public Configuration(ConfigData configData) : this() { if (configData.TaintTypes != null) { RegisterTaintTypes(configData.TaintTypes); } ReportAnalysisCompletion = configData.ReportAnalysisCompletion ?? false; AuditMode = configData.AuditMode ?? false; MinimumPasswordValidatorProperties = configData.MinimumPasswordValidatorProperties ?? 0; PasswordValidatorRequiredLength = configData.PasswordValidatorRequiredLength ?? 0; if (configData.PasswordValidatorRequiredProperties != null) { foreach (var data in configData.PasswordValidatorRequiredProperties) { _PasswordValidatorRequiredProperties.Add(data); } } foreach (var data in configData.Behavior) { ConfigurationBehavior[data.Key] = CreateBehavior(data.Value); } foreach (var source in configData.TaintEntryPoints) { if (source.Value?.Method?.ArgTypes != null) { throw new Exception("Taint entry point ArgTypes are not supported."); } _TaintEntryPoints.Add(MethodBehaviorHelper.GetMethodBehaviorKey(source.Value.Namespace, source.Value.ClassName, source.Value.Name, source.Value?.Method?.ArgTypes)); } foreach (var data in configData.CsrfProtection) { AddCsrfProtectionToConfiguration(data); } if (configData.PasswordFields != null) { foreach (var data in configData.PasswordFields) { _PasswordFields.Add(data.ToUpperInvariant()); } } foreach (var data in configData.ConstantFields) { _ConstantFields.Add(data); } }
private KeyValuePair <string, MethodBehavior> CreateBehavior(object behavior) { var behaviorDict = (Dictionary <object, object>)behavior; string nameSpace = null; if (behaviorDict.TryGetValue("Namespace", out object value)) { nameSpace = (string)value; } string className = null; if (behaviorDict.TryGetValue("ClassName", out value)) { className = (string)value; } string name = null; if (behaviorDict.TryGetValue("Name", out value)) { name = (string)value; } string argTypes = null; Dictionary <object, object> ifCondition = null; IReadOnlyList <object> injectableArguments = null; Dictionary <object, object> condition = null; Dictionary <object, object> method = null; if (behaviorDict.TryGetValue("Method", out value)) { method = (Dictionary <object, object>)value; if (method.TryGetValue("ArgTypes", out value)) { argTypes = (string)value; ValidateArgTypes(argTypes, nameSpace, className, name); } if (method.TryGetValue("If", out value)) { ifCondition = (Dictionary <object, object>)value; } if (method.TryGetValue("InjectableArguments", out value)) { injectableArguments = (IReadOnlyList <object>)value; } if (method.TryGetValue("Condition", out value)) { condition = (Dictionary <object, object>)value; ValidateCondition(condition); } } object injectable = null; if (behaviorDict.TryGetValue("Field", out value)) { var field = (Dictionary <object, object>)value; if (field.TryGetValue("Injectable", out value)) { injectable = value; } } var key = MethodBehaviorHelper.GetMethodBehaviorKey(nameSpace, className, name, argTypes); var mainPostConditions = GetPostConditions(method); return(new KeyValuePair <string, MethodBehavior>(key, new MethodBehavior(condition, GetPreConditions(ifCondition, mainPostConditions), mainPostConditions, GetInjectableArguments(injectableArguments), GetField(injectable)))); }
