Skip to content

Merges function sections #6579

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
kaoudis wants to merge 112 commits into
base: master
Choose a base branch
from
Open

Merges function sections #6579

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
112 commits
Select commit Hold shift + click to select a range
76d77f7
add ignoring vector types to gep tainting - otherwise I think we over…
kaoudis Dec 2, 2024
f39a88b
merge the relevant bits of the separate function tracing pass into tc…
kaoudis Dec 3, 2024
2eee49b
remove ftrace argument uses
kaoudis Dec 3, 2024
d48a4f3
raise the ValueError without entering the target iteration loop for t…
kaoudis Dec 3, 2024
7fa6086
start setting up tests for how I would like the fn section to work
kaoudis Dec 3, 2024
b75f4b1
clean up an extraneous test comment; amend doc
kaoudis Dec 4, 2024
7fd92f3
alphabetic order is a bit easier to read unless there's something goi…
kaoudis Dec 4, 2024
6cdb854
remove unit test whose functionality was partly deleted / partly migr…
kaoudis Dec 4, 2024
83db76e
remove deleted unit tests from CMake
kaoudis Dec 4, 2024
285126d
modify fnmapping so that the mapping is: cflog(function_id), fnmappin…
kaoudis Dec 4, 2024
9e74b5c
update fnmapping unit test to involve function id as well
kaoudis Dec 4, 2024
eff25e0
first whack at recording function names to the cflog -> fnmapping -> …
kaoudis Dec 4, 2024
fd0b4c3
Revert "first whack at recording function names to the cflog -> fnmap…
kaoudis Dec 5, 2024
9420980
record function names from the cflog pass through the instrumentation…
kaoudis Dec 6, 2024
5ccf933
write the function ID as well as the string table offset of the mangl…
kaoudis Dec 6, 2024
6ffa345
temporarily test just that the functions were written correctly and c…
kaoudis Dec 6, 2024
3c569ec
test_polytracker seems to only cover PolyTrackerTrace, so rename it
kaoudis Dec 6, 2024
52917c8
test_stdin is hanging for some reason, maybe due to how I'm writing t…
kaoudis Dec 6, 2024
7d5e49b
sketch adding function_id in the right place; adds print statements t…
kaoudis Dec 9, 2024
fe20c52
refactor the strings table; all C++ tests but for one pass
kaoudis Dec 11, 2024
e5e0efd
refactors the string table somewhat - be more defensive about strings…
kaoudis Dec 12, 2024
6702de5
a sketchy steel thread version of functions not coming from json file…
kaoudis Dec 12, 2024
f6917a4
adds a cflog label test
kaoudis Dec 12, 2024
26a2ea1
first step toward removing json writer: don't write to the file
kaoudis Dec 12, 2024
8df5eec
remove json writing frmo control flow low
kaoudis Dec 12, 2024
3e69c3b
remove apparently unused function defn from the TCF header
kaoudis Dec 12, 2024
49710b9
remove functionality that calls function that doesn't exist in an eff…
kaoudis Dec 12, 2024
06954dd
inserts missing semicolon
kaoudis Dec 12, 2024
1116696
remove extraneous header
kaoudis Dec 12, 2024
5dda183
gets rid of the argument --taint since we do that currently by default
kaoudis Dec 13, 2024
581f21c
add guards since for some reason the new functions section means the …
