fix: infinite recursive call when JSON.stringify is modified

ExpoSEJS / ExpoSE

A Dynamic Symbolic Execution (DSE) engine for JavaScript. ExpoSE is highly scalable, compatible with recent JavaScript standards, and supports symbolic modelling of strings and regular expressions.

MIT License

183 stars 36 forks source link

fix: infinite recursive call when JSON.stringify is modified #97

Closed cl0udz closed 4 years ago

cl0udz commented 4 years ago

Here is the example of how to fix the bug. We need to make sure that all the native functions are stored before we start analyzing the module. I didn't modify all of them because you may have a better idea to solve it.

jawline commented 4 years ago

Thanks, I see what is wrong. I think this can be adjusted in the models directly. I will merge it into a dev branch and make the appropriate changes.

Thank you for highlighting this!

(Note, the particular console.log is an accidental merge artefact from some work we did for network dependency identification. It wasn't even meant to be in the code at all! thanks for finding it)

cl0udz commented 4 years ago

No problem. I'm willing to contribute to your project. About the code, what I have shown is just an example. In some modules, developers may modify those native functions for whatever they want. If we call these functions in the analyzing scripts, it should result in a loop call(app code -> modified native function -> analyzing scripts -> modified native function -> analyzing scripts ...). I'm not sure improving func model can solve it or not but am willing to help whenever you want.