fbsamples / fbctf-2019-challenges
Source Code Overview

Analysis scope, overview of main, test, generated, deployment, build, and other code.

Source Code Analysis Scope
Files includes and excluded from analyses
d
txt
rlib
ini
toml
cc
  • 23 extensions are included in analyses: py, md, sh, json, yml, d, c, html, php, txt, h, go, rlib, asm, ini, cpp, toml, rs, sql, thrift, cc, css, ex
  • 8 criteria are used to exclude files from analysis:
    • exclude files with path like ".*/dist/.*" (Distributions) (16 files).
    • exclude files with path like ".*/bin/.*" (Binaries for distribution) (3 files).
    • exclude files with path like ".*/[.][a-zA-Z0-9_]+.*" (Hidden files and folders) (22 files).
    • exclude files with path like ".*/target/.*" (Compiled files) (21 files).
    • exclude files with path like ".*/deps/.*" (Dependencies) (0 files).
    • exclude files with path like ".*/git[-]history[.]txt" (Git history) (1 file).
    • exclude files with path like ".*/git[-][a-zA-Z0-9_]+[.]txt" (Git data exports for sokrates analyses) (0 files).
    • exclude files with path like ".*[.]txt" (Text files) (12 files).
Overview of Analyzed Files
Basic stats on analyzed files
Intro
For analysis purposes we separate files in scope into several categories: main, test, generated, deployment and build, and other.

  • The main category contains all manually created source code files that are being used in the production.
  • Files in the main category are used as input for other analyses: logical decomposition, concerns, duplication, file size, unit size, and conditional complexity.
  • Test source code files are used only for testing of the product. These files are normally not deployed to production.
  • Build and deployment source code files are used to configure or support build and deployment process.
  • Generated source code files are automatically generated files that have not been manually changed after generation.
  • While a source code folder may contain a number of files, we are primarily interested in the source code files that are being written and maintained by developers.
  • Files containing binaries, documentation, or third-party libraries, for instance, are excluded from analysis. The exception are third-party libraries that have been changed by developers.

main16362 LOC (89%) 150 files
test60 LOC (<1%) 5 files
generated23 LOC (<1%) 1 files
build and deployment432 LOC (2%) 41 files
other1504 LOC (8%) 36 files
Main Code
All manually created or maintained source code that defines logic of the product that is run in a production environment.
cc
toml
Explore:   circles  |  sunburst
  • The following criteria are used to filter files:
    • files with paths like ".*".
  • 150 files match defined criteria (16,362 lines of code, 100.0% vs. main code):
    • 62 *.py files (4,998 lines of code)
    • 19 *.c files (4,016 lines of code)
    • 11 *.go files (2,108 lines of code)
    • 13 *.h files (1,600 lines of code)
    • 5 *.asm files (1,258 lines of code)
    • 5 *.cpp files (868 lines of code)
    • 18 *.html files (677 lines of code)
    • 2 *.cc files (344 lines of code)
    • 9 *.php files (238 lines of code)
    • 1 *.rs files (155 lines of code)
    • 1 *.ex files (43 lines of code)
    • 1 *.thrift files (33 lines of code)
    • 3 *.toml files (24 lines of code)
  • " *.py" is biggest, containing 30.55% of code.
  • " *.toml" is smallest, containing 0.15% of code.


*.py4998 LOC (30%) 62 files
*.c4016 LOC (24%) 19 files
*.go2108 LOC (12%) 11 files
*.h1600 LOC (9%) 13 files
*.asm1258 LOC (7%) 5 files
*.cpp868 LOC (5%) 5 files
*.html677 LOC (4%) 18 files
*.cc344 LOC (2%) 2 files
*.php238 LOC (1%) 9 files
*.rs155 LOC (<1%) 1 files
*.ex43 LOC (<1%) 1 files
*.thrift33 LOC (<1%) 1 files
*.toml24 LOC (<1%) 3 files
Test Code
Used only for testing of the product. Normally not deployed in a production environment.
Explore:   circles  |  sunburst
  • The following criteria are used to filter files:
    • files with paths like ".*/[Tt]est/.*".
    • files with paths like ".*/test_.*".
  • 5 files match defined criteria (60 lines of code, 0.4% vs. main code):
    • 1 *.c files (32 lines of code)
    • 4 *.sh files (28 lines of code)
  • " *.c" is biggest, containing 53.33% of code.
  • " *.sh" is smallest, containing 46.67% of code.


