Skip to content

Instantly share code, notes, and snippets.

@vlad902

vlad902/negation_query.groovy

Last active November 6, 2016 07:16
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save vlad902/99d2f889b7f34b793ebfc0b44560d27a to your computer and use it in GitHub Desktop.
Save vlad902/99d2f889b7f34b793ebfc0b44560d27a to your computer and use it in GitHub Desktop.
Download ZIP
Find likely signed integer overflows with octopus/gremlin
Raw
negation_query.groovy
// Cute octopus/gremlin query to find all expressions of the form 'foo < 0 ? foo : -foo', these cases are
// likely to not take signed overflow into account, e.g. 0x80000000 (negative signed int max) * -1 = 0x80000000.
g.V().has('type', 'ConditionalExpression')
.sideEffect { lval = g.V(it.get()).out(AST_EDGE).has('childNum', '1')[0].value('code').replace("- ", "") }
.filter { lval.matches("[^0-9].*") }
.sideEffect { rval = g.V(it.get()).out(AST_EDGE).has('childNum', '2')[0].value('code').replace("- ", "") }
.filter { lval == rval }
.out(AST_EDGE).has('childNum', '0').astNodes().filter { it.get().value('code') == lval }
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment