Pawn Linting/Static Analysis
#21

Sadly I didn't have time to finish this project, I'm focusing on a Redis plugin instead. I may come back to this but I'd like to rewrite it in Go instead of Python as I think I could develop and test it much faster.
Reply
#22

As long as it's open source, it's fine by me
Reply
#23

I've actually *finally* started this project! woo!

The code and a roadmap is here: https://github.com/Southclaws/pawn-parser

Thanks to the existing code from the Golang scanner/token packages, most of the hard work is already done! What I've done is forked those packages and I'll modify them to fit Pawn soon.

First of all, I'll write a set of test cases and shape the codebase to parse it.

Once that's done, I'll write a VS Code plugin!

of course by that time pawn will be long dead but hey ho
Reply
#24

Pawn will always live (at least in my heart). Can't wait for this project, maybe I'll write sublime plugin.
Reply
#25

Quote:
Originally Posted by [HLF]Southclaw
Посмотреть сообщение
I've actually *finally* started this project! woo!
I'll write a VS Code plugin!
Yes please
Reply
#26

Your best option AFAIK is to work your way up from a C or JS linter. I'm fairly sure there hasn't been any progress on this, or we'd have heard about it by now (us or g00gle FWIW).
Reply
#27

Yeah I'm working on it, I'm using the Golang parser as a base which has proved quite easy to migrate from. Tokenisation is working, now I've just got to build the AST.
Reply
#28

Oh never mind, for some reason I wasn't watching the proper page and didn't realize you had only been working two weeks on the project when I posted. Great job if tokenisation works, congratulations!
Reply
#29

Hi, are you going to continue your project? I'd help, but im not a Go guy
Reply
#30

Quote:
Originally Posted by Misiur
Посмотреть сообщение
Hi, are you going to continue your project? I'd help, but im not a Go guy
Yeah still interested! I've got tokenisation done and started on the AST part - if you've done C then Go will be very easy to pick up (especially since this project won't be using any concurrency features of Go so it'll be straight and simple procedural code!)

It's on GitHub if you're interested, I could do with documenting bits of it but I'm mostly offline now due to a lack of internet connection so I'll probably pick up the pace a bit once I have that sorted!
Reply
#31

There's a lot of cool stuff you can do once you have an AST. It's fun to do, too.

I built a basic PAWN lexer/parser for my bachelor thesis which was about using static analysis to find possible vulnerabilities.
By traversing the AST, it could find buffer overflows due to format size being larger than the enum element size, which was an actual scenario a friend struggled with when trying to find the cause of an unexplainable bug.



I would open source it but this is kinda what I got to do at work (it's also where I wrote that thesis) and it's probably not allowed due to IP transfer etc.

edit: image url
Reply
#32

Damn! That's a shame. Can you answer a few questions for me though? In which language did you write it? What's the performance of it for a "standard", non-modular, say, 100k lines project? How it deals with preprocessor macros, or does it work with output dumped via "-l"?
Reply
#33

Good Luck
Reply
#34

Quote:
Originally Posted by Misiur
Посмотреть сообщение
Damn! That's a shame. Can you answer a few questions for me though? In which language did you write it? What's the performance of it for a "standard", non-modular, say, 100k lines project? How it deals with preprocessor macros, or does it work with output dumped via "-l"?
Java, it was the easiest to get going quickly at that time
It uses the -l output
It's far from complete, it can barely do the test code I used for the POC I made. I basically started making a tokenizer and parser from the concepts I know and continued from there, so there were some things I did terribly and hacked together quite a few things (I wanted the POC to work and I postponed too much), so it's not the best code at all, but it taught me a lot and I have some things that I would do in different way if I ever redo or complete this.
So that being said, I just copied the 25-ish lines of the test code I used until I got a 101k line lst, took 131188ms to process.
Reply


Forum Jump:


Users browsing this thread: 7 Guest(s)