*.c32 LOC (53%) 1 files
*.sh28 LOC (46%) 4 files
Generated Code
Automatically generated files, not manually changed after generation.
Explore:   circles  |  sunburst
  • The following criteria are used to filter files:
    • files with paths like ".*[.](html|html|xhtml)" AND any line of content like "[ ]*[<]meta name[=]"generator" .*".
  • 1 file matches defined criteria (23 lines of code, 0.1% vs. main code). All matches are in *.html files.


*.html23 LOC (100%) 1 files
Build and Deployment Code
Source code used to configure or support build and deployment process.
Explore:   circles  |  sunburst
  • The following criteria are used to filter files:
    • files with paths like ".*[.]sh".
    • files with paths like ".*/docker[-]compose[.]yml".
  • 41 files match defined criteria (432 lines of code, 2.6% vs. main code):
    • 21 *.yml files (279 lines of code)
    • 20 *.sh files (153 lines of code)
  • " *.yml" is biggest, containing 64.58% of code.
  • " *.sh" is smallest, containing 35.42% of code.


*.yml279 LOC (64%) 21 files
*.sh153 LOC (35%) 20 files
Other Code
ini
Explore:   circles  |  sunburst
  • The following criteria are used to filter files:
    • files with paths like ".*[.]md".
    • files with paths like ".*/README[.][a-z0-9]+".
    • files with paths like ".*[.]txt".
    • files with paths like ".*[.]ini".
    • files with paths like ".*[.]json".
    • files with paths like ".*[.](xml|xsd|robot|sql|pgsql|dashboard|profile|ipynb|raml|avsc|al)".
  • 36 files match defined criteria (1,504 lines of code, 9.2% vs. main code):
    • 29 *.md files (1,397 lines of code)
    • 2 *.sql files (91 lines of code)
    • 5 *.ini files (16 lines of code)
  • " *.md" is biggest, containing 92.89% of code.
  • " *.ini" is smallest, containing 1.06% of code.


*.md1397 LOC (92%) 29 files
*.sql91 LOC (6%) 2 files
*.ini16 LOC (1%) 5 files
Analyzers
Info about analyzers used for source code examinations.
  • *.py files are analyzed with PythonAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Basic heuristic dependency analysis
  • *.c files are analyzed with CStyleAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • No dependency analysis
  • *.go files are analyzed with GoLangAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Basic heuristic dependency analysis
  • *.h files are analyzed with CppAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Advanced heuristic dependency analysis
  • *.asm files are analyzed with DefaultLanguageAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Basic code cleaning (empty lines removed for LOC calculations and duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • No dependency analysis
  • *.cpp files are analyzed with CppAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Advanced heuristic dependency analysis
  • *.html files are analyzed with HtmlAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Advanced heuristic dependency analysis
  • *.cc files are analyzed with CppAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Advanced heuristic dependency analysis
  • *.php files are analyzed with PhpAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • Basic heuristic dependency analysis
  • *.rs files are analyzed with RustAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • Unit size analysis
    • Conditional complexity analysis
    • No dependency analysis
  • *.ex files are analyzed with DefaultLanguageAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Basic code cleaning (empty lines removed for LOC calculations and duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • No dependency analysis
  • *.thrift files are analyzed with ThriftAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Advanced code cleaning (empty lines and comments removed for LOC calculations, additional cleaning for duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • No dependency analysis
  • *.toml files are analyzed with DefaultLanguageAnalyzer:
    • All basic standard analyses supported (source code overview, duplication, file size, concerns, findings, metrics, controls)
    • Basic code cleaning (empty lines removed for LOC calculations and duplication calculations)
    • No unit size analysis
    • No conditional complexity analysis
    • No dependency analysis

2022-01-26 09:36