -> prop.type.toString() + ": " + prop.value() })
@vlad902
vlad902 / octopus_homebrew_python3.diff
Created Oct 31, 2016
Fix octopus octopusMlutils error: can't combine user with prefix, exec_prefix/home, or install_(plat)base
View octopus_homebrew_python3.diff
diff --git a/build.gradle b/build.gradle
index 74ff2a4..3211a21 100644
--- a/build.gradle
+++ b/build.gradle
@@ -24,7 +24,7 @@ allprojects {
task joernTools(type: Exec) {
workingDir './python/joern-tools'
- commandLine 'python3', 'setup.py', 'install', '--user'
+ commandLine 'python3', 'setup.py', 'install'
You can’t perform that action at this time.