kaoudis Dec 13, 2024
2625d02
retain (deprecated) backward compatibility to be able to read older t…
kaoudis Dec 13, 2024
ec28b4a
fix sections reference
kaoudis Dec 13, 2024
a6a4db1
remove slightly inaccurate message
kaoudis Dec 13, 2024
d9d1702
related to previous change, fix test
kaoudis Dec 13, 2024
0d84bb8
slightly clearer label repr for tainted event
kaoudis Dec 13, 2024
e9a864f
fix weird compiler warning that is oddly in the region I was just loo…
kaoudis Dec 13, 2024
8c7c6aa
instrument-targets msg improvement while I'm thinking about ordering …
kaoudis Dec 13, 2024
5dd7208
fix seg faulting test binary: a string_view over unowned data may pre…
kaoudis Feb 21, 2025
4eb2abe
add a C++ standard to C++ test binary building so test binaries behav…
kaoudis Feb 21, 2025
6828c79
moves DRY usage out of the test framework and into the called code so…
kaoudis Feb 21, 2025
a9dac53
adds explanatory comment
kaoudis Feb 21, 2025
6d4c0ec
removes extraneous comments
kaoudis Feb 21, 2025
5109db7
minor naming cleanup
kaoudis Feb 21, 2025
34011d4
finish commented out tdag test
kaoudis Feb 24, 2025
412b786
add test inputs locale to gitignore
kaoudis Feb 24, 2025
5f67bb1
trunk fmt go brrr
kaoudis Feb 24, 2025
45ce1cf
fix some, but not all, bitrot in Dockerfiles not included in the poly…
kaoudis Feb 24, 2025
78576f5
removes docs todo
kaoudis Feb 24, 2025
794ad8b
trunk lint
kaoudis Feb 24, 2025
e855aad
removes stray todo
kaoudis Feb 24, 2025
1ce1041
stems out the cflog-instrumented bitcode so that it is comparable to …
kaoudis Feb 24, 2025
e477351
Revert "trunk lint"
kaoudis Feb 24, 2025
05c5b84
Reapply "trunk lint"
kaoudis Feb 24, 2025
d22027e
Revert "trunk fmt go brrr"
kaoudis Feb 24, 2025
0b21c51
whilst making more sense of the tdag tests fix the string table comments
kaoudis Feb 24, 2025
55d074d
fix Dockerfile casing warning
kaoudis Mar 5, 2025
c306dc2
cleans up unit tests and fleshes out the integration test with all cu…
kaoudis Mar 6, 2025
47b0121
trunk fmt
kaoudis Mar 6, 2025
8350eb2
document tests
kaoudis Mar 6, 2025
b960e16
completed numbers
kaoudis Mar 24, 2025
72d789d
pin daedalus for the pdf example
kaoudis Mar 24, 2025
046769b
note about weird sizing
kaoudis Mar 24, 2025
50cfd0e
note about daedalus
kaoudis Mar 24, 2025
1128eb6
trunk fmt'd
kaoudis Mar 24, 2025
39b593e
fixes 'Multiple top-level headings in the same document markdownlint…
kaoudis Mar 25, 2025
683083a
turn off some of the linter crud
kaoudis Mar 25, 2025
1d02686
apparently ruff.toml wasn't being found
kaoudis Mar 25, 2025
2cffa2d
fix trunk linter issues with the build workflow, mainly bumps depende…
kaoudis Mar 25, 2025
f191df9
shushes some more linter crud and bumps the go and node versions, rem…
kaoudis Mar 25, 2025
d20b845
shush the linter
kaoudis Mar 25, 2025
a9cafd0
shush the linter
kaoudis Mar 25, 2025
5bf05de
use squashing lint bugs as an excuse to throw descriptive errors inst…
kaoudis Mar 25, 2025
21f4eef
use correct comparison for types and squash some function-level type …
kaoudis Mar 25, 2025
