标签: Rust

Rust静态分析工具

P小二留下评论

来源: https://github.com/pxiaoer/static-analysis#rust

  • C2Rust – C2Rust helps you migrate C99-compliant code to Rust. The translator (or transpiler) produces unsafe Rust code that closely mirrors the input C code.
  • C2Rust-C2Rust 帮助您将 c99兼容的代码迁移到 Rust。转换器(或 transpiler)生成不安全的 Rust 代码,这些代码紧密地映射了输入的 c 代码。

  • cargo udeps – Find unused dependencies in Cargo.toml. It either prints out a “unused crates” line listing the crates, or it prints out a line saying that no crates were unused.
  • Cargo.toml 中查找未使用的依赖项。它要么打印出一行“未使用的板条箱”列出板条箱,要么打印出一行说明没有板条箱未使用。

  • cargo-audit – Audit Cargo.lock for crates with security vulnerabilities reported to the RustSec Advisory Database.
  • cargo审计-审计 Cargo.lock 的板条箱与安全漏洞报告给 RustSec 咨询数据库。

  • cargo-bloat – Find out what takes most of the space in your executable. supports ELF (Linux, BSD), Mach-O (macOS) and PE (Windows) binaries.
  • Cargo-bloat-找出在您的可执行文件中占用大部分空间的内容。支持 ELF (Linux,BSD)、 Mach-O (macOS)和 PE (Windows)二进制文件。

  • cargo-deny – A cargo plugin for linting your dependencies. It can be used either as a command line too, a Rust crate, or a Github action for CI. It checks for valid license information, duplicate crates, security vulnerabilities, and more.
  • Cargo-deny-一个货物插件,用于连接您的依赖关系。它也可以用作命令行、 Rust crate 或者用于 CI 的 Github 动作。它检查有效的许可证信息、重复的板条箱、安全漏洞等。

  • cargo-expand – Cargo subcommand to show result of macro expansion and #[derive] expansion applied to the current crate. This is a wrapper around a more verbose compiler command.
  • Cargo-expand-Cargo 子命令,以显示应用于当前板条箱的宏展开和 # [ derive ]展开的结果。这是一个更详细的编译器命令的包装器。

  • cargo-inspect – Inspect Rust code without syntactic sugar to see what the compiler does behind the curtains.
  • Cargo-Inspect ——检查没有语法糖的 Rust 代码,看看编译器在窗帘后面做了什么。

  • cargo-spellcheck – Checks all your documentation for spelling and grammar mistakes with hunspell (ready) and languagetool (preview)
  • Cargo-spellcheck-使用 hunspell (就绪)和 languagetool (预览)检查所有文档的拼写和语法错误

  • clippy – A code linter to catch common mistakes and improve your Rust code.
  • Clippy-一个代码链接捕捉常见错误,并改善您的锈代码。

  • dylint – A tool for running Rust lints from dynamic libraries. Dylint makes it easy for developers to maintain their own personal lint collections.
  • Dylint-从动态库运行锈线的工具。Dylint 使得开发人员可以轻松地维护他们自己的个人棉绒集合。

  • electrolysis ⚠️ – A tool for formally verifying Rust programs by transpiling them into definitions in the Lean theorem prover.
  • 电解 something-通过将锈病程序转换成 Lean 定理证明器中的定义,从而正式验证锈病程序的工具。

  • herbie ⚠️ – Adds warnings or errors to your crate when using a numerically unstable floating point expression.
  • 当使用数值不稳定的浮点表达式时,在箱子中添加警告或错误。

  • linter-rust ⚠️ – Linting your Rust-files in Atom, using rustc and cargo.
  • Linter-rust something-Linting your Rust-files in Atom,using rustc and cargo.

  • MIRAI – And abstract interpreter operating on Rust’s mid-level intermediate language, and providing warnings based on taint analysis.
  • 和抽象的解释器操作在 Rust 的中级中间语言上,并提供基于污染分析的警告。

  • prae – Provides a convenient macro that allows you to generate type wrappers that promise to always uphold arbitrary invariants that you specified.
  • Prae-提供了一个方便的宏,允许您生成类型包装器,承诺始终支持您指定的任意不变量。

  • Prusti – A static verifier for Rust, based on the Viper verification infrastructure. By default Prusti verifies absence of panics by proving that statements such as unreachable!() and panic!() are unreachable.
  • Prusti-基于 Viper 验证基础设施的锈蚀静态验证器。默认情况下,Prusti 验证没有恐慌通过证明声明,如不可及!()和恐慌!()无法联络。

  • Rudra ©️ – Rust Memory Safety & Undefined Behavior Detection. It is capable of analyzing single Rust packages as well as all the packages on crates.io.
  • 锈蚀记忆安全与未定义行为检测。它能够分析单个锈包以及在 crates.io 上的所有包。

