semanticfw

package module

Go to main page

Versions in this module

v2

v2.4.1

Jan 22, 2026

v2.2.1

Jan 18, 2026

Changes in this version

+ var MaxStringLiteralLen = 4096

+ var MaxTotalStringBytes = 1024 * 64

+ func SetTopologyLimits(maxLen, maxTotal int)

type FunctionTopology

+ CyclomaticComplexity int

+ InstrCounts map[string]int

v2.2.0

Jan 16, 2026

Changes in this version

+ const MaxFunctionBlocks

+ const MaxSCEVDepth

+ func GetHardenedEnv() []string

+ func MapSimilarity(a, b map[string]int) float64

+ type DatabaseMetadata struct

+ CreatedAt time.Time

+ Custom map[string]string

+ Description string

+ LastUpdatedAt time.Time

+ SignatureCount int

+ SourceHash string

+ Version string

+ type PebbleScanner struct

+ func NewPebbleScanner(dbPath string, opts PebbleScannerOptions) (*PebbleScanner, error)

+ func (s *PebbleScanner) AddSignature(sig Signature) error

+ func (s *PebbleScanner) AddSignatures(sigs []Signature) error

+ func (s *PebbleScanner) Checkpoint() error

+ func (s *PebbleScanner) Close() error

+ func (s *PebbleScanner) Compact() error

+ func (s *PebbleScanner) CountSignatures() (int, error)

+ func (s *PebbleScanner) DeleteMetadata(key string) error

+ func (s *PebbleScanner) DeleteSignature(id string) error

+ func (s *PebbleScanner) ExportToJSON(jsonPath string) error

+ func (s *PebbleScanner) GetAllMetadata() (*DatabaseMetadata, error)

+ func (s *PebbleScanner) GetMetadata(key string) (string, error)

+ func (s *PebbleScanner) GetSignature(id string) (*Signature, error)

+ func (s *PebbleScanner) GetSignatureByTopology(topoHash string) (*Signature, error)

+ func (s *PebbleScanner) GetSnapshot() *pebble.Snapshot

+ func (s *PebbleScanner) InitializeMetadata(version, description string) error

+ func (s *PebbleScanner) ListSignatureIDs() ([]string, error)

+ func (s *PebbleScanner) MarkFalsePositive(id string, notes string) error

+ func (s *PebbleScanner) MigrateFromJSON(jsonPath string) (int, error)

+ func (s *PebbleScanner) RebuildIndexes() error

+ func (s *PebbleScanner) ScanBatch(topologies map[string]*FunctionTopology) map[string][]ScanResult

+ func (s *PebbleScanner) ScanByEntropyRange(minEntropy, maxEntropy float64) ([]Signature, error)

+ func (s *PebbleScanner) ScanTopology(topo *FunctionTopology, funcName string) ([]ScanResult, error)

+ func (s *PebbleScanner) ScanTopologyExact(topo *FunctionTopology, funcName string) (*ScanResult, error)

+ func (s *PebbleScanner) ScanTopologyWithSnapshot(snap *pebble.Snapshot, topo *FunctionTopology, funcName string) ([]ScanResult, error)

+ func (s *PebbleScanner) SetAllMetadata(meta *DatabaseMetadata) error

+ func (s *PebbleScanner) SetEntropyTolerance(tolerance float64)

+ func (s *PebbleScanner) SetMetadata(key, value string) error

+ func (s *PebbleScanner) SetThreshold(threshold float64)

+ func (s *PebbleScanner) Stats() (*PebbleScannerStats, error)

+ func (s *PebbleScanner) TouchLastUpdated() error

+ type PebbleScannerOptions struct

+ CacheSize int64

+ EntropyTolerance float64

+ MatchThreshold float64

+ ReadOnly bool

+ func DefaultPebbleScannerOptions() PebbleScannerOptions

+ type PebbleScannerStats struct

+ DiskSpaceUsed int64

+ EntropyIndexCount int

+ FuzzyIndexCount int

+ SignatureCount int

+ TopoIndexCount int

v2.0.1

Jan 14, 2026

Changes in this version

+ const MaxCandidates

+ const MaxRenamerDepth

+ var DefaultLiteralPolicy = LiteralPolicy

+ var KeepAllLiteralsPolicy = LiteralPolicy

+ func AnalyzeSCEV(info *LoopInfo)

