mcpp 1.2.0__tar.gz → 1.3.1__tar.gz

{mcpp-1.2.0/src/mcpp.egg-info → mcpp-1.3.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: mcpp
-Version: 1.2.0
+Version: 1.3.1
 Summary: McCabe++ (mcpp): cyclomatic complexity and other vulnerability-related code metrics
 Author-email: Lukas Pirch <lukas.pirch@tu-berlin.de>
 License: MIT License
@@ -26,18 +26,17 @@ License: MIT License
         SOFTWARE.
         
 Keywords: vulnerability,code metric,static analysis
-Classifier: License :: OSI Approved :: MIT License
 Classifier: Programming Language :: Python
 Classifier: Programming Language :: Python :: 3
-Requires-Python: >=3.9
+Requires-Python: <3.14,>=3.9
 Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: hydra-core>=1.3.2
-Requires-Dist: tree-sitter>=0.23.0
+Requires-Dist: tree-sitter>=0.24.0
 Requires-Dist: tree-sitter-c>=0.23.0
 Requires-Dist: tree-sitter-cpp>=0.23.0
-Requires-Dist: tqdm>=4.66.4
-Requires-Dist: loguru>=0.7.2
+Requires-Dist: tqdm>=4.66.0
+Requires-Dist: loguru>=0.7.0
 
 # McCabe++ (mcpp)
 
@@ -84,6 +83,23 @@ See also the corresponding [repo](https://github.com/wsbrg/crashminer).
 |                         | V10 | number of if structures without else                                      |
 |                         | V11 | number of variables involved in control predicates                        |
 
+## Additional Metrics
+
+| Dimension         | ID | Metric Description                                      |
+|-------------------|----|---------------------------------------------------------|
+| XD: Extra         | x1 | number of return statements                             |
+|                   | x2 | number of cast expressions                              |
+|                   | x3 | number of variable declarations                         |
+|                   | x4 | maximum number of operands in an expression             |
+| TD: AST Structure | t1 | number of AST nodes (descendants)                       |
+|                   | t2 | height of the AST                                       |
+|                   | t3 | average branching factor of the AST                     |
+| SD: Code Smells   | s1 | number of non-trivial numeric constants (magic numbers) |
+|                   | s2 | number of goto statements                               |
+|                   | s3 | number of function pointers                             |
+|                   | s4 | number of function calls without return value usage     |
+| MD: Memory Ops    | m1 | number of memory allocations (malloc, alloc, new, etc.) |
+|                   | m2 | number of pointer dereferences (`*`, `[]`, `->`)        |
 
 
 ## Setup

{mcpp-1.2.0 → mcpp-1.3.1}/README.md

@@ -43,6 +43,23 @@ See also the corresponding [repo](https://github.com/wsbrg/crashminer).
 |                         | V10 | number of if structures without else                                      |
 |                         | V11 | number of variables involved in control predicates                        |
 
+## Additional Metrics
+
+| Dimension         | ID | Metric Description                                      |
+|-------------------|----|---------------------------------------------------------|
+| XD: Extra         | x1 | number of return statements                             |
+|                   | x2 | number of cast expressions                              |
+|                   | x3 | number of variable declarations                         |
+|                   | x4 | maximum number of operands in an expression             |
+| TD: AST Structure | t1 | number of AST nodes (descendants)                       |
+|                   | t2 | height of the AST                                       |
+|                   | t3 | average branching factor of the AST                     |
+| SD: Code Smells   | s1 | number of non-trivial numeric constants (magic numbers) |
+|                   | s2 | number of goto statements                               |
+|                   | s3 | number of function pointers                             |
+|                   | s4 | number of function calls without return value usage     |
+| MD: Memory Ops    | m1 | number of memory allocations (malloc, alloc, new, etc.) |
+|                   | m2 | number of pointer dereferences (`*`, `[]`, `->`)        |
 
 
 ## Setup

{mcpp-1.2.0 → mcpp-1.3.1}/pyproject.toml

@@ -1,17 +1,16 @@
 [project]
 name = "mcpp"
-version = "1.2.0"
+version = "1.3.1"
 description = "McCabe++ (mcpp): cyclomatic complexity and other vulnerability-related code metrics"
 readme = "README.md"
 authors = [{name = "Lukas Pirch", email="lukas.pirch@tu-berlin.de"}]
 license = {file = "LICENSE"}
 classifiers = [
-    "License :: OSI Approved :: MIT License",
     "Programming Language :: Python",
     "Programming Language :: Python :: 3",
 ]
 keywords = ["vulnerability", "code metric", "static analysis"]
-requires-python = ">=3.9"
+requires-python = ">=3.9,<3.14"
 dynamic = ["dependencies"]
 
 [tool.setuptools.dynamic]

{mcpp-1.2.0 → mcpp-1.3.1}/requirements.txt

@@ -1,6 +1,6 @@
 hydra-core>=1.3.2
-tree-sitter>=0.23.0
+tree-sitter>=0.24.0
 tree-sitter-c>=0.23.0
 tree-sitter-cpp>=0.23.0
-tqdm>=4.66.4
-loguru>=0.7.2
+tqdm>=4.66.0
+loguru>=0.7.0

{mcpp-1.2.0 → mcpp-1.3.1}/src/mcpp/__main__.py

@@ -2,7 +2,7 @@ import json
 from pathlib import Path
 from typing import List
 from collections import defaultdict
-from importlib.resources import files
+from importlib.resources import files, as_file
 
 import hydra
 from tqdm import tqdm
@@ -10,9 +10,14 @@ from tqdm import tqdm
 from mcpp.config import Config
 from mcpp.parse import Sitter, get_call_names
 from mcpp.complexity import c1, c2, c3_c4
-from mcpp.vulnerability import v1, v2, v3_v4, v5, v6_v7, v8, v9, v10, v11
+from mcpp.vulnerability import v1, v2, v3_v4_v5, v6_v7, v8, v9, v10, v11
 