fc69142
linters, hush
kaoudis Mar 25, 2025
dbd12a7
fixes the running of the c++ tests at least locally in act, maybe fix…
kaoudis Mar 25, 2025
47a0381
don't need to grant top level read permissions
kaoudis Mar 25, 2025
c828f9c
trunk fmt
kaoudis Mar 25, 2025
e485ef1
use working source loc for poppler
kaoudis Mar 25, 2025
f67d249
progress toward fixing the vector type errors - and making things a b…
kaoudis Apr 2, 2025
2406a5a
serves me right for letting cursor do stuff and not thinking about it
kaoudis Apr 3, 2025
641a620
try turning off qt6 tests too?
kaoudis Apr 3, 2025
4d64bde
comment
kaoudis Apr 3, 2025
8c6e5c7
try refining the tainted control flow pass in the same fashion as the…
kaoudis Apr 3, 2025
be949d6
handle vector types and constants properly
kaoudis Apr 3, 2025
4d70bfa
got experiment with taint tracking working - try this
kaoudis Apr 3, 2025
21ea2dd
oops - checkout does mean we need to have everything committed
kaoudis Apr 3, 2025
2713aa8
adn qpdf
kaoudis Apr 3, 2025
2c260bd
try it with the tcf pass, just without the extra instructions... whic…
kaoudis Apr 4, 2025
f59a0de
adds select back
kaoudis Apr 4, 2025
b9eb6d4
adds ibi back
kaoudis Apr 4, 2025
0a7a30a
adds invoke back
kaoudis Apr 4, 2025
2a414b8
oops, uncomment out the indirect and invoke
kaoudis Apr 4, 2025
121968b
try adding cflog back to mupdf example
kaoudis Apr 4, 2025
9f451dc
try without extra instrs
kaoudis Apr 4, 2025
c1d0895
try without switch
kaoudis Apr 4, 2025
4e2e77c
try with just gep - and checking if the vector element type is constant
kaoudis Apr 4, 2025
8fb2938
cast to vector first before getting element
kaoudis Apr 4, 2025
3ac4fab
cast to vector first before getting element
kaoudis Apr 4, 2025
7242c02
try checking vector value type
kaoudis Apr 4, 2025
2cedbd3
try commenting out the actual insertion and the sign extension to see…
kaoudis Apr 4, 2025
8227b5e
oops, made the way we were visiting instrs transparent, but not the a…
kaoudis Apr 4, 2025
4a4681a
align extraction index with the size of label_ty
kaoudis Apr 4, 2025
285753c
turn select back on in tcf
kaoudis Apr 4, 2025
5bcc226
ughhhh try with all the instrs except gep commented out again
kaoudis Apr 4, 2025
bea7a67
experiment with following the pattern used for the taint tracking ins…
kaoudis Apr 4, 2025
0ef0523
why do we explicitly declare the dsfw version? gonna fafo I suppose
kaoudis Apr 4, 2025
9d4f790
okay, try being custom
kaoudis Apr 4, 2025
1e6d9a4
try a static cast of what is passed from the dfsw to the main instr fn
kaoudis Apr 4, 2025
410ae10
try with NO visitors to see if even that breaks
kaoudis Apr 4, 2025
00fab6d
uncomment branch
kaoudis Apr 4, 2025
a5ebbb3
uncomment branch
kaoudis Apr 4, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions .flake8
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# Autoformatter friendly flake8 config (all formatting rules disabled)
[flake8]
extend-ignore = D1, D2, E1, E2, E3, E501, W1, W2, W3, W5
28 changes: 19 additions & 9 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
name: Build

