void CheckValidity(CharSetSolver css, Automaton <BDD> aut, Regex regex) { if (!aut.IsEmpty) { for (int i = 0; i < 1000; i++) { var str = css.GenerateMember(aut); if (!str.Contains("\u200C") && !str.Contains("\u200D") && !str.Contains("\n")) { Assert.IsTrue(regex.IsMatch(str), str); } } } var aut_compl = aut.Complement().Minimize(); if (!aut_compl.IsEmpty) { for (int i = 0; i < 1000; i++) { var str = css.GenerateMember(aut_compl); if (!str.Contains("\u200C") && !str.Contains("\u200D") && !str.Contains("\n")) { if (regex.IsMatch(str)) { Assert.IsFalse(true, regex + ":" + StringUtility.Escape(str)); } } } } }
public void TestMSO_Succ() { var solver = new CharSetSolver(BitWidth.BV32); var x = new Variable("x", true); var y = new Variable("y", true); MSOFormula <BDD> phi = new MSOForall <BDD>(x, new MSOImplies <BDD>( new MSOPredicate <BDD>(solver.MkCharConstraint('c'), x), new MSOExists <BDD>(y, new MSOAnd <BDD>( new MSOSuccN <BDD>(x, y, 1), new MSOPredicate <BDD>(solver.MkCharConstraint('a'), y) ) ) ) ); var aut = phi.GetAutomaton(solver); for (int i = 0; i < 10; i++) { var s = solver.GenerateMember(aut); Assert.IsTrue(System.Text.RegularExpressions.Regex.IsMatch(s, "^(ca|[^c])*$")); } var aut2 = solver.RegexConverter.Convert("^(ca|[^c])*$"); Assert.IsTrue(aut2.IsEquivalentWith(aut)); }
public void AutomSample1() { CharSetSolver solver = new CharSetSolver(BitWidth.BV7); //new solver using ASCII encoding string r1 = @"^[A-Za-z0-9]+@(([A-Za-z0-9\-])+\.)+([A-Za-z\-])+$"; // regex for "almost" valid emails Automaton <BDD> A = solver.Convert(r1); //accepts strings that match the regex r1 A = A.RemoveEpsilons(); //remove epsilons, uses disjunction of character sets to combine transitions //solver.ShowGraph(A, "A.dgml"); //save and visualize the automaton using dgml string s = solver.GenerateMember(A); //grenerate some member }
public void TestMSO_Neg() { var solver = new CharSetSolver(BitWidth.BV7); //var phi = new MSOTrue(); MSOFormula<BDD> phi = new MSONot<BDD>(new MSOExists<BDD>(V1("x"), new MSOPredicate<BDD>(solver.MkCharConstraint( 'c'), V1("x")))); var aut = phi.GetAutomaton(solver); for (int i = 0; i < 10; i++) { var s = solver.GenerateMember(aut); Assert.IsTrue(System.Text.RegularExpressions.Regex.IsMatch(s, "^[^c]*$")); } var aut2 = solver.RegexConverter.Convert("^[^c]*$"); Assert.IsTrue(aut2.IsEquivalentWith(aut)); }
public void AutomSample2() { CharSetSolver solver = new CharSetSolver(BitWidth.BV16); //charset solver string a = @"^[A-Za-z0-9]+@(([A-Za-z0-9\-])+\.)+([A-Za-z\-])+$"; //.Net regex string b = @"^\d.*$"; //.Net regex Automaton <BDD> A = solver.Convert(a); //create the equivalent automata Automaton <BDD> B = solver.Convert(b); Automaton <BDD> C = A.Minus(B); //construct the difference //solver.ShowGraph(C, "C.dgml"); var M = C.Determinize().MinimizeHopcroft(); //minimize the automaton //solver.ShowGraph(M, "M.dgml"); //save and visualize //var M2 = C.Determinize(solver).Minimize2(solver); //minimize the automaton //solver.ShowGraph(M2, "M2.dgml"); //save and visualize string s = solver.GenerateMember(M); //generate some member, e.g. "[email protected]" }
