Skip to content

Java: Introduce Modulus analysis.#301

Merged
semmle-qlci merged 9 commits into
github:masterfrom
aschackmull:java/modulus-analysis
Oct 18, 2018
Merged

Java: Introduce Modulus analysis.#301
semmle-qlci merged 9 commits into
github:masterfrom
aschackmull:java/modulus-analysis

Conversation

@aschackmull
Copy link
Copy Markdown
Contributor

@aschackmull aschackmull commented Oct 10, 2018

This replaces the parity analysis with a more general modulus analysis. The basis of the analysis is the same Bound class as is used in the range analysis, so the inferred facts are of the form: e = b + v (mod m) where e is an expression, b is a Bound, and v and m are integers. The simple case of a constant congruence fact e = v (mod m) is then given by exprModulus(e, any(ZeroBound zb), v, m) . This allows the range analysis to strengthen bounds further. As an example, for(int i = 0; i < 3*n; i+=3) is inferred to be equivalent to for(int i = 0; i < 3*n - 2; i+=3).

The gcd predicate is currently implemented only for small numbers, but will be replaced with the built-in predicate once 1.19 is released.

The PR is structured with individually reviewable commits.

@aschackmull aschackmull requested a review from a team as a code owner October 10, 2018 13:42
@aschackmull aschackmull force-pushed the java/modulus-analysis branch from 2ac1c3a to 1a66f7e Compare October 11, 2018 09:29
@aschackmull
Copy link
Copy Markdown
Contributor Author

aschackmull commented Oct 16, 2018

Added a commit including test to fix a regression relative to the ParityAnalysis when the array length is a constant.

yh-semmle
yh-semmle reviewed Oct 17, 2018
View reviewed changes
Comment thread java/ql/src/semmle/code/java/dataflow/ParityAnalysis.qll Outdated
@@ -1,4 +1,6 @@
/**
* DEPRECATED: semmle.code.java.dataflow.ModulusAnalysis instead.
Copy link
Copy Markdown
Contributor

@yh-semmle yh-semmle Oct 17, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing word "use" before the library name.

Ditto further below.

Copy link
Copy Markdown
Contributor Author

@aschackmull aschackmull Oct 17, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

fixed

@semmle-qlci semmle-qlci merged commit 3af91d5 into github:master Oct 18, 2018
@aschackmull aschackmull deleted the java/modulus-analysis branch October 18, 2018 07:24
aibaars pushed a commit that referenced this pull request Oct 14, 2021
@nickrolfe
Merge pull request #301 from github/fix_source_archive
dd31473 
Fix filenames in source archives
smowton added a commit to smowton/codeql that referenced this pull request Apr 16, 2022
@smowton
Merge pull request github#301 from github/smowton/feature/extract-clinit
cdd4a57 
Extract a clinit method for Kotlin files
MathiasVP pushed a commit to MathiasVP/ql that referenced this pull request Dec 16, 2025
@chanel-y
Merge pull request github#301 from microsoft/actually-require-string-…
651cc04 
…concat

PS: Actually require string concatenation in SQL injection query
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@yh-semmle yh-semmle yh-semmle approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

Java

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@aschackmull @yh-semmle @semmle-qlci