permissions: {}
on:
workflow_dispatch: {}

push:
branches:
- "master"
- master

tags:
- "*"
Expand All @@ -21,16 +21,16 @@ jobs:

steps:
- name: Clone polytracker repository
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
submodules: true
fetch-depth: 1

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3

- name: Build and export
uses: docker/build-push-action@v4
uses: docker/build-push-action@v5
with:
context: .
tags: trailofbits/polytracker:latest
Expand All @@ -57,7 +57,17 @@ jobs:
- name: Load image
run: docker load --input /tmp/polytracker.tar

- name: Run tests
- name: C++ (write side) tests
uses: addnab/docker-run-action@v3
with:
image: trailofbits/polytracker:latest
run: |
cd /polytracker-build/unittests/src/taintdag && \
pwd && \
chmod +x tests-taintdag && \
./tests-taintdag

- name: Python (integration) tests
uses: addnab/docker-run-action@v3
with:
image: trailofbits/polytracker:latest
Expand All @@ -73,7 +83,7 @@ jobs:

steps:
- name: Clone polytracker repository
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
submodules: true
fetch-depth: 1
Expand All @@ -88,10 +98,10 @@ jobs:
run: docker load --input /tmp/polytracker.tar

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3

- name: Build ${{ matrix.example }}
uses: docker/build-push-action@v4
uses: docker/build-push-action@v5
with:
context: examples
file: examples/Dockerfile-${{ matrix.example }}.demo
Expand Down
3 changes: 2 additions & 1 deletion .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,4 +16,5 @@ __pycache__
/Default/
polytracker.egg-info
/polytracker.egg-info
compile_commands.json
compile_commands.json
/test_inputs/*
1 change: 1 addition & 0 deletions .trunk/.gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,4 @@
plugins
user_trunk.yaml
user.yaml
tmp
58 changes: 35 additions & 23 deletions .trunk/trunk.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,44 +1,56 @@
version: 0.1
cli:
version: 1.14.1
version: 1.22.11
plugins:
sources:
- id: trunk
ref: v1.2.1
ref: v1.6.7
uri: https://github.com/trunk-io/plugins
runtimes:
enabled:
- go@1.19.5
- node@18.12.1
- go@1.21.0
- node@18.20.5
- python@3.10.8
lint:
threshold:
- linters: [ALL]
level: high
ignore:
- linters: [ALL]
paths:
- polytracker/src/compiler-rt/**
- third_party/**
- linters: [bandit]
paths:
- tests/**
definitions:
- name: flake8
direct_configs:
- .flake8

enabled:
- taplo@0.8.1
- actionlint@1.6.25
- bandit@1.7.5
- black@23.7.0
- checkov@2.4.5
- taplo@0.9.3
- actionlint@1.7.7
- bandit@1.8.3
- black@25.1.0
- checkov@3.2.390
- clang-format@16.0.3
- flake8@6.1.0
- flake8@7.1.2
- git-diff-check
- hadolint@2.12.0
- isort@5.12.0
- markdownlint@0.35.0
- mypy@1.5.1
- oxipng@8.0.0
- prettier@3.0.2
- ruff@0.0.285
- shellcheck@0.9.0
- hadolint@2.12.1-beta
- isort@6.0.1
- markdownlint@0.44.0
- mypy@1.15.0
- oxipng@9.1.4
- prettier@3.5.3
- ruff@0.11.1
- shellcheck@0.10.0
- shfmt@3.6.0
- svgo@3.0.2
- terrascan@1.18.3
- trivy@0.44.1
- trufflehog@3.48.0
- yamllint@1.32.0
- svgo@3.3.2
- terrascan@1.19.1
- trivy@0.60.0
- trufflehog@3.88.18
- yamllint@1.36.2
actions:
disabled:
- trunk-announce
Expand Down
4 changes: 2 additions & 2 deletions CMakeLists.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,13 +22,13 @@ endif()

set(CMAKE_CXX_STANDARD 20)

add_subdirectory(third_party/Catch2)
list(APPEND CMAKE_MODULE_PATH "${PROJECT_SOURCE_DIR}/third_party/Catch2/contrib")
add_subdirectory(third_party/indicators)
set(SPDLOG_NO_EXCEPTIONS TRUE)
add_subdirectory(third_party/spdlog)

add_subdirectory(polytracker)

enable_testing()
add_subdirectory(third_party/Catch2)
list(APPEND CMAKE_MODULE_PATH "${PROJECT_SOURCE_DIR}/third_party/Catch2/contrib")
add_subdirectory(unittests/src/taintdag)
10 changes: 5 additions & 5 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
# Build base image
FROM ubuntu:jammy as base
FROM ubuntu:jammy AS base

LABEL org.opencontainers.image.authors="evan.sultanik@trailofbits.com"

Expand Down Expand Up @@ -41,7 +41,7 @@ RUN GO111MODULE=off go get github.com/SRI-CSL/gllvm/cmd/...
ENV PATH=$PATH:/root/go/bin