public void TestGeneratedCssEncode() { CharSetSolver css = new CharSetSolver(BitWidth.BV16); var A = css.Convert(".{50,}"); //at least 100 characters var utf16 = css.Convert(@"^([\0-\uD7FF\uE000-\uFFFD]|([\uD800-\uDBFF][\uDC00-\uDFFF]))*$"); A = A.Intersect(utf16); //css.Chooser.RandomSeed = 123; int okCnt = 0; int error1Cnt = 0; int error2Cnt = 0; int diffErrors = 0; for (int i = 0; i < 1000; i++) { string input = css.GenerateMember(A); string out_expected; string out_CssEncode; string out_CssEncode_B; string out_CssEncode_F; int stat_expected = TryActualCssEncode(input, out out_expected); int stat_CssEncode = TryGeneratedCssEncode(input, out out_CssEncode); int stat_CssEncode_B = TryGeneratedCssEncode_B(input, out out_CssEncode_B); int stat_CssEncode_F = TryGeneratedCssEncode_F(input, out out_CssEncode_F); Assert.AreEqual <string>(out_expected, out_CssEncode); Assert.AreEqual <string>(out_expected, out_CssEncode_B); Assert.AreEqual <string>(out_expected, out_CssEncode_F); Assert.AreEqual <int>(stat_CssEncode, stat_CssEncode_B); Assert.AreEqual <int>(stat_CssEncode, stat_CssEncode_F); if (stat_expected != stat_CssEncode) { diffErrors += 1; } if (stat_expected == 0) { okCnt += 1; } else if (stat_expected == 1) { error1Cnt += 1; } else { error2Cnt += 1; } } Console.WriteLine("okCnt={0}, error1Cnt={1}, error2Cnt={2}, diffErrors={3}", okCnt, error1Cnt, error2Cnt, diffErrors); }
public void TestMSO_Forall() { var solver = new CharSetSolver(BitWidth.BV16); var x = new Variable("x", true); MSOFormula<BDD> phi = new MSOForall<BDD>(x, new MSOPredicate<BDD>(solver.MkCharConstraint('c',true), x)); var aut = phi.GetAutomaton(solver); //aut.ShowGraph("aut"); for (int i = 0; i < 10; i++) { TestContext.WriteLine(solver.GenerateMember(aut)); } var aut2 = solver.RegexConverter.Convert("^(c|C)*$"); //aut2.ShowGraph("aut2"); Assert.IsTrue(aut2.IsEquivalentWith(aut)); }
public void TestMSO_Or() { var solver = new CharSetSolver(BitWidth.BV32); MSOFormula <BDD> phi = new MSOForallFo <BDD>("x", new MSOOr <BDD>( new MSOPredicate <BDD>(solver.MkCharConstraint('c'), "x"), new MSOPredicate <BDD>(solver.MkCharConstraint('a'), "x") ) ); var aut = phi.GetAutomaton(solver); for (int i = 0; i < 10; i++) { var s = solver.GenerateMember(aut); Assert.IsTrue(System.Text.RegularExpressions.Regex.IsMatch(s, "^[ac]*$")); } var aut2 = solver.RegexConverter.Convert("^[ac]*$"); Assert.IsTrue(aut2.IsEquivalentWith(aut, solver)); }
public void TestMSO_Pred() { var solver = new CharSetSolver(BitWidth.BV16); var x = new Variable("x", true); var pred = new MSOPredicate<BDD>(solver.MkCharConstraint( 'c'), x); MSOFormula<BDD> phi = new MSOExists<BDD>(x, pred); var ca = new CartesianAlgebraBDD<BDD>(solver); var pred_aut = pred.GetAutomaton(ca); //pred_aut.ShowGraph("pred_aut"); var aut = phi.GetAutomaton(solver); for (int i = 0; i < 10; i++) { var s = solver.GenerateMember(aut); Assert.IsTrue(System.Text.RegularExpressions.Regex.IsMatch(s, "c"), "regex mismatch"); } var aut2 = solver.RegexConverter.Convert("c", System.Text.RegularExpressions.RegexOptions.Singleline); //aut2.ShowGraph("aut2"); //aut.ShowGraph("aut"); Assert.IsTrue(aut2.IsEquivalentWith(aut), "automata not equialent"); }
