diff --git a/tools/fbi/src/CMakeLists.txt b/tools/fbi/src/CMakeLists.txt index 3568dad4..33e0c9c2 100644 --- a/tools/fbi/src/CMakeLists.txt +++ b/tools/fbi/src/CMakeLists.txt @@ -6,7 +6,7 @@ add_executable(fbi find_bug_inj.cpp) set_property(TARGET fbi PROPERTY CXX_STANDARD 17) #if (${DEBUG}) -# target_compile_options(fbi PRIVATE -fno-omit-frame-pointer -g -O0) + target_compile_options(fbi PRIVATE -fno-omit-frame-pointer -g -O0) #else() # target_compile_options(fbi PRIVATE -flto -O3) # set_target_properties(fbi PROPERTIES LINK_FLAGS "-flto -fuse-ld=gold") diff --git a/tools/fbi/src/find_bug_inj.cpp b/tools/fbi/src/find_bug_inj.cpp index ba7cab00..789d482b 100644 --- a/tools/fbi/src/find_bug_inj.cpp +++ b/tools/fbi/src/find_bug_inj.cpp @@ -43,6 +43,7 @@ extern "C" { #include "lava_version.h" #include #include +#include #define CBNO_TCN_BIT 0 #define CBNO_CRD_BIT 1 @@ -246,13 +247,13 @@ void update_unique_taint_sets(Json::Value& tquls) { int max_index = tquls["label"].size() - 1; if (it == ptr_to_labelset.end() || p < it->first) { - std::vector vec; - // Populate contents of vector with that of "label" - for (Json::Value& element : tquls["label"]) { - vec.push_back(std::strtoul(element.asString().c_str(), 0, 0)); - } + std::vector vec; + // Populate contents of vector with that of "label" + for (Json::Value& element : tquls["label"]) { + vec.push_back(std::strtoul(element.asString().c_str(), 0, 0)); + } - const LabelSet *ls = create(LabelSet{0, p, inputfile, vec}); + const LabelSet *ls = create(LabelSet{0, p, inputfile, vec}); ptr_to_labelset.insert(it, std::make_pair(p, ls)); auto &labels = ls->labels; @@ -1006,7 +1007,7 @@ int main (int argc, char **argv) { if (curtail == 0) { // Will be 0 unless specified on command line if (!project["curtail_fbi"].isUInt()) { curtail = 0; - }else{ + } else{ // null should never happen, if it does we'll violate an assert in the asUInt curtail = std::strtoul(project.get("curtail_fbi", Json::Value::null).asString().c_str(), 0, 0); } @@ -1016,8 +1017,35 @@ int main (int argc, char **argv) { inputfile = std::string(argv[4]); std::string db_name = project["db"].asString() + host.get("db_suffix", "").asString(); - db.reset(new odb::pgsql::database("postgres", "postgrespostgres", - db_name, "localhost")); + std::string DBHost = host.get("host", "database").asString(); + int DBPort = host.get("port", 5432).asInt(); + + const char* pgpass = std::getenv("PGPASS"); + const char* pguser = std::getenv("PGUSER"); + if (pgpass) { + // PGPASS environment variable is set, and pgpass points to its value. + std::cout << "PGPASS IS SET" << std::endl; + } else { + // PGPASS environment variable is not set. + std::cout << "PGPASS is not set" << std::endl; + exit(1); + } + + if (pguser) { + // PGUSER environment variable is set, and pgpass points to its value. + std::cout << "PGUSER IS SET: " << pguser << std::endl; + } else { + // PGUSER environment variable is not set. + std::cout << "PGUSER is not set" << std::endl; + exit(1); + } + + std::cout << "Name: " << db_name << std::endl; + std::cout << "Host: " << DBHost << std::endl; + std::cout << "Port: " << DBPort << std::endl; + + db.reset(new odb::pgsql::database(pguser, pgpass, + db_name, DBHost, DBPort)); /* re-read pandalog, this time focusing on taint queries. Look for dead available data, attack points, and thus bug injection oppotunities @@ -1035,12 +1063,13 @@ int main (int argc, char **argv) { // collect log entries that have same instr count (and pc). // these are to be considered together. // Panda__LogEntry *ple; - //ple = pandalog_read_entry(); + //ple = pandalog_read_entry(); //if (ple == NULL) { - // break; - //} + // break; + //} - num_entries_read++; + num_entries_read++; + // std::cout << "*** Reading Entry " << num_entries_read << "\n"; if ((num_entries_read % 10000) == 0) { printf("processed %lu pandalog entries \n", num_entries_read); std::cout << num_bugs_added_to_db << " added to db "