+ func BuildSSAFromPackages(initialPkgs []*packages.Package) (*ssa.Program, *ssa.Package, error)

+ func CalculateEntropy(data []byte) float64

+ func CalculateEntropyNormalized(data []byte) float64

+ func CheckIRPattern(t *testing.T, ir string, pattern string)

+ func ComputeTopologySimilarityExported(topo *FunctionTopology, sig Signature) float64

+ func EntropyDistance(e1, e2 float64) float64

+ func EntropyMatch(e1, e2, tolerance float64) bool

+ func FormatEntropyKeyExported(entropy float64, id string) string

+ func GenerateFuzzyHash(t *FunctionTopology) string

+ func GenerateTopologyHashExported(topo *FunctionTopology) string

+ func GetFunctionNames(results []FingerprintResult) []string

+ func MatchCallsExported(topo *FunctionTopology, required []string) (score float64, matched, missing []string)

+ func MatchFunctionsByTopology(oldResults, newResults []FingerprintResult, threshold float64) (matched []TopologyMatch, addedFuncs []FingerprintResult, ...)

+ func ReleaseCanonicalizer(c *Canonicalizer)

+ func SetupTestEnv(t *testing.T, dirPrefix string) (string, func())

+ func ShortFuncName(fullName string) string

+ func TopologyFingerprint(t *FunctionTopology) string

+ func TopologySimilarity(a, b *FunctionTopology) float64

+ type BoltScanner struct

+ func NewBoltScanner(dbPath string, opts BoltScannerOptions) (*BoltScanner, error)

+ func (s *BoltScanner) AddSignature(sig Signature) error

+ func (s *BoltScanner) AddSignatures(sigs []Signature) error

+ func (s *BoltScanner) Close() error

+ func (s *BoltScanner) Compact(destPath string) error

+ func (s *BoltScanner) CountSignatures() (int, error)

+ func (s *BoltScanner) DeleteSignature(id string) error

+ func (s *BoltScanner) ExportToJSON(jsonPath string) error

+ func (s *BoltScanner) GetSignature(id string) (*Signature, error)

+ func (s *BoltScanner) GetSignatureByTopology(topoHash string) (*Signature, error)

+ func (s *BoltScanner) ListSignatureIDs() ([]string, error)

+ func (s *BoltScanner) MarkFalsePositive(id string, notes string) error

+ func (s *BoltScanner) MigrateFromJSON(jsonPath string) (int, error)

+ func (s *BoltScanner) RebuildIndexes() error

+ func (s *BoltScanner) ScanTopology(topo *FunctionTopology, funcName string) []ScanResult

+ func (s *BoltScanner) ScanTopologyExact(topo *FunctionTopology, funcName string) *ScanResult

+ func (s *BoltScanner) SetEntropyTolerance(tolerance float64)

+ func (s *BoltScanner) SetThreshold(threshold float64)

+ func (s *BoltScanner) Stats() (*BoltScannerStats, error)

+ type BoltScannerOptions struct

+ EntropyTolerance float64

+ MatchThreshold float64

+ ReadOnly bool

+ Timeout time.Duration

+ func DefaultBoltScannerOptions() BoltScannerOptions

+ type BoltScannerStats struct

+ EntropyIndexSize int64

+ FileSize int64

+ SignatureCount int

+ TopoIndexCount int

+ type Canonicalizer struct

+ Policy LiteralPolicy

+ StrictMode bool

+ func AcquireCanonicalizer(policy LiteralPolicy) *Canonicalizer

+ func NewCanonicalizer(policy LiteralPolicy) *Canonicalizer

+ func (c *Canonicalizer) ApplyVirtualControlFlowFromState(swappedBlocks map[*ssa.BasicBlock]bool, ...)