# Clone llvm to build `libc++` from source
FROM base as llvm-sources
FROM base AS llvm-sources

RUN git clone --depth 1 --branch llvmorg-13.0.0 https://github.com/llvm/llvm-project.git /llvm-project

Expand All @@ -54,7 +54,7 @@ RUN git clone --depth 1 --branch llvmorg-13.0.0 https://github.com/llvm/llvm-pro

# Build "clean" `libc++` with `gclang`. Used to link the uninstrumented
# target of the user project. Installed into `/cxx_lib/clean_build`.
FROM llvm-sources as clean-libcxx
FROM llvm-sources AS clean-libcxx

ENV WLLVM_BC_STORE=/cxx_clean_bitcode
RUN mkdir -p $WLLVM_BC_STORE
Expand All @@ -78,7 +78,7 @@ RUN cmake --build $LIBCXX_BUILD_DIR --target install-cxx install-cxxabi -j$((`np

# Build "poly" `libc++` with `gclang`. Used to link the instrumented
# target of the user project. Installed into `/cxx_lib/poly_build`.
FROM clean-libcxx as poly-libcxx
FROM clean-libcxx AS poly-libcxx

ENV WLLVM_BC_STORE=/cxx_poly_bitcode
RUN mkdir -p $WLLVM_BC_STORE
Expand All @@ -104,7 +104,7 @@ RUN cmake -GNinja \
RUN cmake --build $LIBCXX_BUILD_DIR --target install-cxx install-cxxabi -j$((`nproc`+1))

# Build and install the polytracker
FROM poly-libcxx as polytracker
FROM poly-libcxx AS polytracker

ARG DFSAN_FILENAME_ARCH=x86_64

Expand Down
7 changes: 3 additions & 4 deletions docs/tdag.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -37,10 +37,9 @@ Some specifics:
- [Sources](../polytracker/src/taint_sources/taint_sources.cpp) contains source labels (byte offsets into the input)
- The Source Label Index is a bitmap that defines how to index the sources section.
- [Sinks](../polytracker/include/taintdag/sink.h) contains sink labels (representing bytes of the output)
- [Strings](../polytracker/include/taintdag/string_table.h) todo(kaoudis) the string table is used in conjunction with the fnmapping to put together an earlier version of the control flow log used for grammar extraction
- [Functions](../polytracker/include/taintdag/fnmapping.h) todo(kaoudis) this contains an early version of the function list part of the control flow log used for grammar extraction
- [Events](../polytracker/include/taintdag/fntrace.h) todo(kaoudis) this contains an early version of the entry and exit events used to structure the control flow log
- [Control Flow Log](../polytracker/include/taintdag/control_flow_log.h): this consists of the function entry and exit records we need to reconstruct the call stack that data flow passed through.
- [Strings](../polytracker/include/taintdag/string_table.h) the string table is a section with two current purposes: it contains names of sources, and also the function names used with the functions section to map to the control flow log. Its design is general purpose: it can store any type of stringly data we eventually decide to store.
- [Functions](../polytracker/include/taintdag/fnmapping.h) todo(kaoudis) this section maps the low-level function identifiers used in the cflog to the actual (mangled) names in the strings table. see tests/test_cf_log.py for how this layout looks/works.
- [Control Flow Log](../polytracker/include/taintdag/control_flow_log.h): this consists of the function entry and exit records we need to reconstruct the call stack that data flow ("tainted control flow" or "control affecting data flow" are ways that we have referred to this subset of data flow) passed through, plus recorded function ids that can be mapped back through the Functions section to the String Table to get mangled symbols. see test_cf_log.py and unittests/src/taintdag/tdag.cpp for details of how this looks/works.

## TDAG Contents

Expand Down
2 changes: 1 addition & 1 deletion examples/Dockerfile-acropalypse.demo
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,5 +27,5 @@ RUN CPPFLAGS="-I$(pwd)/zlib-1.2.13/include" LDFLAGS="-L$(pwd)/zlib-1.2.13/lib" p
RUN polytracker extract-bc -o pngtest.bc pngtest

RUN llvm-link -o pngtest-linked.bc pngtest.bc libz.bc
RUN polytracker instrument-bc --taint --ftrace pngtest-linked.bc -o instrumented.bc
Copy link
Contributor Author

@kaoudis kaoudis Mar 24, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

we do --taint by default now, and --ftrace became part of --cflog!