-with files("mcpp.assets") / "config.yaml" as p:
+from mcpp.additional import x1, x2, x3, x4
+from mcpp.tree import t1, t2, t3
+from mcpp.smell import s1, s2, s3, s4
+from mcpp.memory import m1, m2
+
+with as_file(files("mcpp.assets") / "config.yaml") as p:
     config_path = str(p.parent)
     config_name = str(p.name)
 
@@ -24,15 +29,28 @@ METRICS = {
     "C4": c3_c4,
     "V1": v1,
     "V2": v2,
-    "V3": v3_v4,
-    "V4": v3_v4,
-    "V5": v5,
+    "V3": v3_v4_v5,
+    "V4": v3_v4_v5,
+    "V5": v3_v4_v5,
     "V6": v6_v7,
     "V7": v6_v7,
     "V8": v8,
     "V9": v9,
     "V10": v10,
-    "V11": v11
+    "V11": v11,
+    "x1": x1,
+    "x2": x2,
+    "x3": x3,
+    "x4": x4,
+    "t1": t1,
+    "t2": t2,
+    "t3": t3,
+    "s1": s1,
+    "s2": s2,
+    "s3": s3,
+    "s4": s4,
+    "m1": m1,
+    "m2": m2,
 }
 
 

mcpp-1.3.1/src/mcpp/additional.py

@@ -0,0 +1,45 @@
+from mcpp.queries import Q_BINARY_EXPR, Q_IDENTIFIER, Q_NUMBER
+
+def x1(root, sitter, lang, calls=None):
+    QUERY = "(return_statement) @stmt"
+    sitter.add_queries({"Q_RETURN_STMT": QUERY})
+    return_statements = sitter.captures("Q_RETURN_STMT", root, lang).get("stmt", [])
+    return {
+        "x1": len(return_statements)
+    }
+
+def x2(root, sitter, lang, calls=None):
+    QUERY = "(cast_expression) @expr"
+    sitter.add_queries({"Q_CAST_EXPR": QUERY})
+    cast_exprs = sitter.captures("Q_CAST_EXPR", root, lang).get("expr", [])
+    return {
+        "x2": len(cast_exprs)
+    }
+
+def x3(root, sitter, lang, calls=None):
+    QUERY = "(declaration) @stmt"
+    sitter.add_queries({"Q_VAR_DECL": QUERY})
+    var_decls = sitter.captures("Q_VAR_DECL", root, lang).get("stmt", [])
+    return {
+        "x3": len(var_decls)
+    }
+
+def x4(root, sitter, lang, calls=None):
+    """ Max # of operands in expression
+    """
+    sitter.add_queries({
+        "Q_BINARY_EXPR": Q_BINARY_EXPR,
+        "Q_IDENTIFIER": Q_IDENTIFIER,
+        "Q_NUMBER": Q_NUMBER,
+    })
+
+    num_ops = [0]
+
+    for expr in sitter.captures("Q_BINARY_EXPR", root, lang).get("expr", []):
+        identifiers = sitter.captures("Q_IDENTIFIER", expr, lang).get("variable", [])
+        constants = sitter.captures("Q_NUMBER", expr, lang).get("constant", [])
+        num_ops.append(len(identifiers) + len(constants))
+
+    return {
+        "x4": max(num_ops),
+    }

{mcpp-1.2.0 → mcpp-1.3.1}/src/mcpp/complexity.py

@@ -1,6 +1,6 @@
 from mcpp.parse import Sitter
 from mcpp.queries import Q_FOR_STMT, Q_DO_STMT, Q_WHILE_STMT, \
-    Q_BINARY_EXPR, Q_CONDITION
+    Q_FOR_RANGE_STMT, Q_DO_STMT, Q_BINARY_EXPR, Q_CONDITION
 
 
 def c1(root, sitter, lang, calls=None):
@@ -12,15 +12,22 @@ def c1(root, sitter, lang, calls=None):
         "Q_CONDITION": Q_CONDITION,
         "Q_FOR_STMT": Q_FOR_STMT,
         "Q_DO_STMT": Q_DO_STMT,
-        "Q_WHILE_STMT": Q_WHILE_STMT
+        "Q_WHILE_STMT": Q_WHILE_STMT,
     })
     logical_ops = [
-        "&", "&&",
-        "|", "||"
+        "&&", "||", "and", "or",
+    ]
+    loop_stmts = [
+        "for_statement", "while_statement",
     ]
 
     complexity = c2(root, sitter, lang, calls)["C2"]
+
+    # if statements
     for condition in sitter.captures("Q_CONDITION", root, lang).get("condition", []):
+        if condition.parent.type in loop_stmts:
+            continue
+        complexity += 1
         for expr in sitter.captures("Q_BINARY_EXPR", condition, lang).get("expr", []):
             if len(expr.children) != 3:
                 continue
@@ -35,12 +42,15 @@ def c1(root, sitter, lang, calls=None):
 
 def c2(root, sitter, lang, calls=None):
     """number of for, while and do-while loops"""
-    sitter.add_queries({
+    loops = {
         "Q_FOR_STMT": Q_FOR_STMT,
-        "Q_WHILE_STMT": Q_WHILE_STMT
-    })
+        "Q_FOR_RANGE_STMT": Q_FOR_RANGE_STMT,
+        "Q_WHILE_STMT": Q_WHILE_STMT,
+        "Q_DO_STMT": Q_DO_STMT,
+    } 
+    sitter.add_queries(loops)
     complexity = 0
-    for query in ("Q_FOR_STMT", "Q_WHILE_STMT"):
+    for query in loops.keys():
         complexity += len(sitter.captures(query, root, lang).get("stmt", []))
     return {
         "C2": complexity
@@ -55,14 +65,16 @@ def c3_c4(root, sitter, lang, calls=None):
     - count all loops that have some loop ancestor
     - count ancestors that are also loops
     """
-    sitter.add_queries({
+    loops = {
         "Q_FOR_STMT": Q_FOR_STMT,
+        "Q_FOR_RANGE_STMT": Q_FOR_RANGE_STMT,
         "Q_DO_STMT": Q_DO_STMT,
         "Q_WHILE_STMT": Q_WHILE_STMT
-    })
+    }
+    sitter.add_queries(loops)
     c3_val = 0
     c4_val = 0
-    for query in ("Q_FOR_STMT", "Q_DO_STMT", "Q_WHILE_STMT"):
+    for query in loops.keys():
         for loop_node in sitter.captures(query, root, lang).get("stmt", []):
             nesting_level = _loop_nesting_level(loop_node)
             if nesting_level > 0:
@@ -78,7 +90,8 @@ def _loop_nesting_level(node):
     loop_types = [
         "do_statement",
         "while_statement",
-        "for_statement"
+        "for_statement",
+        "for_range_loop",
     ]
     parent = node.parent
     num_loop_ancestors = 0
@@ -86,4 +99,4 @@ def _loop_nesting_level(node):
         if parent.type in loop_types:
             num_loop_ancestors += 1
         parent = parent.parent
-    return num_loop_ancestors
+    return num_loop_ancestors