+ func (c *Canonicalizer) CanonicalizeFunction(fn *ssa.Function) string

+ type ControlFlowHints struct

+ HasInfiniteLoop bool

+ HasReconnectLogic bool

+ type EntropyClass int

+ const EntropyHigh

+ const EntropyLow

+ const EntropyNormal

+ const EntropyPacked

+ func ClassifyEntropy(entropy float64) EntropyClass

+ func (c EntropyClass) String() string

+ type EntropyProfile struct

+ Classification EntropyClass

+ Overall float64

+ StringLiteralEntropy float64

+ func CalculateEntropyProfile(bodyBytes []byte, stringLiterals []string) EntropyProfile

+ type FingerprintResult struct

+ CanonicalIR string

+ Filename string

+ Fingerprint string

+ FunctionName string

+ Line int

+ Pos token.Pos

+ func CompileAndGetFunction(t *testing.T, src, funcName string) *FingerprintResult

+ func FindResult(results []FingerprintResult, name string) *FingerprintResult

+ func FingerprintPackages(initialPkgs []*packages.Package, policy LiteralPolicy, strictMode bool) ([]FingerprintResult, error)

+ func FingerprintSource(filename string, src string, policy LiteralPolicy) ([]FingerprintResult, error)

+ func FingerprintSourceAdvanced(filename string, src string, policy LiteralPolicy, strictMode bool) ([]FingerprintResult, error)

+ func GenerateFingerprint(fn *ssa.Function, policy LiteralPolicy, strictMode bool) FingerprintResult

+ func (r FingerprintResult) GetSSAFunction() *ssa.Function

+ type FunctionTopology struct

+ BinOpCounts map[string]int

+ BlockCount int

+ BranchCount int

+ CallSignatures map[string]int

+ EntropyProfile EntropyProfile

+ EntropyScore float64

+ FuzzyHash string

+ HasDefer bool

+ HasGo bool

+ HasPanic bool

+ HasRange bool

+ HasRecover bool

+ HasSelect bool

+ InstrCount int

+ LoopCount int

+ ParamCount int

+ ParamTypes []string

+ PhiCount int

+ ReturnCount int

+ ReturnTypes []string

+ StringLiterals []string

+ UnOpCounts map[string]int

+ func ExtractTopology(fn *ssa.Function) *FunctionTopology

+ type IVType int

+ const IVTypeBasic

+ const IVTypeDerived

+ const IVTypeGeometric

+ const IVTypePolynomial

+ const IVTypeUnknown

+ type IdentifyingFeatures struct

+ ControlFlow *ControlFlowHints

+ OptionalCalls []string

+ RequiredCalls []string

+ StringPatterns []string

+ type InductionVariable struct

+ Phi *ssa.Phi

+ Start SCEV

+ Step SCEV

+ Type IVType

+ type LiteralPolicy struct

+ AbstractControlFlowComparisons bool

+ AbstractOtherTypes bool

+ KeepReturnStatusValues bool

+ KeepSmallIntegerIndices bool

+ KeepStringLiterals bool

+ SmallIntMax int64

+ SmallIntMin int64

+ func (p *LiteralPolicy) ShouldAbstract(c *ssa.Const, usageContext ssa.Instruction) bool