  • Rust Language Server – Supports functionality such as ‘goto definition’, symbol search, reformatting, and code completion, and enables renaming and refactorings.
  • Rust Language Server ——支持诸如“ goto definition”、符号搜索、重新格式化和代码完成等功能,并支持重命名和重构。

  • rust-analyzer – Supports functionality such as ‘goto definition’, type inference, symbol search, reformatting, and code completion, and enables renaming and refactorings.
  • Rust-analyzer-支持诸如“ goto definition”、类型推断、符号搜索、重新格式化和代码完成等功能,并支持重命名和重构。

  • rust-audit – Audit Rust binaries for known bugs or security vulnerabilities. This works by embedding data about the dependency tree (Cargo.lock) in JSON format into a dedicated linker section of the compiled executable.
  • 锈蚀审计-审计锈蚀二进制已知的错误或安全漏洞。这是通过将关于依赖关系树(Cargo.lock)的 JSON 格式数据嵌入到编译的可执行文件的专用链接器部分来实现的。

  • rustfix – Read and apply the suggestions made by rustc (and third-party lints, like those offered by clippy).
  • Rustfix ——阅读和应用 rustc 提供的建议(以及第三方 lints,比如 clippy 提供的建议)。

  • rustfmt – A tool for formatting Rust code according to style guidelines.
  • 一个根据样式指南格式化锈病代码的工具。

  • RustViz – RustViz is a tool that generates visualizations from simple Rust programs to assist users in better understanding the Rust Lifetime and Borrowing mechanism. It generates SVG files with graphical indicators that integrate with mdbook to render visualizations of data-flow in Rust programs.
  • RustViz-RustViz 是一个工具,可以从简单的 Rust 程序生成可视化,以帮助用户更好地理解 Rust Lifetime 和 boring 机制。它生成具有图形指示器的 SVG 文件,这些指示器与 mdbook 集成,以便在 Rust 程序中呈现数据流的可视化。

  • warnalyzer – Show unused code from multi-crate Rust projects
  • 警报解除器-显示未使用的代码从多个板条箱锈项目

Rust 逆向——00.Hello,World

P小二留下评论 

fn main() {
    println!("Hello, world!");
}

我尝试使用-O 和 -C opt-level=3 来编译,发现编译出来的程序没有任何区别。

如果你使用-o 的话,就会发现生成的程序是没有优化的,会大一些,有461K。

使用GDB来调试

你在编译的时候,需要加-g 来添加调试信息

(gdb) list
1       fn main() {
2           println!("Hello, world!");
3       }
(gdb) 
Line number 4 out of range; helloworld.rs has 3 lines.
(gdb) 
Line number 4 out of range; helloworld.rs has 3 lines.
(gdb) b 2
Breakpoint 1 at 0x100004228: file helloworld.rs, line 2.

使用逆向工具

使用Cutter的jsdec反编译结果。看起来生成的C++/C的代码

使用Ghira的结果

0797.All Paths From Source to Target

P小二留下评论

797. All Paths From Source to Target

Given a directed, acyclic graph of N nodes. Find all possible paths from node 0 to node N-1, and return them in any order.

The graph is given as follows: the nodes are 0, 1, …, graph.length – 1. graph[i] is a list of all nodes j for which the edge (i, j) exists.

Example:
Input: [[1,2], [3], [3], []]
Output: [[0,1,3],[0,2,3]]
Explanation: The graph looks like this:
0—>1
| |
v v
2—>3
There are two paths: 0 -> 1 -> 3 and 0 -> 2 -> 3.
Note:

The number of nodes in the graph will be in the range [2, 15].
You can print different paths in any order, but you should keep the order of nodes inside one path.

思路

这题直接DFS,递归遍历就好了

  • 时间复杂度 O(N)
  • 空间复杂度 O(N)

代码

pub fn all_paths_source_target(graph: Vec<Vec<i32>>) -> Vec<Vec<i32>> {


let mut paths = Vec::with_capacity(graph.len());
let mut path = Vec::with_capacity(graph.len());

path.push(0);

find_N(0,&mut path,&mut paths,&graph);

return paths;
}

pub fn find_N(poient:i32,mut path:&mut Vec<i32>,mut paths:&mut Vec<Vec<i32>>,graph:&Vec<Vec<i32>>){
if poient == (graph.len()-1) as i32 {
paths.push(path.clone());
}
else {
for next in &graph[poient as usize]{
path.push(*next);
find_N(*next,&mut path,&mut paths,& graph);
path.pop();
}
}
}
  • 执行用时: 12 ms
  • 内存消耗: 2.4 MB

题型与相似题

题型

1.DFS
2.graph

相似题

代码链接

all_paths_from_source_to_target