55 releases

Uses new Rust 2021

0.5.27 Jun 21, 2022
0.5.23 May 25, 2022
0.5.18 Mar 25, 2022
0.4.0 Nov 28, 2021

#3 in #static-analysis

Download history 30/week @ 2022-03-08 246/week @ 2022-03-15 370/week @ 2022-03-22 47/week @ 2022-03-29 52/week @ 2022-04-05 57/week @ 2022-04-12 82/week @ 2022-04-19 315/week @ 2022-04-26 265/week @ 2022-05-03 766/week @ 2022-05-10 161/week @ 2022-05-17 303/week @ 2022-05-24 547/week @ 2022-05-31 174/week @ 2022-06-07 23/week @ 2022-06-14 48/week @ 2022-06-21

835 downloads per month
Used in flowistry_ide

MIT license

180KB
5K SLoC

Information flow analysis

This crate contains the core analysis used by the Flowistry IDE plugin. It is a Rust compiler plugin that computes the information flow within a function. The main analysis is at flowistry::infoflow::compute_flow.

Documentation: https://willcrichton.net/flowistry/flowistry/

For details about this analysis, please read our paper "Modular Information Flow Through Ownership". If you use Flowistry in your research, please cite our paper:

@misc{crichton2021modular,
      title={Modular Information Flow Through Ownership},
      author={Will Crichton and Marco Patrignani and Maneesh Agrawala and Pat Hanrahan},
      year={2021},
      eprint={2111.13662},
      archivePrefix={arXiv},
      primaryClass={cs.PL}
}

lib.rs:

This crate provides the Flowistry API, a modular information flow analysis for Rust programs. The theory and evaluation of Flowistry is described in the paper "Modular Information Flow through Ownership" (Crichton et al. 2022). See example.rs for an example of how to use the Flowistry API.

Information flow is whether one instruction or variable can affect another during a program's execution. Information flow can be used to analyze whether secure values can leak to insecure places ("information flow control"), and to analyze which parts of a program are relevant to a given variable ("program slicing").

This analysis uses the Rust compiler via the rustc API. Given a MIR body, the function [infoflow::compute_flow] computes the information flow within that body. Check out those docs for more information on the specific data structure that is computed.

If you are interested in using Flowistry, please reach out directly to Will Crichton (wcrichto@cs.stanford.edu) or join our Discord. If you use Flowistry in your research, then please cite our paper:

@inproceedings{crichton2022,
  author = {Crichton, Will and Patrignani, Marco and Agrawala, Maneesh and Hanrahan, Pat},
  title = {Modular Information Flow through Ownership}, year = {2022},
  isbn = {9781450392655}, publisher = {Association for Computing Machinery},
  address = {New York, NY, USA}, url = {https://doi.org/10.1145/3519939.3523445},
  booktitle = {Proceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation},
  pages = {1–14}, numpages = {14}, keywords = {information flow, rust, ownership types},
  location = {San Diego, CA, USA}, series = {PLDI 2022}, doi = {10.1145/3519939.3523445},
}

Dependencies

~1–1.8MB
~38K SLoC