RUN polytracker instrument-bc --cflog pngtest-linked.bc -o instrumented.bc
RUN polytracker lower-bc instrumented.bc -t pngtest -o pngtest.instrumented
2 changes: 1 addition & 1 deletion examples/Dockerfile-daedalus-nitf.demo
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,5 +30,5 @@ RUN cabal run ../../:daedalus -- compile-c++ nitf_main.ddl --out-dir=cpp_parser

WORKDIR /polytracker/the_klondike/daedalus/formats/nitf/cpp_parser
RUN polytracker build make parser && \
polytracker instrument-targets --taint --ftrace parser --ignore-lists gmp ssl libz && \
polytracker instrument-targets --cflog parser --ignore-lists gmp ssl libz && \
mv parser.instrumented parser-track
5 changes: 3 additions & 2 deletions examples/Dockerfile-daedalus-pdf.demo
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,11 +4,12 @@ RUN mkdir -p /polytracker/the_klondike

WORKDIR /polytracker/the_klondike

ENV DEBIAN_FRONTEND=noninteractive
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get -y upgrade && apt-get install -y git pkg-config

RUN git clone --recursive https://github.com/GaloisInc/daedalus.git
WORKDIR /polytracker/the_klondike/daedalus
RUN git checkout 46a2502a8c68b17534079356a71af90e87801fdc

FROM trailofbits/polytracker:latest
LABEL org.opencontainers.image.authors="evan.sultanik@trailofbits.com"
Expand All @@ -30,5 +31,5 @@ WORKDIR /polytracker/the_klondike/daedalus/formats/pdf/new/c++

RUN polytracker build cmake -S . -B build
RUN polytracker build cmake --build build --target parser-test -j$(nproc)
RUN polytracker instrument-targets --taint --ftrace parser-test --ignore-lists gmp ssl libz
RUN polytracker instrument-targets --cflog parser-test --ignore-lists gmp ssl libz
RUN mv parser-test.instrumented parser-test-track
2 changes: 1 addition & 1 deletion examples/Dockerfile-ffmpeg.demo
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ RUN ../configure --disable-everything \
--disable-asm

RUN polytracker build make -j$((`nproc`+1))
RUN polytracker instrument-targets --taint --ftrace ffmpeg_g --ignore-lists libz
RUN polytracker instrument-targets --cflog ffmpeg_g --ignore-lists libz
RUN mv ffmpeg_g.instrumented ffmpeg_track

# Use the following command to transcode a `.mov` h264/aac file to an `.avi` raw/aac file
Expand Down
2 changes: 1 addition & 1 deletion examples/Dockerfile-file.demo
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,5 +16,5 @@ RUN git fetch --tags && \
RUN autoreconf -fiv
RUN ./configure --prefix=/polytracker/the_klondike/bin/ --disable-shared
RUN polytracker build make -j$((`nproc`+1)) install
RUN polytracker instrument-targets --taint --ftrace file --ignore-lists libz
RUN polytracker instrument-targets --cflog file --ignore-lists libz
RUN mv file.instrumented file_track
2 changes: 1 addition & 1 deletion examples/Dockerfile-jq.demo
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,4 +11,4 @@ WORKDIR /polytracker/the_klondike/jq
RUN autoreconf -fi
RUN ./configure --with-oniguruma=builtin CC=clang
RUN polytracker build make -j$((`nproc`+1))
RUN polytracker instrument-targets --taint --ftrace jq
RUN polytracker instrument-targets --cflog jq
2 changes: 1 addition & 1 deletion examples/Dockerfile-libjpeg.demo
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,6 @@ WORKDIR /polytracker/the_klondike/jpeg-9e/build
RUN ../configure LDFLAGS="-static"
# Build and instrument
RUN polytracker build make -j$((`nproc`+1))
RUN polytracker instrument-targets --taint --ftrace djpeg
RUN polytracker instrument-targets --cflog djpeg
# Create `djpeg_track`
RUN mv djpeg.instrumented djpeg_track
4 changes: 2 additions & 2 deletions examples/Dockerfile-listgen.demo
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ RUN apt update
#Update pkg-config/util-linux (needed for FontConfig)
RUN apt update
RUN apt install pkg-config uuid-dev gperf libtool \
gettext autopoint autoconf -y
gettext autopoint autoconf wget -y