/* * IsYieldTypeSafe : * 2.1 Input parameters : * 2.1.1 Automaton<BvSet> implTypeCheckAutomaton : This input Automaton is generated for a phase of YTS checking of an impl. * 2.2 Return value : returns true if input automaton is subset of YTS property autoamaton. * 2.3 Action : Subset checking for a phase of an implementation. f L(YTSI) is subset of L(YTSP) {TRUE} else {FALSE} */ public static bool IsYieldTypeSafe(Automaton <BvSet> implTypeCheckAutomaton, Implementation impl, MoverTypeChecker moverTypeChecker, int phaseNum) { List <BvSet> witnessSet; var isNonEmpty = Automaton <BvSet> .CheckDifference( implTypeCheckAutomaton, yieldTypeCheckerAutomaton, 0, yieldTypeCheckerAutomatonSolver, out witnessSet); #if DEBUG && !DEBUG_DETAIL var diffAutomaton = implTypeCheckAutomaton.Minus(yieldTypeCheckerAutomaton, yieldTypeCheckerAutomatonSolver); string diffAutomatonGraphName = "diffAutomaton" + impl.Proc.Name + phaseNum.ToString(); yieldTypeCheckerAutomatonSolver.ShowGraph(diffAutomaton, diffAutomatonGraphName + ".dgml"); #endif #if DEBUG && !DEBUG_DETAIL string s = yieldTypeCheckerAutomatonSolver.GenerateMember(implTypeCheckAutomaton); Console.WriteLine("\n member " + s + " \n"); if (!yieldTypeCheckerAutomatonSolver.Accepts(yieldTypeCheckerAutomaton, s)) { Console.WriteLine("Property Automaton accepts a random member of impl_automaton " + s); } else { Console.WriteLine("Property Automaton does not accept a random member of impl_automaton " + s); } #endif if (isNonEmpty) { var witness = new String(Array.ConvertAll(witnessSet.ToArray(), bvset => (char)yieldTypeCheckerAutomatonSolver.Choose(bvset))); moverTypeChecker.Error(impl, "\n Body of " + impl.Proc.Name + " has invalid trace of actions " + witness + "\n"); return(false); } return(true); }
public void MkDifferenceTest() { var solver = new CharSetSolver(BitWidth.BV7); string regexA = "^[abc]c{3}$"; string regexB = "^(a|b)+[abc]{3}$"; var A = solver.Convert(regexA, System.Text.RegularExpressions.RegexOptions.None); //solver.ShowGraph(A, "A.dgml"); var B = solver.Convert(regexB, System.Text.RegularExpressions.RegexOptions.None); //solver.ShowGraph(B, "B.dgml"); var C = Automaton <BDD> .MkDifference(A, B, 0); //solver.ShowGraph(C, "C.dgml"); string s = solver.GenerateMember(C); Assert.IsTrue(System.Text.RegularExpressions.Regex.IsMatch(s, regexA), "must be a member of " + regexA); Assert.IsFalse(System.Text.RegularExpressions.Regex.IsMatch(s, regexB), "must not be a member of " + regexB); Assert.AreEqual <string>("cccc", s); }