mcpp-1.3.1/src/mcpp/memory.py

@@ -0,0 +1,52 @@
+from mcpp.queries import Q_CALL_NAME, Q_NEW_EXPRESSION, Q_SUBSCRIPT_EXPR, Q_FIELD_EXPR
+
+def m1(root, sitter, lang, calls=None):
+    """ # memory allocations
+
+    Capture libc memory allocations as well as potential wrappers or individual alloctors.
+    """
+    sitter.add_queries({
+        "Q_CALL_NAME": Q_CALL_NAME,
+        "Q_NEW_EXPRESSION": Q_NEW_EXPRESSION,
+    })
+
+    num_allocations = 0
+
+    # Number of calls to allocation functions
+    for name in sitter.captures("Q_CALL_NAME", root, lang).get("name", []):
+        if "alloc" in name.text.decode("utf-8").lower():
+            num_allocations += 1
+
+    # Number of new object instantiations
+    num_new_expressions = len(sitter.captures("Q_NEW_EXPRESSION", root, lang).get("expr", []))
+    
+    return {
+        "m1": num_allocations + num_new_expressions,
+    }
+
+def m2(root, sitter, lang, calls=None):
+    """ # ptr dereferences
+    """
+    sitter.add_queries({
+        "Q_CALL_NAME": Q_CALL_NAME,
+        "Q_NEW_EXPRESSION": Q_NEW_EXPRESSION,
+        "Q_SUBSCRIPT_EXPR": Q_SUBSCRIPT_EXPR,
+        "Q_FIELD_EXPR": Q_FIELD_EXPR,
+    })
+
+    num_ptr_expressions = 0
+
+    # Number of pointer dereferences using the asterisk syntax (*)
+    for ptr in sitter.captures("Q_POINTER_EXPR", root, lang).get("pointer", []):
+        if ptr.text.decode("utf-8").startswith("*"):
+            num_ptr_expressions += 1
+
+    # Number of pointer dereferences using the subscript syntax ([])
+    num_subscript_expressions = len(sitter.captures("Q_SUBSCRIPT_EXPR", root, lang).get("expr", []))
+
+    # Number of pointer dereferences using the field expression syntax (ptr->field)
+    num_field_expressions = len(sitter.captures("Q_FIELD_EXPR", root, lang).get("expr", []))
+    
+    return {
+        "m2": num_ptr_expressions + num_subscript_expressions + num_field_expressions,
+    }

{mcpp-1.2.0 → mcpp-1.3.1}/src/mcpp/queries.py

@@ -6,6 +6,10 @@ Q_FOR_STMT = """
 (for_statement) @stmt
 """
 
+Q_FOR_RANGE_STMT = """
+(for_range_loop) @stmt
+"""
+
 Q_DO_STMT = """
 (do_statement) @stmt
 """
@@ -15,14 +19,13 @@ Q_WHILE_STMT = """
 """
 
 Q_IF_STMT = """
-(if_statement) @if_stmt
+(if_statement) @stmt
 """
 
 Q_SWITCH_STMT = """
 (switch_statement) @stmt
 """
 
-
 Q_CONDITION = """
 (_
     condition: ((_) @condition)
@@ -33,6 +36,18 @@ Q_BINARY_EXPR = """
 (binary_expression) @expr
 """
 
+Q_UPDATE_EXPR = """
+(update_expression) @expr
+"""
+
+Q_SUBSCRIPT_EXPR = """
+(subscript_expression) @expr
+"""
+
+Q_FIELD_EXPR = """
+(field_expression) @expr
+"""
+
 Q_CALL_NAME = """
 (call_expression
     function: ((identifier) @name)
@@ -49,7 +64,19 @@ Q_IDENTIFIER = """
 (identifier) @variable
 """
 
-Q_FUNCTION_PARAMETER = """
+Q_NUMBER = """
+(number_literal) @constant
+"""
+
+#Q_FUNCTION_PARAMETER = """
+#(parameter_declaration) @param
+#"""
+
+Q_FUNCTION = """
+(function_definition) @function
+"""
+
+Q_PARAMETER = """
 (parameter_declaration) @param
 """
 
@@ -57,6 +84,11 @@ Q_POINTER_EXPR = """
 (pointer_expression) @pointer
 """
 
+Q_POINTER_IDENTIFIER = """
+(pointer_declarator
+    (identifier) @identifier)
+"""
+
 Q_ASSIGNMENT_EXPR = """
 (assignment_expression) @expr
 """
@@ -67,4 +99,8 @@ Q_IF_WITHOUT_ELSE = """
     consequence: ((_) @then)
     !alternative
 ) @stmt
-"""
+"""
+
+Q_NEW_EXPRESSION = """
+(new_expression) @expr
+"""

mcpp-1.3.1/src/mcpp/smell.py

@@ -0,0 +1,46 @@
+def s1(root, sitter, lang, calls=None):
+    QUERY = "(number_literal) @num"
+    sitter.add_queries({"Q_NUMBER_LITERAL": QUERY})
+    number_literals = sitter.captures("Q_NUMBER_LITERAL", root, lang).get("num", [])
+    number_literals = [node.text.decode("utf8") for node in number_literals]
+    def parse_int(s):
+        try:
+            return int(s, 0)
+        except:
+            return None
+    number_literals = [parse_int(s) for s in number_literals]
+    # only non-trivial constants
+    number_literals = [x for x in number_literals if x is not None and x not in [-1, 0, 1]]
+    return {
+        "s1": len(number_literals)
+    }
+
+
+def s2(root, sitter, lang, calls=None):
+    QUERY = "(goto_statement) @stmt"
+    sitter.add_queries({"Q_GOTO_STMT": QUERY})
+    goto_statements = sitter.captures("Q_GOTO_STMT", root, lang).get("stmt", [])
+    return {
+        "s2": len(goto_statements)
+    }
+
+
+def s3(root, sitter, lang, calls=None):
+    QUERY = "(declaration (init_declarator (function_declarator) @decl))"
+    sitter.add_queries({"Q_FUNCTION_POINTERS": QUERY})
+    QUERY = "(parameter_declaration (function_declarator) @decl)"
+    sitter.add_queries({"Q_FUNCTION_POINTER_PARAMS": QUERY})
+    function_pointers = sitter.captures("Q_FUNCTION_POINTERS", root, lang).get("decl", [])
+    function_pointers += sitter.captures("Q_FUNCTION_POINTER_PARAMS", root, lang).get("decl", [])
+    return {
+        "s3": len(function_pointers)
+    }
+
+
+def s4(root, sitter, lang, calls=None):
+    QUERY = "(expression_statement (call_expression) @expr)"
+    sitter.add_queries({"Q_CALLS_WO_RETURN": QUERY})
+    functions_wo_return = sitter.captures("Q_CALLS_WO_RETURN", root, lang).get("expr", [])
+    return {
+        "s4": len(functions_wo_return)
+    }

mcpp-1.3.1/src/mcpp/tree.py

@@ -0,0 +1,28 @@
+def t1(root, sitter, lang, calls=None):
+    def num_descendants(node):
+        return 1 + sum(map(num_descendants, node.children))
+    
+    return {
+        "t1": num_descendants(root)
+    }
+
+
+def t2(root, sitter, lang, calls=None):
+    def height(node):
+        if len(node.children) == 0:
+            return 1
+        return 1 + max(map(height, node.children))
+    return {
+        "t2": height(root)
+    }
+
+
+def t3(root, sitter, lang, calls=None):
+    def get_child_nums(node):
+        if len(node.children) == 0:
+            return []
+        return [len(node.children)] + sum(map(get_child_nums, node.children), start=[])
+    child_nums = get_child_nums(root)
+    return {
+        "t3": sum(child_nums) / len(child_nums)
+    }

