30.01.2018, 18:07
(
Последний раз редактировалось yugecin; 27.04.2018 в 21:14.
)
There's a lot of cool stuff you can do once you have an AST. It's fun to do, too.
I built a basic PAWN lexer/parser for my bachelor thesis which was about using static analysis to find possible vulnerabilities.
By traversing the AST, it could find buffer overflows due to format size being larger than the enum element size, which was an actual scenario a friend struggled with when trying to find the cause of an unexplainable bug.
I would open source it but this is kinda what I got to do at work (it's also where I wrote that thesis) and it's probably not allowed due to IP transfer etc.
edit: image url
I built a basic PAWN lexer/parser for my bachelor thesis which was about using static analysis to find possible vulnerabilities.
By traversing the AST, it could find buffer overflows due to format size being larger than the enum element size, which was an actual scenario a friend struggled with when trying to find the cause of an unexplainable bug.
I would open source it but this is kinda what I got to do at work (it's also where I wrote that thesis) and it's probably not allowed due to IP transfer etc.
edit: image url