public void TestGeneratedUtf8EncodeFlat() { int K = 100; //number of strings int L = 10000; //length of each string string _1; string _2; string _3; TryGeneratedUtf8EncodeFlat("\uDAE1\uDCA5", out _1); TryGeneratedUtf8Encode_F("\uDAE1\uDCA5", out _2); TryActualUtf8Encode("\uDAE1\uDCA5", out _3); Assert.AreEqual<string>(_1, _2); Assert.AreEqual<string>(_1, _3); CharSetSolver css = new CharSetSolver(BitWidth.BV16); var A = css.Convert("^.{" + L + "}$"); //var utf16 = css.Convert(@"^([\0-\uD7FF\uE000-\uFFFD]|([\uD800-\uDBFF][\uDC00-\uDFFF]))*$"); //var utf16 = css.Convert(@"^([\uD800-\uDBFF][\uDC00-\uDFFF])*$"); var utf16 = css.Convert(@"^([\0-\uD7FF\uE000-\uFFFD])*$"); A = Automaton<BDD>.MkProduct(A, utf16); //css.Chooser.RandomSeed = 123; string[] inputs = new string[K]; for (int i = 0; i < K; i++) { inputs[i] = css.GenerateMember(A); } for (int i = 0; i < K; i++) { string out_expected; string out_bek; string out_bek_stream; string out_bek_orig; int stat_expected = TryActualUtf8Encode(inputs[i], out out_expected); int stat_actual = TryGeneratedUtf8EncodeFlat(inputs[i], out out_bek); int stat_actual_stream = TryGeneratedUtf8EncodeStream(inputs[i], out out_bek_stream); int stat_actual_orig = TryGeneratedUtf8Encode_F(inputs[i], out out_bek_orig); Assert.AreEqual<string>(out_expected, out_bek_orig); Assert.AreEqual<string>(out_expected, out_bek); Assert.AreEqual<string>(out_expected, out_bek_stream); } int timeOur = System.Environment.TickCount; for (int i = 0; i < K; i++) { string tmp; TryGeneratedUtf8EncodeFlat(inputs[i], out tmp); } timeOur = System.Environment.TickCount - timeOur; int timeOurStream = System.Environment.TickCount; for (int i = 0; i < K; i++) { string tmp; TryGeneratedUtf8EncodeStream(inputs[i], out tmp); } timeOurStream = System.Environment.TickCount - timeOurStream; int timeOurOrig = System.Environment.TickCount; for (int i = 0; i < K; i++) { string tmp; TryGeneratedUtf8Encode(inputs[i], out tmp); } timeOurOrig = System.Environment.TickCount - timeOurOrig; int timeSys = System.Environment.TickCount; for (int i = 0; i < K; i++) { string tmp; TryActualUtf8Encode(inputs[i], out tmp); } timeSys = System.Environment.TickCount - timeSys; Console.WriteLine("timeOurStream:{3}ms, timeOur:{0}ms, timeOurOrig:{1}ms, timeSys:{2}ms", timeOur, timeOurOrig, timeSys, timeOurStream); }
static void TestRegex(Regex regex) { var solver = new CharSetSolver(); string myregex = regex.ToString(); //Regex.CompileToAssembly(new RegexCompilationInfo[] { new RegexCompilationInfo(myregex, RegexOptions.None, "EvilRegex", "RegexTransfomer", true) }, // new System.Reflection.AssemblyName("EvilRegex")); var sfa = solver.Convert(myregex, regex.Options).RemoveEpsilons(); var sfaDet = sfa.Determinize(); var sfaMin = sfaDet.Minimize(); //solver.ShowGraph(sfa, "sfa"); //solver.ShowGraph(sfaDet, "sfaDet"); //solver.ShowGraph(sfaMin, "sfaMin"); var cs = solver.ToCS(sfaMin, true, "MyRegex", "RegexTransfomer"); var regexMin = solver.ConvertToRegex(sfaMin); Console.WriteLine("------- given regex --------"); Console.WriteLine(myregex); Console.WriteLine("----------------------------"); Console.WriteLine("-------- regexMin ----------"); Console.WriteLine(regexMin); Console.WriteLine("----------------------------"); Console.WriteLine("-------- cs ----------------"); // Console.WriteLine(cs.SourceCode); Console.WriteLine("----------------------------"); string sIn = solver.GenerateMember(sfaMin); string sOut = solver.GenerateMember(sfaMin.Complement()); string s = sIn; int