mcpp-1.3.1/src/mcpp/vulnerability.py

@@ -0,0 +1,361 @@
+from collections import Counter
+import threading
+import itertools as it
+from collections import defaultdict
+
+from mcpp.parse import Sitter, get_identifiers
+from mcpp.queries import Q_ARGLIST, Q_IDENTIFIER, Q_FUNCTION, Q_PARAMETER, \
+    Q_POINTER_EXPR, Q_ASSIGNMENT_EXPR, Q_BINARY_EXPR, Q_UPDATE_EXPR, Q_SUBSCRIPT_EXPR, \
+    Q_FIELD_EXPR, Q_CALL_NAME, Q_IF_STMT, Q_SWITCH_STMT, Q_DO_STMT, Q_WHILE_STMT, \
+    Q_FOR_STMT, Q_FOR_RANGE_STMT, Q_CONDITION, Q_IF_WITHOUT_ELSE, Q_POINTER_IDENTIFIER
+
+
+def v1(root, sitter, lang, calls=None):
+    """
+    V1: number of parameter variables
+    """
+    sitter.add_queries({
+        "Q_FUNCTION": Q_FUNCTION,
+        "Q_PARAMETER": Q_PARAMETER,
+    })
+    functions = sitter.captures("Q_FUNCTION", root, lang).get("function", [])
+    if len(functions) == 0:
+        return {"V1": 0}
+    function = functions[0]
+    params = sitter.captures("Q_PARAMETER", function, lang).get("param", [])
+    return {
+        "V1": len(params)
+    }
+
+
+def v2(root, sitter, lang, calls=None):
+    """
+    V2: number of variables as parameters for callee functions
+    """
+    sitter.add_queries({
+        "Q_ARGLIST": Q_ARGLIST
+    })
+
+    vars_in_calls = []
+    for arg_list in sitter.captures("Q_ARGLIST", root, lang).get("args", []):
+        variables = get_identifiers(sitter, arg_list, lang, filter=calls)
+        vars_in_calls.extend(variables)
+
+    return {
+        "V2": len(set(vars_in_calls))
+    }
+
+
+def v3_v4_v5(root, sitter, lang, calls=None):
+    """
+    V3: number of pointer arithmetic
+    V4: number of variables involved in pointer arithmetics
+    V5: max pointer arithmetic a variable is involved in
+    """
+    sitter.add_queries({
+        "Q_BINARY_EXPR": Q_BINARY_EXPR,
+        "Q_UPDATE_EXPR": Q_UPDATE_EXPR,
+        "Q_SUBSCRIPT_EXPR": Q_SUBSCRIPT_EXPR,
+        "Q_ASSIGNMENT_EXPR": Q_ASSIGNMENT_EXPR,
+        "Q_POINTER_EXPR": Q_POINTER_EXPR,
+        "Q_FIELD_EXPR": Q_FIELD_EXPR,
+        "Q_IDENTIFIER": Q_IDENTIFIER,
+        "Q_POINTER_IDENTIFIER": Q_POINTER_IDENTIFIER,
+    })
+    assignment_operators = [
+        "+=", "-=", "*=", "/=", "|=", "&=", "^=", "<<=", ">>=", "%="
+    ]
+    pointer_operators = ["*"]
+
+    # Get a list of all pointer identifiers
+    ptr_identifiers = sitter.captures("Q_POINTER_IDENTIFIER", root, lang).get("identifier", [])
+    ptr_identifier_names = set(ptr_identifier.text.decode() for ptr_identifier in ptr_identifiers)
+
+    # Get a list of all identifiers involved in update expressions
+    update_exprs = sitter.captures("Q_UPDATE_EXPR", root, lang).get("expr", [])
+    binary_exprs = sitter.captures("Q_BINARY_EXPR", root, lang).get("expr", [])
+
+    # Calculate the number of pointer aithmetic
+    v3_pointer_arith = 0
+    v4_pointer_airth_identifiers = []
+    pointer_arith_per_identifier = defaultdict(lambda: 0)
+    
+    # No. of update and binary expressions with pointers involved
+    for expr in it.chain(update_exprs, binary_exprs):
+        identifiers = sitter.captures("Q_IDENTIFIER", expr, lang).get("variable", [])
+        identifier_names = set(identifier.text.decode() for identifier in identifiers)
+        if len(identifier_names & ptr_identifier_names) > 0:
+            v3_pointer_arith += 1
+            v4_pointer_airth_identifiers += identifiers
+            for identifier_name in identifier_names:
+                pointer_arith_per_identifier[identifier_name] += 1
+
+
+    # No. of subscription expressions
+    subscript_exprs = sitter.captures("Q_SUBSCRIPT_EXPR", root, lang).get("expr", [])
+    v3_pointer_arith += len(subscript_exprs)
+    for expr in subscript_exprs:
+        identifiers = sitter.captures("Q_IDENTIFIER", expr, lang).get("variable", [])
+        identifier_names = set(identifier.text.decode() for identifier in identifiers)
+        for identifier_name in identifier_names:
+            pointer_arith_per_identifier[identifier_name] += 1
+        v4_pointer_airth_identifiers += identifiers
+
+    # No. of assignment expression where the left hand side is a pointer
+    assignment_exprs = sitter.captures("Q_ASSIGNMENT_EXPR", root, lang).get("expr", [])
+    for expr in assignment_exprs:
+        if expr.child_by_field_name("operator").text.decode() not in assignment_operators:
+            continue
+        identifiers = sitter.captures("Q_IDENTIFIER", expr.child_by_field_name("left"), lang).get("variable", [])
+        identifier_names = set(identifier.text.decode() for identifier in identifiers)
+        if len(identifier_names & ptr_identifier_names) > 0:
+            v3_pointer_arith += 1
+            right_hand_side_identifiers = sitter.captures("Q_IDENTIFIER", expr.child_by_field_name("right"), lang).get("variable", [])
+            right_hand_side_identifier_names = set(node.text.decode() for node in right_hand_side_identifiers)
+            v4_pointer_airth_identifiers += identifiers
+            v4_pointer_airth_identifiers += right_hand_side_identifiers
+            for identifier_name in identifier_names.union(right_hand_side_identifier_names):
+                pointer_arith_per_identifier[identifier_name] += 1
+
+    # No. of pointer dereferences with the *ptr syntax
+    pointer_exprs = sitter.captures("Q_POINTER_EXPR", root, lang).get("pointer", [])
+    for expr in pointer_exprs:
+        if expr.child_by_field_name("operator").text.decode() not in pointer_operators:
+            continue
+        identifiers = sitter.captures("Q_IDENTIFIER", expr, lang).get("variable", [])
+        identifier_names = set(identifier.text.decode() for identifier in identifiers)
+        v3_pointer_arith += 1
+        v4_pointer_airth_identifiers += identifiers
+        for identifier_name in identifier_names:
+            pointer_arith_per_identifier[identifier_name] += 1
+
+    # No. of field expressions (ptr->field)
+    field_exprs = sitter.captures("Q_FIELD_EXPR", root, lang).get("expr", [])
+    v3_pointer_arith += len(field_exprs)
+    for expr in field_exprs:
+        identifiers = sitter.captures("Q_IDENTIFIER", expr, lang).get("variable", [])
+        identifier_names = set(identifier.text.decode() for identifier in identifiers)
+        for identifier_name in identifier_names:
+            pointer_arith_per_identifier[identifier_name] += 1
+
+    # Calculate V5
+    max_pointer_arith_identifier = max(pointer_arith_per_identifier, key=pointer_arith_per_identifier.get, default=None)
+    if max_pointer_arith_identifier != None:
+        v5_max_pointer_arith_var = pointer_arith_per_identifier[max_pointer_arith_identifier]