RUN apt-get install python3-dev

Expand All @@ -38,7 +38,7 @@ RUN make -j5 install
WORKDIR /polytracker/the_klondike

#zlib
RUN wget https://www.zlib.net/zlib-1.2.11.tar.gz
RUN wget https://www.zlib.net/fossils/zlib-1.2.11.tar.gz
RUN tar -xzvf zlib-1.2.11.tar.gz
WORKDIR zlib-1.2.11
RUN ./configure --prefix=/usr && make -j$(nproc) test && make -j$(nproc) install
Expand Down
8 changes: 4 additions & 4 deletions examples/Dockerfile-mupdf.demo
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ RUN mkdir -p /polytracker/the_klondike

WORKDIR /polytracker/the_klondike

ENV DEBIAN_FRONTEND=noninteractive
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update && apt-get -y upgrade && apt-get install -y git pkg-config

RUN git clone --recursive --branch 1.20.0 git://git.ghostscript.com/mupdf.git
Expand All @@ -22,8 +22,8 @@ WORKDIR /polytracker/the_klondike/mupdf
RUN git checkout d00de0e96a4a5ec90ffc30837d40cd624a6a89e0
# Instrument mutool
RUN polytracker build make -j$((`nproc`+1)) HAVE_X11=no HAVE_GLUT=no prefix=/usr/local build=release install
RUN polytracker instrument-targets --taint --ftrace mutool
RUN polytracker instrument-targets --cflog mutool
RUN mv mutool.instrumented mutool_track
# Note, the /workdir directory is intended to be mounted at runtime
VOLUME ["/workdir"]
WORKDIR /workdir
# VOLUME ["/workdir"]
# WORKDIR /workdir
5 changes: 1 addition & 4 deletions examples/Dockerfile-nitro-nitf.demo
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,6 @@ RUN polytracker build cmake .. \

RUN polytracker build cmake --build . -j$((`nproc`+1)) --target show_nitf++

RUN polytracker instrument-targets \
--taint \
--ftrace \
show_nitf++
RUN polytracker instrument-targets --cflog show_nitf++

RUN mv show_nitf++.instrumented nitro_track
2 changes: 1 addition & 1 deletion examples/Dockerfile-openjpeg.demo
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,5 +20,5 @@ RUN polytracker extract-bc bin/opj_decompress -o opj_decompress.bc
RUN polytracker extract-bc bin/libopenjp2.a -o libopenjp2.a.bc
RUN llvm-link -only-needed opj_decompress.bc libopenjp2.a.bc -o exec.bc
RUN polytracker opt-bc exec.bc -o exec.bc
RUN polytracker instrument-bc --taint --ftrace exec.bc -o exec.bc -o exec.instrumented.bc
RUN polytracker instrument-bc --cflog exec.bc -o exec.bc -o exec.instrumented.bc
RUN polytracker lower-bc exec.instrumented.bc -t opj_decompress -o opj_decompress_track
1 change: 1 addition & 0 deletions examples/Dockerfile-pdfium.demo
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ RUN DEBIAN_FRONTEND=noninteractive apt-get install -y tzdata \

RUN DEBIAN_FRONTEND=noninteractive apt-get update \
&& DEBIAN_FRONTEND=noninteractive apt-get install -y \
curl \
git \
pkg-config \
sudo \
Expand Down
Loading
Loading