t1; //int t2; int t3; for (int i = 0; i < 2; i++) { //original regex t1 = System.Environment.TickCount; bool res1 = false; for (int j = 0; j < 100000; j++) { res1 = Regex.IsMatch(s, regex.ToString(), regex.Options); } //res1 = evilregex.IsMatch(s); t1 = System.Environment.TickCount - t1; ////minimized regex //t2 = System.Environment.TickCount; //bool res2 = false; //for (int j = 0; j < 100000; j++) // res2 = Regex.IsMatch(s, regexMin, regex.Options); //t2 = System.Environment.TickCount - t2; //code from minimized regex t3 = System.Environment.TickCount; bool res3 = false; for (int j = 0; j < 100000; j++) { res3 = cs.IsMatch(s); } t3 = System.Environment.TickCount - t3; Console.WriteLine(String.Format("{0}ms({1}), {2}ms({3})", t1, res1, t3, res3)); s = sOut; } Console.WriteLine("done...(press any key)"); Console.ReadKey(); }
public void TestGeneratedCssEncode() { CharSetSolver css = new CharSetSolver(BitWidth.BV16); var A = css.Convert(".{50,}"); //at least 100 characters var utf16 = css.Convert(@"^([\0-\uD7FF\uE000-\uFFFD]|([\uD800-\uDBFF][\uDC00-\uDFFF]))*$"); A = A.Intersect(utf16); //css.Chooser.RandomSeed = 123; int okCnt = 0; int error1Cnt = 0; int error2Cnt = 0; int diffErrors = 0; for (int i = 0; i < 1000; i++) { string input = css.GenerateMember(A); string out_expected; string out_CssEncode; string out_CssEncode_B; string out_CssEncode_F; int stat_expected = TryActualCssEncode(input, out out_expected); int stat_CssEncode = TryGeneratedCssEncode(input, out out_CssEncode); int stat_CssEncode_B = TryGeneratedCssEncode_B(input, out out_CssEncode_B); int stat_CssEncode_F = TryGeneratedCssEncode_F(input, out out_CssEncode_F); Assert.AreEqual<string>(out_expected, out_CssEncode); Assert.AreEqual<string>(out_expected, out_CssEncode_B); Assert.AreEqual<string>(out_expected, out_CssEncode_F); Assert.AreEqual<int>(stat_CssEncode, stat_CssEncode_B); Assert.AreEqual<int>(stat_CssEncode, stat_CssEncode_F); if (stat_expected != stat_CssEncode) diffErrors += 1; if (stat_expected == 0) okCnt += 1; else if (stat_expected == 1) error1Cnt += 1; else error2Cnt += 1; } Console.WriteLine("okCnt={0}, error1Cnt={1}, error2Cnt={2}, diffErrors={3}", okCnt, error1Cnt, error2Cnt, diffErrors); }
static void TestRegex(Regex regex) { var solver = new CharSetSolver(); string myregex = regex.ToString(); //Regex.CompileToAssembly(new RegexCompilationInfo[] { new RegexCompilationInfo(myregex, RegexOptions.None, "EvilRegex", "RegexTransfomer", true) }, // new System.Reflection.AssemblyName("EvilRegex")); var sfa = solver.Convert(myregex, regex.Options).RemoveEpsilons(); var sfaDet = sfa.Determinize(); var sfaMin = sfaDet.Minimize(); //solver.ShowGraph(sfa, "sfa"); //solver.ShowGraph(sfaDet, "sfaDet"); //solver.ShowGraph(sfaMin, "sfaMin"); var cs = solver.ToCS(sfaMin, true, "MyRegex", "RegexTransfomer"); var regexMin = solver.ConvertToRegex(sfaMin); Console.WriteLine("------- given regex --------"); Console.WriteLine(myregex); Console.WriteLine("----------------------------"); Console.WriteLine("-------- regexMin ----------"); Console.WriteLine(regexMin); Console.WriteLine("----------------------------"); Console.WriteLine("-------- cs ----------------"); Console.WriteLine(cs.SourceCode); Console.WriteLine("----------------------------"); string sIn = solver.GenerateMember(sfaMin); string sOut = solver.GenerateMember(sfaMin.Complement()); string s = sIn; int t1; int t2; int t3; for (int i = 0; i < 2; i++) { //original regex t1 = System.Environment.TickCount; bool res1 = false; for (int j = 0; j < 100000; j++) res1 = Regex.IsMatch(s, regex.ToString(), regex.Options); //res1 = evilregex.IsMatch(s); t1 = System.Environment.TickCount - t1; ////minimized regex //t2 = System.Environment.TickCount; //bool res2 = false; //for (int j = 0; j < 100000; j++) // res2 = Regex.IsMatch(s, regexMin, regex.Options); //t2 = System.Environment.TickCount - t2; //code from minimized regex t3 = System.Environment.TickCount; bool res3 = false; for (int j = 0; j < 100000; j++) res3 = cs.IsMatch(s); t3 = System.Environment.TickCount - t3; Console.WriteLine(String.Format("{0}ms({1}), {2}ms({3})", t1, res1, t3, res3)); s = sOut; } Console.WriteLine("done...(press any key)"); Console.ReadKey(); }
public void TestGeneratedCssEncodePerformance() { CharSetSolver css = new CharSetSolver(BitWidth.BV16); var A = css.Convert("^.{100,}$"); //at least 50 chars var utf16 = css.Convert(@"^([\0-\uD7FF\uE000-\uFFFD]|([\uD800-\uDBFF][\uDC00-\uDFFF]))*$"); A = A.Intersect(utf16); //css.Chooser.RandomSeed = 123; List<string> samples = new List<string>(); //construct a sample set of 100000 strings of length >= 50 that are valid inputs while (samples.Count < 100) { string input = css.GenerateMember(A);//margus samples.Add(input); // if (TryActualCssEncode(input, out tmp) == 0) // samples.Add(input); } //now use the sample set for performace comparison var antiXssTimes = new List<int>(); var CssEncodeTimes = new List<int>(); var CssEncodeTimes_B = new List<int>(); var CssEncodeTimes_F = new List<int>(); int NrOfReps = 100; for (int j = 0; j < NrOfReps; j++) { //the AntiXss encoder int t_AntiXss = System.Environment.TickCount; for (int i = 0; i < samples.Count; i++) { string tmp = System.Web.Security.AntiXss.AntiXssEncoder.CssEncode(samples[i]); } t_AntiXss = System.Environment.TickCount - t_AntiXss; antiXssTimes.Add(t_AntiXss); //generated encoder without exploration int t_CssEncode = System.Environment.TickCount; for (int i = 0; i < samples.Count; i++) { string tmp = CssEncode.Apply(samples[i]); } t_CssEncode = System.Environment.TickCount - t_CssEncode; CssEncodeTimes.Add(t_CssEncode); //generated encoder with Boolean exploration int t_CssEncode_B = System.Environment.TickCount; for (int i = 0; i < samples.Count; i++) { string tmp = CssEncode_B.Apply(samples[i]); } t_CssEncode_B = System.Environment.TickCount - t_CssEncode_B; CssEncodeTimes_B.Add(t_CssEncode_B); //generated encoder with Full exploration int t_CssEncode_F = System.Environment.TickCount; for (int i = 0; i < samples.Count; i++) { string tmp = CssEncode_F.Apply(samples[i]); } t_CssEncode_F = System.Environment.TickCount - t_CssEncode_F; CssEncodeTimes_F.Add(t_CssEncode_F); } //compute