Skip to content

Add Complex Functions heuristic #1212

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
kunalsz wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add Complex Functions heuristic #1212

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
30a2a1e
Add Complex Functions heuristic
kunalsz Feb 7, 2026
9fdc7b6
Fix ComplexFunctions class
kunalsz Feb 7, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 32 additions & 0 deletions floss/features/extract.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@
TightFunction,
KindaTightLoop,
NzxorTightLoop,
ComplexFunctions,
)

# security cookie checks may perform non-zeroing XORs, these are expected within a certain
Expand Down Expand Up @@ -317,10 +318,41 @@ def extract_function_loop(f):
yield Loop(comp)


def extract_function_complex_functions(f):
"""
Cyclomatic complexity
M = E - N + 2P
where:
E = edges
N = nodes (basic blocks)
P = number of connected components (usually 1)
"""
try:
cfg = viv_utils.CFG(f)
blocks = list(cfg.basic_blocks)

num_nodes = len(blocks)

num_edges = 0
for bb in blocks:
succs = cfg.get_successor_basic_blocks(bb)
num_edges += len(list(succs))

complexity = num_edges - num_nodes + 2

complexity = max(1, complexity)

yield ComplexFunctions(complexity)

except Exception:
yield ComplexFunctions(1)
Comment thread
kunalsz marked this conversation as resolved.
Outdated


FUNCTION_HANDLERS = (
extract_function_calls_to,
extract_function_loop,
extract_function_kinda_tight_loop,
extract_function_complex_functions,
# extract_function_order, # TODO decoding functions are often one of the first in a program
# extract_num_api_calls, # TODO decoding functions don't normally contain many (API) calls
)
Expand Down
27 changes: 27 additions & 0 deletions floss/features/features.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -199,3 +199,30 @@ def __init__(self):

def score(self):
return 1.0


class ComplexFunctions(Feature):
weight = MEDIUM

def __init__(self,comp):
super(ComplexFunctions, self).__init__(True)
self.comp = comp

def score(self):
complexity = self.comp
Comment thread
kunalsz marked this conversation as resolved.
Outdated

if complexity <= 1:
return 0.0
elif complexity <= 10:
# Simple functions
return 0.2
elif complexity <= 20:
return 0.4
elif complexity <= 30:
return 0.6
elif complexity <= 50:
# Very complex
return 0.8
else:
# Extremely complex
return 1.0