public void MergeWith(ConfigData config) { if (config.TaintTypes != null) { RegisterTaintTypes(config.TaintTypes); } if (config.ReportAnalysisCompletion.HasValue) { ReportAnalysisCompletion = config.ReportAnalysisCompletion.Value; } if (config.AuditMode.HasValue) { AuditMode = config.AuditMode.Value; } if (config.MinimumPasswordValidatorProperties.HasValue) { MinimumPasswordValidatorProperties = config.MinimumPasswordValidatorProperties.Value; } if (config.PasswordValidatorRequiredLength.HasValue) { PasswordValidatorRequiredLength = config.PasswordValidatorRequiredLength.Value; } if (config.PasswordValidatorRequiredProperties != null) { foreach (var property in config.PasswordValidatorRequiredProperties) { _PasswordValidatorRequiredProperties.Add(property); } } if (config.Behavior != null) { foreach (var behavior in config.Behavior) { if (behavior.Value == default(MethodBehaviorData)) { ConfigurationBehavior.Remove(behavior.Key); } else { ConfigurationBehavior[behavior.Key] = CreateBehavior(behavior.Value); } } } if (config.TaintEntryPoints != null) { foreach (var source in config.TaintEntryPoints) { if (source.Value == default(TaintEntryPointData)) { _TaintEntryPoints.Remove(source.Key); } else { if (source.Value?.Method?.ArgTypes != null) { throw new Exception("Taint entry point ArgTypes are not supported."); } _TaintEntryPoints.Add(MethodBehaviorHelper.GetMethodBehaviorKey(source.Value.Namespace, source.Value.ClassName, source.Value.Name, source.Value?.Method?.ArgTypes)); } } } if (config.CsrfProtection != null) { foreach (var data in config.CsrfProtection) { if (data.Class == null && data.AntiCsrfAttributes == null && data.Method == null && data.Parameter == null) { if (_CsrfGroups.TryGetValue(data.Name, out var node)) { _CsrfGroupsList.Remove(node); _CsrfGroups.Remove(data.Name); } } else { AddCsrfProtectionToConfiguration(data); } } } if (config.PasswordFields != null) { foreach (var field in config.PasswordFields) { _PasswordFields.Add(field.ToUpperInvariant()); } } if (config.WebConfigFiles != null) { WebConfigFilesRegex = new Regex(config.WebConfigFiles, RegexOptions.IgnoreCase | RegexOptions.Compiled); } if (config.ConstantFields != null) { foreach (var field in config.ConstantFields) { _ConstantFields.Add(field); } } }
public void MergeWith(ConfigData config) { if (config.TaintTypes != null) { RegisterTaintTypes(config.TaintTypes); } if (config.AuditMode.HasValue) { AuditMode = config.AuditMode.Value; } if (config.MinimumPasswordValidatorProperties.HasValue) { MinimumPasswordValidatorProperties = config.MinimumPasswordValidatorProperties.Value; } if (config.PasswordValidatorRequiredLength.HasValue) { PasswordValidatorRequiredLength = config.PasswordValidatorRequiredLength.Value; } if (config.PasswordValidatorRequiredProperties != null) { foreach (var property in config.PasswordValidatorRequiredProperties) { _PasswordValidatorRequiredProperties.Add(property); } } if (config.Behavior != null) { foreach (var behavior in config.Behavior) { if (behavior.Value == default(MethodBehaviorData)) { ConfigurationBehavior.Remove(behavior.Key); } else { ConfigurationBehavior[behavior.Key] = CreateBehavior(behavior.Value); } } } if (config.TaintEntryPoints != null) { foreach (var source in config.TaintEntryPoints) { if (source.Value == default(TaintEntryPointData)) { _TaintEntryPoints.Remove(source.Key); } else { if (source.Value?.Method?.ArgTypes != null) { throw new Exception("Taint entry point ArgTypes are not supported."); } _TaintEntryPoints.Add(MethodBehaviorHelper.GetMethodBehaviorKey(source.Value.Namespace, source.Value.ClassName, source.Value.Name, source.Value?.Method?.ArgTypes)); } } } if (config.CsrfProtectionAttributes != null) { foreach (var data in config.CsrfProtectionAttributes) { AddAntiCsrfTAttributeToConfiguration(data); } } if (config.PasswordFields != null) { foreach (var field in config.PasswordFields) { _PasswordFields.Add(field.ToUpperInvariant()); } } if (config.ConstantFields != null) { foreach (var field in config.ConstantFields) { _ConstantFields.Add(field); } } }