+    else:
+        v5_max_pointer_arith_var = 0
+
+    return {
+        "V3": v3_pointer_arith,
+        "V4": len(set(v4_pointer_airth_identifiers)),
+        "V5": v5_max_pointer_arith_var,
+    }
+
+
+def v5(root, sitter, lang, calls=None):
+    """
+    V5: maximum number of pointer arithmetic operations a variable is involved in
+    """
+    sitter.add_queries({
+        "Q_BINARY_EXPR": Q_BINARY_EXPR,
+        "Q_ASSIGNMENT_EXPR": Q_ASSIGNMENT_EXPR,
+        "Q_CALL_NAME": Q_CALL_NAME
+    })
+    arith_ops = [
+        "+", "++", "+=",
+        "-", "--", "-=",
+        "*", "*=",
+        "/", "/="
+    ]
+
+    var_count = Counter()
+    candidates = sitter.captures("Q_BINARY_EXPR", root, lang).get("expr", []) + sitter.captures("Q_ASSIGNMENT_EXPR", root, lang).get("expr", [])
+    for node in candidates:
+        if len(node.children) != 3:
+            continue
+        op_text = node.children[1].text.decode()
+        if any(arith in op_text for arith in arith_ops):
+            variables = get_identifiers(sitter, node, lang, filter=calls)
+            var_count.update(variables)
+    if len(var_count) > 0:
+        max_count = var_count.most_common(1)[0][1]
+    else:
+        max_count = 0
+    return {
+        "V5": max_count
+    }
+
+
+def v6_v7(root, sitter, lang, calls=None):
+    """
+    V6: number of nested control structures
+    V7: maximum level of control nesting
+    """
+    queries = {
+        "Q_IF_STMT": Q_IF_STMT,
+        "Q_SWITCH_STMT": Q_SWITCH_STMT,
+        "Q_DO_STMT": Q_DO_STMT,
+        "Q_WHILE_STMT": Q_WHILE_STMT,
+        "Q_FOR_STMT": Q_FOR_STMT,
+        "Q_FOR_RANGE_STMT": Q_FOR_RANGE_STMT,
+    }
+    sitter.add_queries(queries)
+
+    nested_controls = []
+    max_nesting_level = 0
+    for q in queries.keys():
+        for node in sitter.captures(q, root, lang).get("stmt", []):
+            nesting_level = _control_nesting_level(node)
+            if nesting_level > 0:
+                nested_controls.append(node)
+            max_nesting_level = max(max_nesting_level, nesting_level)
+
+    return {
+        "V6": len(nested_controls),
+        "V7": max_nesting_level
+    }
+
+
+def _control_nesting_level(node):
+    control_types = [
+        "if_statement",
+        "switch_statement",
+        "do_statement",
+        "while_statement",
+        "for_statement",
+        "for_range_loop",
+    ]
+    parent = node.parent
+    num_control_ancestors = 0
+    while parent is not None:
+        if parent.type in control_types:
+            num_control_ancestors += 1
+        parent = parent.parent
+    return num_control_ancestors
+
+
+def v8(root, sitter, lang, calls=None):
+    """
+    V8: maximum number of control-dependent control structures
+    """
+    queries = {
+        "Q_IF_STMT": Q_IF_STMT,
+        "Q_SWITCH_STMT": Q_SWITCH_STMT,
+        "Q_DO_STMT": Q_DO_STMT,
+        "Q_WHILE_STMT": Q_WHILE_STMT,
+        "Q_FOR_STMT": Q_FOR_STMT,
+        "Q_FOR_RANGE_STMT": Q_FOR_RANGE_STMT,
+        #"Q_CONDITION": Q_CONDITION,
+    }
+    sitter.add_queries(queries)
+
+    # count dependent controls under another control: key = start_byte of parent in function
+    control_dependent_controls = Counter()
+    threads = []
+    thread_lock = threading.Lock()
+    for q in queries.keys():
+        t = threading.Thread(target=_v8_single_query,
+                             args=(root, sitter, lang, calls, q,
+                                   control_dependent_controls, thread_lock))
+        t.start()
+        threads.append(t)
+    for t in threads:
+        t.join()
+
+    v8_val = max([0] + list(control_dependent_controls.values()))
+
+    return {
+        "V8": 0 if v8_val == 0 else v8_val + 1,
+    }
+
+
+def _v8_single_query(root, sitter, lang, calls, query, control_dependent_controls, thread_lock):
+    tag = "condition" if "Q_CONDITION" in query else "stmt"
+    for node in sitter.captures(query, root, lang).get(tag, []):
+        parents = _traverse_parent_controls(node)
+        if len(parents) > 0:
+            with thread_lock:
+                control_dependent_controls[parents[-1].start_byte] += 1
+
+
+def _traverse_parent_controls(node):
+    """ Climb up the AST and emit all control nodes. """
+    control_types = [
+        "if_statement",
+        "switch_statement",
+        "do_statement",
+        "while_statement",
+        "for_statement",
+        "for_range_loop",
+    ]
+    parent_controls = []
+    parent = node.parent
+    while parent is not None:
+        if parent.type in control_types:
+            parent_controls.append(parent)
+        parent = parent.parent
+    return parent_controls
+
+
+def v9(root, sitter, lang, calls=None):
+    """
+    V9: maximum number of data-dependent control structures
+    """
+    sitter.add_queries({
+        "Q_IDENTIFIER": Q_IDENTIFIER,
+        "Q_CONDITION": Q_CONDITION,
+    })
+
+    # Count the number of depend control structures for each identifier
+    dependend_ctrl_structures_count = defaultdict(lambda: 0)
+
+    conditions = sitter.captures("Q_CONDITION", root, lang).get("condition", [])
+    for condition in conditions:
+        identifiers = sitter.captures("Q_IDENTIFIER", condition, lang).get("variable", [])
+        identifier_names = set(identifier.text.decode() for identifier in identifiers)
+        
+        for identifier_name in identifier_names:
+            dependend_ctrl_structures_count[identifier_name] += 1
+
+    if len(dependend_ctrl_structures_count) > 0:
+        max_key = max(dependend_ctrl_structures_count, key=dependend_ctrl_structures_count.get)
+        max_val = dependend_ctrl_structures_count[max_key]
+    else:
+        max_val = 0
+
+    return {
+        "V9": max_val,
+    }
+
+
+def v10(root, sitter, lang, calls=None):
+    """
+    V10: number of if statements without else
+    """
+    sitter.add_queries({
+        "Q_IF_WITHOUT_ELSE": Q_IF_WITHOUT_ELSE
+    })
+
+    if_without_else = sitter.captures("Q_IF_WITHOUT_ELSE", root, lang).get("stmt", [])
+    return {
+        "V10": len(if_without_else)
+    }
+
+
+def v11(root, sitter, lang, calls=None):
+    """
+    V11: number of variables in control structures (in each predicate)
+    """
+    sitter.add_queries({
+        "Q_CONDITION": Q_CONDITION
+    })
+
+    num_controlled_vars = 0
+    conditions = sitter.captures("Q_CONDITION", root, lang).get("condition", [])
+    identifiers = set()
+    for condition in conditions:
+        identifiers |= set(get_identifiers(sitter, condition, lang, filter=calls))
+
+    return {
+        "V11": len(identifiers),
+    }

