A CFG utility library
Project description
CFGUtils
A Utility library for working with Control Flow Graphs (CFGs) in Python. This library implements previous academic and industrial research in the field of CFGs. It is also the home of the CFGED algorithm, refered to as Basque-CFGED, created in the USENIX Security 2024 Paper "Ahoy SAILR! There is No Need to DREAM of C: A Compiler-Aware Structuring Algorithm for Binary Decompilation".
If you use this library in your research, please cite the SAILR paper.
Install
pip3 install cfgutils
Usage
CFGUtils is used on Networkx DiGraphs. Most analysis assumes the graph is composed of GenericBlock nodes. The nodes a very simple and can be subclassed to represent different kinds of blocks.
All algorithms in this library have a testcase, which can be found in the tests.py file.
Region Identification
Regions here are defined as Single-Entry Single-Exit (SESE) subgraphs of the CFG. These regions are mostly used in the context of control flow recovery and decompilation.
from cfgutils.data.generic_block import GenericBlock
from cfgutils.regions.region_identifier import RegionIdentifier
import networkx as nx
blocks = [GenericBlock(i) for i in range(9)]
numbered_edges = [(1, 2), (1, 3), (2, 4), (3, 4), (4, 5), (4, 6), (5, 7), (6, 7)]
block_edges = [
(blocks[in_e], blocks[out_e]) for (in_e, out_e) in numbered_edges
]
graph = nx.DiGraph(block_edges)
ri = RegionIdentifier(graph)
top_region = ri.region
print(top_region.graph.nodes)
Subclass GenericBlock to use different kinds of blocks in your graph.
Basque CFGED
The Basque CFGED algorithm is a graph edit distance algorithm for CFGs. To use it you need to have two CFGs and a mapping of the nodes between the two graphs. Not all nodes need to be mapped, just as many as you can do.
import networkx as nx
from cfgutils.similarity import cfg_edit_distance
from cfgutils.data import numbered_edges_to_block_graph
g1: nx.DiGraph = numbered_edges_to_block_graph([(1, 2), (1, 3), (3, 6.2), (3, 5), (5, 6.2), (2, 6.1)])
g2: nx.DiGraph = numbered_edges_to_block_graph([(1, 2), (1, 3), (3, 4), (3, 5), (4, 6), (5, 6), (2, 6)])
mapping = {n: {n} for n in range(7)}
# see tests for an explanation
assert cfg_edit_distance(g1, g2, mapping, mapping) == 5
Features
- Region Identification
- Graph Edit Distance:
- Basque CFGED
- Abu-Aisheh GED
- Hu CFGED
- Dominator Trees
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file cfgutils-1.16.0.tar.gz.
File metadata
- Download URL: cfgutils-1.16.0.tar.gz
- Upload date:
- Size: 64.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.25
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
74cb03bd3b80dabaa8ad71414b04034c2f23f4bc5c9399e7d566c03e176bc2e5
|
|
| MD5 |
69ea36923a770d754cac3341766abf69
|
|
| BLAKE2b-256 |
a0e77e1d482e482eb0e2440ebac6a1193aa0e90abe9630055b8060e7247f1293
|
File details
Details for the file cfgutils-1.16.0-py3-none-any.whl.
File metadata
- Download URL: cfgutils-1.16.0-py3-none-any.whl
- Upload date:
- Size: 69.6 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.2.0 CPython/3.9.25
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
a13bc71cb5e98f57a638bb518f8c66854eb2f1584295b0e7edf1d0b5c30541f0
|
|
| MD5 |
6d34895455a20f8522dff971f783c705
|
|
| BLAKE2b-256 |
3b358c5549d98b0612f333c094f3ee1f59883a06eb6079375aaedcbd4ae8704c
|
