mirror of
https://github.com/espressif/mbedtls.git
synced 2025-07-13 18:20:30 +08:00
f80458a160
For easier maintenance the framework repository is flattened here and added to the forked branch in source format.
48 lines
1.2 KiB
Perl
Executable File
48 lines
1.2 KiB
Perl
Executable File
#!/usr/bin/env perl
|
|
|
|
# Find functions making recursive calls to themselves.
|
|
# (Multiple recursion where a() calls b() which calls a() not covered.)
|
|
#
|
|
# When the recursion depth might depend on data controlled by the attacker in
|
|
# an unbounded way, those functions should use iteration instead.
|
|
#
|
|
# Typical usage: framework/scripts/recursion.pl library/*.c
|
|
#
|
|
# Copyright The Mbed TLS Contributors
|
|
# SPDX-License-Identifier: Apache-2.0 OR GPL-2.0-or-later
|
|
|
|
use warnings;
|
|
use strict;
|
|
|
|
use utf8;
|
|
use open qw(:std utf8);
|
|
|
|
# exclude functions that are ok:
|
|
# - mpi_write_hlp: bounded by size of mbedtls_mpi, a compile-time constant
|
|
# - x509_crt_verify_child: bounded by MBEDTLS_X509_MAX_INTERMEDIATE_CA
|
|
my $known_ok = qr/mpi_write_hlp|x509_crt_verify_child/;
|
|
|
|
my $cur_name;
|
|
my $inside;
|
|
my @funcs;
|
|
|
|
die "Usage: $0 file.c [...]\n" unless @ARGV;
|
|
|
|
while (<>)
|
|
{
|
|
if( /^[^\/#{}\s]/ && ! /\[.*]/ ) {
|
|
chomp( $cur_name = $_ ) unless $inside;
|
|
} elsif( /^{/ && $cur_name ) {
|
|
$inside = 1;
|
|
$cur_name =~ s/.* ([^ ]*)\(.*/$1/;
|
|
} elsif( /^}/ && $inside ) {
|
|
undef $inside;
|
|
undef $cur_name;
|
|
} elsif( $inside && /\b\Q$cur_name\E\([^)]/ ) {
|
|
push @funcs, $cur_name unless /$known_ok/;
|
|
}
|
|
}
|
|
|
|
print "$_\n" for @funcs;
|
|
exit @funcs;
|