weggli
weggli copied to clipboard
googleprojectzero
weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interesting functionality in large codebases.
I install weggli use this command : cargo install weggli and finally i can run weggli success. this is the simple c code which i want to analyse with weggli...
e.g ``` void test() { __asm__ __volatile__ ("mov xxxxxx"); } ``` I queryed with `'{__asm__ __volatile__ ();}'` but nothing was matched. Can weggli query correctly if keywords such as `__volatile__`...
searcch pattern is : weggli '$a = 0; NOT: if($a); _ / $a;' ./src/autofit/aflatin.c -v,i add not search if($a),but it still match,i don't known how to debug this question. 04:37:46...
I now have a scenario where the func call is `test (IN arg1, IN arg2, OUT &arg3)`, then i want to match the 3rd arg, but when i was build...
I want to search for vulnerability code for unique_ptr moved twice. Therefore, I need to search for code snippets in the same block for double move statements. For example, `{...
When establishing rules, the position of function parameters will affect weggli's search, for example: ```c int bad(int limit,char *buf) { char buf[BUFSIZE]; for (int i = 0; i < limit;...
We can't easily match a number with weggli, we must use a wildcard. Code: ``` void fun() { char a[45]; char b[size]; } ``` Let say I want to find...
To get the binja plugin added to the plugin manager, we need to make a release and then open an issue in that repo as laid out here: https://github.com/Vector35/community-plugins#contributing-plugins
Hi, This is amazing tool! I have been able to find dozens of valid bugs in our production code with weggli for code review. It is very effective for simple...
Runs cargo fmt. Adds inner_range to python.rs and result.rs - this returns the offsets of the query match ignoring the containing function, this is more useful for find/replace operations based...
Metadata
Owner
Metadata
weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interesting functionality in large codebases.