the average times int antiXssTime = ComputeAverage(antiXssTimes); int CssEncodeTime = ComputeAverage(CssEncodeTimes); int CssEncodeTime_B = ComputeAverage(CssEncodeTimes_B); int CssEncodeTime_F = ComputeAverage(CssEncodeTimes_F); double[] stdevs = CombinedStandardDeviation(antiXssTimes, CssEncodeTimes, CssEncodeTimes_B, CssEncodeTimes_F); Console.WriteLine("antiXssTime={0}, CssEncodeTime={1}, CssEncodeTime_B={2}, CssEncodeTime_F={3}, stddvAntiXSS={4}, stddvCssEncode={5}, stddvCssEncodeB={6}, stddvCssEncodeF={7}", antiXssTime, CssEncodeTime, CssEncodeTime_B, CssEncodeTime_F, stdevs[0], stdevs[1], stdevs[2], stdevs[3]); }
public void TestGeneratedUtf8EncodeFlat() { int K = 100; //number of strings int L = 10000; //length of each string string _1; string _2; string _3; TryGeneratedUtf8EncodeFlat("\uDAE1\uDCA5", out _1); TryGeneratedUtf8Encode_F("\uDAE1\uDCA5", out _2); TryActualUtf8Encode("\uDAE1\uDCA5", out _3); Assert.AreEqual<string>(_1, _2); Assert.AreEqual<string>(_1, _3); CharSetSolver css = new CharSetSolver(BitWidth.BV16); var A = css.Convert("^.{" + L + "}$"); //var utf16 = css.Convert(@"^([\0-\uD7FF\uE000-\uFFFD]|([\uD800-\uDBFF][\uDC00-\uDFFF]))*$"); //var utf16 = css.Convert(@"^([\uD800-\uDBFF][\uDC00-\uDFFF])*$"); var utf16 = css.Convert(@"^([\0-\uD7FF\uE000-\uFFFD])*$"); A = Automaton<BDD>.MkProduct(A, utf16, css); //css.Chooser.RandomSeed = 123; string[] inputs = new string[K]; for (int i = 0; i < K; i++) { inputs[i] = css.GenerateMember(A); } for (int i = 0; i < K; i++) { string out_expected; string out_bek; string out_bek_stream; string out_bek_orig; int stat_expected = TryActualUtf8Encode(inputs[i], out out_expected); int stat_actual = TryGeneratedUtf8EncodeFlat(inputs[i], out out_bek); int stat_actual_stream = TryGeneratedUtf8EncodeStream(inputs[i], out out_bek_stream); int stat_actual_orig = TryGeneratedUtf8Encode_F(inputs[i], out out_bek_orig); Assert.AreEqual<string>(out_expected, out_bek_orig); Assert.AreEqual<string>(out_expected, out_bek); Assert.AreEqual<string>(out_expected, out_bek_stream); } int timeOur = System.Environment.TickCount; for (int i = 0; i < K; i++) { string tmp; TryGeneratedUtf8EncodeFlat(inputs[i], out tmp); } timeOur = System.Environment.TickCount - timeOur; int timeOurStream = System.Environment.TickCount; for (int i = 0; i < K; i++) { string tmp; TryGeneratedUtf8EncodeStream(inputs[i], out tmp); } timeOurStream = System.Environment.TickCount - timeOurStream; int timeOurOrig = System.Environment.TickCount; for (int i = 0; i < K; i++) { string tmp; TryGeneratedUtf8Encode(inputs[i], out tmp); } timeOurOrig = System.Environment.TickCount - timeOurOrig; int timeSys = System.Environment.TickCount; for (int i = 0; i < K; i++) { string tmp; TryActualUtf8Encode(inputs[i], out tmp); } timeSys = System.Environment.TickCount - timeSys; Console.WriteLine("timeOurStream:{3}ms, timeOur:{0}ms, timeOurOrig:{1}ms, timeSys:{2}ms", timeOur, timeOurOrig, timeSys, timeOurStream); }