{mcpp-1.2.0 → mcpp-1.3.1/src/mcpp.egg-info}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: mcpp
-Version: 1.2.0
+Version: 1.3.1
 Summary: McCabe++ (mcpp): cyclomatic complexity and other vulnerability-related code metrics
 Author-email: Lukas Pirch <lukas.pirch@tu-berlin.de>
 License: MIT License
@@ -26,18 +26,17 @@ License: MIT License
         SOFTWARE.
         
 Keywords: vulnerability,code metric,static analysis
-Classifier: License :: OSI Approved :: MIT License
 Classifier: Programming Language :: Python
 Classifier: Programming Language :: Python :: 3
-Requires-Python: >=3.9
+Requires-Python: <3.14,>=3.9
 Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: hydra-core>=1.3.2
-Requires-Dist: tree-sitter>=0.23.0
+Requires-Dist: tree-sitter>=0.24.0
 Requires-Dist: tree-sitter-c>=0.23.0
 Requires-Dist: tree-sitter-cpp>=0.23.0
-Requires-Dist: tqdm>=4.66.4
-Requires-Dist: loguru>=0.7.2
+Requires-Dist: tqdm>=4.66.0
+Requires-Dist: loguru>=0.7.0
 
 # McCabe++ (mcpp)
 
@@ -84,6 +83,23 @@ See also the corresponding [repo](https://github.com/wsbrg/crashminer).
 |                         | V10 | number of if structures without else                                      |
 |                         | V11 | number of variables involved in control predicates                        |
 
+## Additional Metrics
+
+| Dimension         | ID | Metric Description                                      |
+|-------------------|----|---------------------------------------------------------|
+| XD: Extra         | x1 | number of return statements                             |
+|                   | x2 | number of cast expressions                              |
+|                   | x3 | number of variable declarations                         |
+|                   | x4 | maximum number of operands in an expression             |
+| TD: AST Structure | t1 | number of AST nodes (descendants)                       |
+|                   | t2 | height of the AST                                       |
+|                   | t3 | average branching factor of the AST                     |
+| SD: Code Smells   | s1 | number of non-trivial numeric constants (magic numbers) |
+|                   | s2 | number of goto statements                               |
+|                   | s3 | number of function pointers                             |
+|                   | s4 | number of function calls without return value usage     |
+| MD: Memory Ops    | m1 | number of memory allocations (malloc, alloc, new, etc.) |
+|                   | m2 | number of pointer dereferences (`*`, `[]`, `->`)        |
 
 
 ## Setup

{mcpp-1.2.0 → mcpp-1.3.1}/src/mcpp.egg-info/SOURCES.txt

@@ -4,10 +4,14 @@ pyproject.toml
 requirements.txt
 src/mcpp/__init__.py
 src/mcpp/__main__.py
+src/mcpp/additional.py
 src/mcpp/complexity.py
 src/mcpp/config.py
+src/mcpp/memory.py
 src/mcpp/parse.py
 src/mcpp/queries.py
+src/mcpp/smell.py
+src/mcpp/tree.py
 src/mcpp/vulnerability.py
 src/mcpp.egg-info/PKG-INFO
 src/mcpp.egg-info/SOURCES.txt

{mcpp-1.2.0 → mcpp-1.3.1}/src/mcpp.egg-info/requires.txt

@@ -1,6 +1,6 @@
 hydra-core>=1.3.2
-tree-sitter>=0.23.0
+tree-sitter>=0.24.0
 tree-sitter-c>=0.23.0
 tree-sitter-cpp>=0.23.0
-tqdm>=4.66.4
-loguru>=0.7.2
+tqdm>=4.66.0
+loguru>=0.7.0

