recursion.pl (1267B)
1 #!/usr/bin/env perl 2 3 # Find functions making recursive calls to themselves. 4 # (Multiple recursion where a() calls b() which calls a() not covered.) 5 # 6 # When the recursion depth might depend on data controlled by the attacker in 7 # an unbounded way, those functions should use iteration instead. 8 # 9 # Typical usage: framework/scripts/recursion.pl library/*.c 10 # 11 # Copyright The Mbed TLS Contributors 12 # SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later 13 14 use warnings; 15 use strict; 16 17 use utf8; 18 use open qw(:std utf8); 19 20 # exclude functions that are ok: 21 # - mpi_write_hlp: bounded by size of mbedtls_mpi, a compile-time constant 22 # - x509_crt_verify_child: bounded by MBEDTLS_X509_MAX_INTERMEDIATE_CA 23 my $known_ok = qr/mpi_write_hlp|x509_crt_verify_child/; 24 25 my $cur_name; 26 my $inside; 27 my @funcs; 28 29 die "Usage: $0 file.c [...]\n" unless @ARGV; 30 31 while (<>) 32 { 33 if( /^[^\/#{}\s]/ && ! /\[.*]/ ) { 34 chomp( $cur_name = $_ ) unless $inside; 35 } elsif( /^{/ && $cur_name ) { 36 $inside = 1; 37 $cur_name =~ s/.* ([^ ]*)\(.*/$1/; 38 } elsif( /^}/ && $inside ) { 39 undef $inside; 40 undef $cur_name; 41 } elsif( $inside && /\b\Q$cur_name\E\([^)]/ ) { 42 push @funcs, $cur_name unless /$known_ok/; 43 } 44 } 45 46 print "$_\n" for @funcs; 47 exit @funcs;