public void TestGeneratedCssEncodePerformance() { CharSetSolver css = new CharSetSolver(BitWidth.BV16); var A = css.Convert("^.{100,}$"); //at least 50 chars var utf16 = css.Convert(@"^([\0-\uD7FF\uE000-\uFFFD]|([\uD800-\uDBFF][\uDC00-\uDFFF]))*$"); A = A.Intersect(utf16, css); //css.Chooser.RandomSeed = 123; List<string> samples = new List<string>(); //construct a sample set of 100000 strings of length >= 50 that are valid inputs while (samples.Count < 100) { string input = css.GenerateMember(A);//margus samples.Add(input); // if (TryActualCssEncode(input, out tmp) == 0) // samples.Add(input); } //now use the sample set for performace comparison var antiXssTimes = new List<int>(); var CssEncodeTimes = new List<int>(); var CssEncodeTimes_B = new List<int>(); var CssEncodeTimes_F = new List<int>(); int NrOfReps = 100; for (int j = 0; j < NrOfReps; j++) { //the AntiXss encoder int t_AntiXss = System.Environment.TickCount; for (int i = 0; i < samples.Count; i++) { string tmp = System.Web.Security.AntiXss.AntiXssEncoder.CssEncode(samples[i]); } t_AntiXss = System.Environment.TickCount - t_AntiXss; antiXssTimes.Add(t_AntiXss); //generated encoder without exploration int t_CssEncode = System.Environment.TickCount; for (int i = 0; i < samples.Count; i++) { string tmp = CssEncode.Apply(samples[i]); } t_CssEncode = System.Environment.TickCount - t_CssEncode; CssEncodeTimes.Add(t_CssEncode); //generated encoder with Boolean exploration int t_CssEncode_B = System.Environment.TickCount; for (int i = 0; i < samples.Count; i++) { string tmp = CssEncode_B.Apply(samples[i]); } t_CssEncode_B = System.Environment.TickCount - t_CssEncode_B; CssEncodeTimes_B.Add(t_CssEncode_B); //generated encoder with Full exploration int t_CssEncode_F = System.Environment.TickCount; for (int i = 0; i < samples.Count; i++) { string tmp = CssEncode_F.Apply(samples[i]); } t_CssEncode_F = System.Environment.TickCount - t_CssEncode_F; CssEncodeTimes_F.Add(t_CssEncode_F); } //compute the average times int antiXssTime = ComputeAverage(antiXssTimes); int CssEncodeTime = ComputeAverage(CssEncodeTimes); int CssEncodeTime_B = ComputeAverage(CssEncodeTimes_B); int CssEncodeTime_F = ComputeAverage(CssEncodeTimes_F); double[] stdevs = CombinedStandardDeviation(antiXssTimes, CssEncodeTimes, CssEncodeTimes_B, CssEncodeTimes_F); Console.WriteLine("antiXssTime={0}, CssEncodeTime={1}, CssEncodeTime_B={2}, CssEncodeTime_F={3}, stddvAntiXSS={4}, stddvCssEncode={5}, stddvCssEncodeB={6}, stddvCssEncodeF={7}", antiXssTime, CssEncodeTime, CssEncodeTime_B, CssEncodeTime_F, stdevs[0], stdevs[1], stdevs[2], stdevs[3]); }
void CheckValidity(CharSetSolver css, Automaton<BDD> aut, Regex regex) { if (!aut.IsEmpty) for (int i = 0; i < 1000; i++) { var str = css.GenerateMember(aut); if (!str.Contains("\u200C") && !str.Contains("\u200D") && !str.Contains("\n")) Assert.IsTrue(regex.IsMatch(str), str); } var aut_compl = aut.Complement().Minimize(); if (!aut_compl.IsEmpty) for (int i = 0; i < 1000; i++) { var str = css.GenerateMember(aut_compl); if (!str.Contains("\u200C") && !str.Contains("\u200D") && !str.Contains("\n")) if (regex.IsMatch(str)) Assert.IsFalse(true, regex + ":" + StringUtility.Escape(str)); } }