mcpp-1.2.0/src/mcpp/vulnerability.py

@@ -1,270 +0,0 @@
-from collections import Counter
-import threading
-
-from mcpp.parse import Sitter, get_identifiers
-from mcpp.queries import Q_ARGLIST, Q_IDENTIFIER, Q_FUNCTION_PARAMETER, \
-    Q_POINTER_EXPR, Q_ASSIGNMENT_EXPR, Q_BINARY_EXPR, Q_CALL_NAME, \
-    Q_IF_STMT, Q_SWITCH_STMT, Q_DO_STMT, Q_WHILE_STMT, Q_FOR_STMT, Q_CONDITION, \
-    Q_IF_WITHOUT_ELSE
-
-
-def v1(root, sitter, lang, calls=None):
-    """
-    V1: number of variables as parameters for callee functions
-    """
-    sitter.add_queries({
-        "Q_ARGLIST": Q_ARGLIST
-    })
-
-    vars_in_calls = []
-    for arg_list in sitter.captures("Q_ARGLIST", root, lang).get("args", []):
-        variables = get_identifiers(sitter, arg_list, lang, filter=calls)
-        vars_in_calls.extend(variables)
-
-    return {
-        "V1": len(vars_in_calls)
-    }
-
-
-def v2(root, sitter, lang, calls=None):
-    """
-    V2: number of variables as parameters for callee functions
-    """
-    sitter.add_queries({
-        "Q_FUNCTION_PARAMETER": Q_FUNCTION_PARAMETER
-    })
-    params = sitter.captures("Q_FUNCTION_PARAMETER", root, lang).get("param", [])
-    return {
-        "V2": len(params)
-    }
-
-
-def v3_v4(root, sitter, lang, calls=None):
-    """
-    V3: number of pointer arithmetic operations
-    V4: number of variables involved in pointer arithmetics
-    """
-    sitter.add_queries({
-        "Q_POINTER_EXPR": Q_POINTER_EXPR
-    })
-    arith_ops = [
-        "+", "++", "+=",
-        "-", "--", "-=",
-        "*=",  # * excluded (same as pointer reference)
-        "/", "/=",
-        "^", "^=",
-        "&=",  # & excluded (same as pointer dereference)
-        "|", "|="
-    ]
-
-    pointer_arith = []
-    pointer_arith_vars = []
-    for pointer in sitter.captures("Q_POINTER_EXPR", root, lang).get("pointer", []):
-        if any(arith in pointer.parent.text.decode() for arith in arith_ops):
-            pointer_arith.append(pointer)
-            variables = get_identifiers(sitter, pointer.parent, lang, filter=calls)
-            pointer_arith_vars.extend(variables)
-
-    return {
-        "V3": len(pointer_arith),
-        "V4": len(pointer_arith_vars)
-    }
-
-
-def v5(root, sitter, lang, calls=None):
-    """
-    V5: maximum number of pointer arithmetic operations a variable is involved in
-    """
-    sitter.add_queries({
-        "Q_BINARY_EXPR": Q_BINARY_EXPR,
-        "Q_ASSIGNMENT_EXPR": Q_ASSIGNMENT_EXPR,
-        "Q_CALL_NAME": Q_CALL_NAME
-    })
-    arith_ops = [
-        "+", "++", "+=",
-        "-", "--", "-=",
-        "*", "*=",
-        "/", "/="
-    ]
-
-    var_count = Counter()
-    candidates = sitter.captures("Q_BINARY_EXPR", root, lang).get("expr", []) + sitter.captures("Q_ASSIGNMENT_EXPR", root, lang).get("expr", [])
-    for node in candidates:
-        if len(node.children) != 3:
-            continue
-        op_text = node.children[1].text.decode()
-        if any(arith in op_text for arith in arith_ops):
-            variables = get_identifiers(sitter, node, lang, filter=calls)
-            var_count.update(variables)
-    if len(var_count) > 0:
-        max_count = var_count.most_common(1)[0][1]
-    else:
-        max_count = 0
-    return {
-        "V5": max_count
-    }
-
-
-def v6_v7(root, sitter, lang, calls=None):
-    """
-    V6: number of nested control structures
-    V7: maximum level of control nesting
-    """
-    queries = {
-        "Q_IF_STMT": Q_IF_STMT,
-        "Q_SWITCH_STMT": Q_SWITCH_STMT,
-        "Q_DO_STMT": Q_DO_STMT,
-        "Q_WHILE_STMT": Q_WHILE_STMT,
-        "Q_FOR_STMT": Q_FOR_STMT
-    }
-    sitter.add_queries(queries)
-
-    nested_controls = []
-    max_nesting_level = 0
-    for q in queries.keys():
-        for node in sitter.captures(q, root, lang).get("stmt", []):
-            nesting_level = _control_nesting_level(node)
-            if nesting_level > 0:
-                nested_controls.append(node)
-            max_nesting_level = max(max_nesting_level, nesting_level)
-
-    return {
-        "V6": len(nested_controls),
-        "V7": max_nesting_level
-    }
-
-
-def _control_nesting_level(node):
-    control_types = [
-        "if_statement",
-        "switch_statement",
-        "do_statement",
-        "while_statement",
-        "for_statement"
-    ]
-    parent = node.parent
-    num_control_ancestors = 0
-    while parent is not None:
-        if parent.type in control_types:
-            num_control_ancestors += 1
-        parent = parent.parent
-    return num_control_ancestors
-
-
-def v8(root, sitter, lang, calls=None):
-    """
-    V8: maximum number of control-dependent control structures
-    """
-    queries = {
-        "Q_IF_STMT": Q_IF_STMT,
-        "Q_SWITCH_STMT": Q_SWITCH_STMT,
-        "Q_DO_STMT": Q_DO_STMT,
-        "Q_WHILE_STMT": Q_WHILE_STMT,
-        "Q_FOR_STMT": Q_FOR_STMT,
-        "Q_CONDITION": Q_CONDITION
-    }
-    sitter.add_queries(queries)
-
-    # count dependent controls under another control: key = start_byte of parent in function
-    control_dependent_controls = Counter()
-    threads = []
-    thread_lock = threading.Lock()
-    for q in queries.keys():
-        t = threading.Thread(target=_v8_single_query,
-                             args=(root, sitter, lang, calls, q,
-                                   control_dependent_controls, thread_lock))
-        t.start()
-        threads.append(t)
-    for t in threads:
-        t.join()
-
-    return {
-        "V8": max([0] + list(control_dependent_controls.values()))
-    }
-
-
-def _v8_single_query(root, sitter, lang, calls, query, control_dependent_controls, thread_lock):
-    tag = "condition" if "Q_CONDITION" in query else "stmt"
-    for node in sitter.captures(query, root, lang).get(tag, []):
-        parents = _traverse_parent_controls(node)
-        if len(parents) > 0:
-            with thread_lock:
-                control_dependent_controls[parents[-1].start_byte] += 1
-
-
-def _traverse_parent_controls(node):
-    """ Climb up the AST and emit all control nodes. """
-    control_types = [
-        "if_statement",
-        "switch_statement",
-        "do_statement",
-        "while_statement",
-        "for_statement"
-    ]
-    parent_controls = []
-    parent = node.parent
-    while parent is not None:
-        if parent.type in control_types:
-            parent_controls.append(parent)
-        parent = parent.parent
-    return parent_controls
-
-
-def v9(root, sitter, lang, calls=None):
-    """
-    V9: maximum number of data-dependent control structures
-    """
-    sitter.add_queries({
-        "Q_CONDITION": Q_CONDITION,
-        "Q_BINARY_EXPR": Q_BINARY_EXPR
-    })
-    logical_ops = [
-        "&", "&&",
-        "|", "||"
-    ]
-
-    conditions = sitter.captures("Q_CONDITION", root, lang).get("condition", [])
-    var_count = Counter()
-    for condition in conditions:
-        bin_expr = sitter.captures("Q_BINARY_EXPR", condition, lang).get("expr", [])
-        for expr in bin_expr:
-            if len(expr.children) != 3:
-                continue
-            left, op, right = expr.children
-            if op.text.decode() in logical_ops:
-                var_count.update(get_identifiers(sitter, expr, lang, filter=calls))
-
-    return {
-        "V9": max([0] + list(var_count.values()))
-    }
-
-
-def v10(root, sitter, lang, calls=None):
-    """
-    V10: number of if statements without else
-    """
-    sitter.add_queries({
-        "Q_IF_WITHOUT_ELSE": Q_IF_WITHOUT_ELSE
-    })
-
-    if_without_else = sitter.captures("Q_IF_WITHOUT_ELSE", root, lang).get("stmt", [])
-    return {
-        "V10": len(if_without_else)
-    }
-
-
-def v11(root, sitter, lang, calls=None):
-    """
-    V11: number of variables in control structures (in each predicate)
-    """
-    sitter.add_queries({
-        "Q_CONDITION": Q_CONDITION
-    })
-
-    num_controlled_vars = 0
-    conditions = sitter.captures("Q_CONDITION", root, lang).get("condition", [])
-    for condition in conditions:
-        num_controlled_vars += len(get_identifiers(sitter, condition, lang, filter=calls))
-    return {
-        "V11": num_controlled_vars
-    }