+ type Loop struct

+ Blocks map[*ssa.BasicBlock]bool

+ Children []*Loop

+ Exits []*ssa.BasicBlock

+ Header *ssa.BasicBlock

+ Inductions map[*ssa.Phi]*InductionVariable

+ Latch *ssa.BasicBlock

+ Parent *Loop

+ SCEVCache map[ssa.Value]SCEV

+ TripCount SCEV

+ func (l *Loop) String() string

+ type LoopInfo struct

+ Function *ssa.Function

+ LoopMap map[*ssa.BasicBlock]*Loop

+ Loops []*Loop

+ func DetectLoops(fn *ssa.Function) *LoopInfo

+ type MatchDetails struct

+ CallsMatched []string

+ CallsMissing []string

+ EntropyDistance float64

+ EntropyMatch bool

+ StringsMatched []string

+ TopologyMatch bool

+ TopologySimilarity float64

+ type Renamer func(ssa.Value) string

+ type SCEV interface

+ EvaluateAt func(k *big.Int) *big.Int

+ IsLoopInvariant func(loop *Loop) bool

+ String func() string

+ StringWithRenamer func(r Renamer) string

+ type SCEVAddRec struct

+ Loop *Loop

+ Start SCEV

+ Step SCEV

+ func (s *SCEVAddRec) EvaluateAt(k *big.Int) *big.Int

+ func (s *SCEVAddRec) IsLoopInvariant(loop *Loop) bool

+ func (s *SCEVAddRec) Name() string

+ func (s *SCEVAddRec) Parent() *ssa.Function

+ func (s *SCEVAddRec) Pos() token.Pos

+ func (s *SCEVAddRec) Referrers() *[]ssa.Instruction

+ func (s *SCEVAddRec) String() string

+ func (s *SCEVAddRec) StringWithRenamer(r Renamer) string

+ func (s *SCEVAddRec) Type() types.Type

+ type SCEVConstant struct

+ Value *big.Int

+ func SCEVFromConst(c *ssa.Const) *SCEVConstant

+ func (s *SCEVConstant) EvaluateAt(k *big.Int) *big.Int

+ func (s *SCEVConstant) IsLoopInvariant(loop *Loop) bool

+ func (s *SCEVConstant) Name() string

+ func (s *SCEVConstant) Parent() *ssa.Function

+ func (s *SCEVConstant) Pos() token.Pos

+ func (s *SCEVConstant) Referrers() *[]ssa.Instruction

+ func (s *SCEVConstant) String() string

+ func (s *SCEVConstant) StringWithRenamer(r Renamer) string

+ func (s *SCEVConstant) Type() types.Type

+ type SCEVGenericExpr struct

+ Op token.Token

+ X SCEV

+ Y SCEV

+ func (s *SCEVGenericExpr) EvaluateAt(k *big.Int) *big.Int

+ func (s *SCEVGenericExpr) IsLoopInvariant(loop *Loop) bool

+ func (s *SCEVGenericExpr) Name() string

+ func (s *SCEVGenericExpr) Parent() *ssa.Function

+ func (s *SCEVGenericExpr) Pos() token.Pos

+ func (s *SCEVGenericExpr) Referrers() *[]ssa.Instruction

+ func (s *SCEVGenericExpr) String() string

+ func (s *SCEVGenericExpr) StringWithRenamer(r Renamer) string

+ func (s *SCEVGenericExpr) Type() types.Type

+ type SCEVUnknown struct

+ IsInvariant bool

+ Value ssa.Value

+ func (s *SCEVUnknown) EvaluateAt(k *big.Int) *big.Int

+ func (s *SCEVUnknown) IsLoopInvariant(loop *Loop) bool

+ func (s *SCEVUnknown) Name() string

+ func (s *SCEVUnknown) Parent() *ssa.Function

+ func (s *SCEVUnknown) Pos() token.Pos

+ func (s *SCEVUnknown) Referrers() *[]ssa.Instruction

+ func (s *SCEVUnknown) String() string

+ func (s *SCEVUnknown) StringWithRenamer(r Renamer) string

+ func (s *SCEVUnknown) Type() types.Type

+ type ScanResult struct

+ Confidence float64

+ MatchDetails MatchDetails

+ MatchedFunction string

+ Severity string

+ SignatureID string

+ SignatureName string

+ type Scanner struct

+ func NewScanner() *Scanner

+ func (s *Scanner) AddSignature(sig Signature)

+ func (s *Scanner) GetDatabase() *SignatureDatabase

+ func (s *Scanner) LoadDatabase(path string) error

+ func (s *Scanner) SaveDatabase(path string) error

+ func (s *Scanner) ScanTopology(topo *FunctionTopology, funcName string) []ScanResult

+ func (s *Scanner) SetThreshold(threshold float64)

+ type Signature struct

+ Category string

+ Description string

+ EntropyScore float64

+ EntropyTolerance float64

+ FuzzyHash string

+ ID string

+ IdentifyingFeatures IdentifyingFeatures

+ LoopDepth int

+ Metadata SignatureMetadata

+ Name string

+ NodeCount int

+ Severity string

+ TopologyHash string

+ func IndexFunction(topo *FunctionTopology, name, description, severity, category string) Signature

+ type SignatureDatabase struct

+ Description string

+ Signatures []Signature

+ Version string

+ type SignatureMetadata struct

+ Author string

+ Created string

+ References []string

+ type TopologyMatch struct

+ ByName bool

+ NewResult FingerprintResult

+ NewTopology *FunctionTopology

+ OldResult FingerprintResult

+ OldTopology *FunctionTopology

+ Similarity float64

+ type Zipper struct

+ func NewZipper(oldFn, newFn *ssa.Function, policy LiteralPolicy) (*Zipper, error)

+ func (z *Zipper) ComputeDiff() (*ZipperArtifacts, error)

+ type ZipperArtifacts struct

+ Added []string

+ MatchedNodes int

+ NewFunction string

+ OldFunction string

+ Preserved bool

+ Removed []string

Other modules containing this package

github.com/BlackVectorOps/semantic_firewall

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL