internal void StoreStringObject(List<JintItem> Object, string Value)
{
if (Value.Length == 0) return;
string ExistingValue = GetStringObject(Object);
if (ExistingValue.Equals(Value)) return;
if (ExistingValue.Length > 0)
{
int RemovalIndex = -1;
for (int i = 0; i < InterestingStringHolders[ExistingValue].Count; i++)
{
ItemChecker IC = new ItemChecker(this);
if (IC.DoItemsMatch(InterestingStringHolders[ExistingValue][i], Object).NeutralReasons.Count > 0) RemovalIndex = i;
}
if (RemovalIndex >= 0) InterestingStringHolders[ExistingValue].RemoveAt(RemovalIndex);
}
if (InterestingStringHolders.ContainsKey(Value))
InterestingStringHolders[Value].Add(Object);
else
InterestingStringHolders.Add(Value, new List<List<JintItem>>() { Object });
}
internal string GetStringObject(List<JintItem> Object)
{
bool FirstCheck = true;
ItemChecker IC = new ItemChecker(this);
int AddedAt = 0;
foreach (List<JintItem> StrItem in SentForStringConversion)
{
if (ItemChecker.IsSimilar(Object, StrItem))
{
FirstCheck = false;
break;
}
}
if (FirstCheck)
{
SentForStringConversion.Add(Object);
AddedAt = SentForStringConversion.Count - 1;
}
foreach (string Key in InterestingStringHolders.Keys)
{
foreach (List<JintItem> Item in InterestingStringHolders[Key])
{
if (FirstCheck)
{
if (IC.DoItemsMatch(Item, Object).NeutralReasons.Count > 0)
{
SentForStringConversion.RemoveAt(AddedAt);
return Key;
}
}
else
{
if (ItemChecker.IsSimilar(Item, Object)) return Key;
}
}
}
if (FirstCheck) SentForStringConversion.RemoveAt(AddedAt);
return "";
}
internal void RemoveStringObject(List<JintItem> Object)
{
foreach (string Key in InterestingStringHolders.Keys)
{
List<int> RemoveIndexes = new List<int>();
int Index = -1;
foreach (List<JintItem> Item in InterestingStringHolders[Key])
{
Index++;
ItemChecker IC = new ItemChecker(this);
if (IC.DoItemsMatch(Item, Object).NeutralReasons.Count > 0) RemoveIndexes.Add(Index);
}
for (int i = 0; i < RemoveIndexes.Count; i++ )
{
InterestingStringHolders[Key].RemoveAt(RemoveIndexes[i] - i);
}
}
}
List<JintItem> GetMappedItem(List<JintItem> LeftItem, List<JintItem> RightItem, List<JintItem> List)
{
List<JintItem> EmptyResult = new List<JintItem>();
if (RightItem.Count == 0 || LeftItem.Count == 0 || List.Count == 0) return EmptyResult;
ItemChecker IC = new ItemChecker(this);
if (IC.DoItemsMatch(List, RightItem, false).NeutralReasons.Count == 0) return EmptyResult;
int RightMatchStopIndex = -1;
if (RightItem[0].State == JintState.Identifier && LeftItem[0].State == JintState.Identifier && (List[0].State == JintState.Identifier || List[0].State == JintState.MethodCallName))
{
if (RightItem[0].Value.Equals(List[0].Value))
RightMatchStopIndex++;
else
return EmptyResult;
for (int i = 1; i < RightItem.Count; i++)
{
if ((RightItem[i].State == JintState.Property || RightItem[i].State == JintState.StringIndex) && (List.Count > i) &&
(List[i].State == JintState.Property || List[i].State == JintState.StringIndex || List[i].State == JintState.MethodCallName))
{
if (RightItem[i].Value.Equals(List[i].Value))
RightMatchStopIndex++;
else
break;
}
else
break;
}
}
else
{
return EmptyResult;
}
if (RightMatchStopIndex < RightItem.Count -1) return EmptyResult;
List<JintItem> ResultItem = new List<JintItem>(LeftItem);
for (int i = RightMatchStopIndex + 1; i < List.Count; i++)
{
if (List[i].State == JintState.MethodCallArgument)
{
if (i > 0 && ResultItem.Count > 0)
{
if (ResultItem[ResultItem.Count - 1].State == JintState.Identifier || ResultItem[ResultItem.Count - 1].State == JintState.Property)
ResultItem[ResultItem.Count - 1].State = JintState.MethodCallName;
}
}
ResultItem.Add(List[i]);
}
return ResultItem;
}
void Analyze(VariableDeclarationStatement Stmt)
{
SetCurrentLineAndCharNos(Stmt);
ItemChecker TC = new ItemChecker(this);
if (Stmt.Identifier != null)
{
List<JintItem> LeftItems = new List<JintItem>() { new JintItem(Stmt.Source, JintState.Identifier, Stmt.Identifier, this)};
int StatusIndex = AddToJintStack(Stmt.Source, JintState.Identifier, Stmt.Identifier);
if (Stmt.Expression != null)
{
int RightExpIndex = AddToJintStack(Stmt.Source, JintState.AssignmentExpressionRight);
Analyze(Stmt.Expression);
List<JintItem> RightItems = RemoveJintStackFrom(RightExpIndex + 1);
if (Stmt.Expression.GetType().Name.Equals("AssignmentExpression"))
{
Analyze(((AssignmentExpression)Stmt.Expression).Left);
RightItems = RemoveJintStackFrom(RightExpIndex + 1);
}
List<List<JintItem>> RightItemParts = ItemChecker.GetItemParts(RightItems);
UpdateMappings(LeftItems, RightItemParts);
foreach (List<JintItem> RightItemPart in RightItemParts)
{
TaintResult RightResult = TC.Check(RightItemPart);
if (RightResult.SourceTaint)
{
foreach (JintItem Item in LeftItems)
{
Item.SourceReasons.AddRange(RightResult.SourceReasons);
}
AddToSourceObjects(LeftItems);
if (RightItems.Count > 0)
AddSourceLine(RightItemPart[0].LineNo, RightResult.SourceReasons);
else
AddSourceLine(CurrentLineNo, RightResult.SourceReasons);
}
if (RightResult.SinkTaint)
{
foreach (JintItem Item in LeftItems)
{
Item.SinkReasons.AddRange(RightResult.SinkReasons);
}
AddToSinkObjects(LeftItems);
if (RightItems.Count > 0)
AddSinkLine(RightItemPart[0].LineNo, RightResult.SinkReasons);
else
AddSinkLine(CurrentLineNo, RightResult.SinkReasons);
}
}
RemoveJintStackFrom(StatusIndex);
}
}
}
void Analyze(ReturnStatement Stmt)
{
SetCurrentLineAndCharNos(Stmt);
if (Stmt.Expression != null)
{
int StatusIndex = JintStack.Count;
Analyze(Stmt.Expression);
if (JintStack.Count > StatusIndex)
{
List<JintItem> ReturnItems = RemoveJintStackFrom(StatusIndex);
if (ReturnItems.Count > 0)
{
ItemChecker IC = new ItemChecker(this);
TaintResult ReturnResult = IC.Check(ReturnItems);
if (ReturnResult.SourceTaint)
AddSourceLine(ReturnItems[0].LineNo, ReturnResult.SourceReasons);
if (ReturnResult.SinkTaint)
AddSinkLine(ReturnItems[0].LineNo, ReturnResult.SinkReasons);
}
}
}
}
void Analyze(MethodCall Stmt)
{
SetCurrentLineAndCharNos(Stmt);
int LineNo = CurrentLineNo;
JintItem LastItem;
if (JintStack.Count > 0)
{
LastItem = JintStack[JintStack.Count - 1];
if (LastItem.State == JintState.MethodCallArgument || LastItem.State == JintState.MethodName)
{
LastItem = new JintItem(CurrentLineNo, 0, JintState.AnonymousMethod);
JintStack.Add(LastItem);
}
}
else
{
LastItem = new JintItem(CurrentLineNo, 0, JintState.AnonymousMethod);
JintStack.Add(LastItem);
}
int MethodCallIndex = 0;
if (LastItem.State == JintState.Identifier || LastItem.State == JintState.Property || LastItem.State == JintState.Indexer || LastItem.State == JintState.StringIndex || LastItem.State == JintState.IdentifierIndex || LastItem.State == JintState.IntIndex || LastItem.State == JintState.AnonymousMethod || LastItem.LineNo != LineNo)
{
RemoveJintStackFrom(JintStack.Count - 1);
if (LastItem.State == JintState.Identifier || LastItem.State == JintState.Property)
JintStack.Add(new JintItem(LastItem.LineNo, LastItem.CharNo, JintState.MethodCallName, LastItem.Value));
else
JintStack.Add(new JintItem(LastItem.LineNo, LastItem.CharNo, JintState.MethodCallName, ""));
LineNo = LastItem.LineNo;
MethodCallIndex = JintStack.Count - 1;
if (Stmt.Arguments != null)
{
if (Stmt.Arguments.Count > 0)
Analyze(Stmt.Arguments);
else
AddToJintStack(Stmt.Source, JintState.MethodCallArgument);
}
List<JintItem> MethodRelatedItems = GetMethodItems(MethodCallIndex);
ItemChecker IC = new ItemChecker(this);
List<JintItem> MethodArguments = IC.GetLastMethodArguments(MethodRelatedItems);
List<int> SourcePositions = new List<int>();
List<int> SinkPositions = new List<int>();
for (int i = 0; i < MethodArguments.Count; i++)
{
TaintResult Result = IC.Check(MethodArguments[i].SubItems);
if (Result.SourceTaint)
{
SourcePositions.Add(i);
Result.SourceReasons.Add("Method Argument is a Source");
AddSourceLine(CurrentLineNo, Result.SourceReasons);
}
if (Result.SinkTaint)
{
SinkPositions.Add(i);
Result.SinkReasons.Add("Method Argument is a Sink");
AddSinkLine(CurrentLineNo, Result.SinkReasons);
}
}
foreach (List<JintItem> Template in ArgumentAssignedASourceMethods)
{
if(Template.Count == 0) continue;
TaintResult MethodResult = IC.IsMatch(MethodRelatedItems, Template);
if (MethodResult.NeutralReasons.Count > 0)
{
List<JintItem> TemplateArguments = IC.GetLastMethodArguments(Template);
if(TemplateArguments.Count == 0) continue;
AddSourceLine(LineNo, Template[0].SourceReasons);
if (TemplateArguments.Count == 1 && TemplateArguments[0].SubItems.Count == 0 && SinkPositions.Count > 0)
AddSourceToSinkLine(LineNo);
else if (MethodArguments.Count == TemplateArguments.Count)
{
foreach (int i in SinkPositions)
{
if(TemplateArguments.Count > i)
if(TemplateArguments[i].SubItems.Count > 0)
if(TemplateArguments[i].SubItems[0].State == JintState.MethodCallArgumentTaintPointer)
AddSourceToSinkLine(LineNo);
}
}
}
}
foreach (List<JintItem> Template in ArgumentAssignedToSinkMethods)
{
if (Template.Count == 0) continue;
TaintResult MethodResult = IC.IsMatch(MethodRelatedItems, Template);
if (MethodResult.NeutralReasons.Count > 0)
{
List<JintItem> TemplateArguments = IC.GetLastMethodArguments(Template);
if (TemplateArguments.Count == 0) continue;
AddSinkLine(LineNo, Template[0].SinkReasons);
if (TemplateArguments.Count == 1 && TemplateArguments[0].SubItems.Count == 0 && SourcePositions.Count > 0)
AddSourceToSinkLine(LineNo);
else if (MethodArguments.Count == TemplateArguments.Count)
{
foreach (int i in SourcePositions)
{
if (TemplateArguments.Count > i)
if (TemplateArguments[i].SubItems.Count > 0)
if (TemplateArguments[i].SubItems[0].State == JintState.MethodCallArgumentTaintPointer)
AddSourceToSinkLine(LineNo);
}
}
}
}
}
else
{
IronException.Report("MethodName missing in IronJint", "LastItem State -" + LastItem.State.ToString());
}
if (Stmt.Generics != null) Analyze(Stmt.Generics);
}
void Analyze(AssignmentExpression Stmt)
{
SetCurrentLineAndCharNos(Stmt);
List<JintItem> LeftItems = new List<JintItem>();
List<List<JintItem>> LeftItemParts = new List<List<JintItem>>();
List<List<JintItem>> SinkTaintedLeftItems = new List<List<JintItem>>();
ItemChecker TC = new ItemChecker(this);
if (Stmt.Left != null)
{
int StatusIndex = AddToJintStack(Stmt.Left.Source, JintState.AssignmentExpressionLeft);
Analyze(Stmt.Left);
LeftItems = RemoveJintStackFrom(StatusIndex + 1);
LeftItemParts = ItemChecker.GetItemParts(LeftItems);
foreach (List<JintItem> LeftItemPart in LeftItemParts)
{
TaintResult LeftResult = TC.Check(LeftItemPart);
if (LeftResult.SinkTaint)
{
SinkTaintedLeftItems.Add(LeftItemPart);
if (LeftItemPart.Count > 0)
AddSinkLine(LeftItemPart[0].LineNo, LeftResult.SinkReasons);
else
AddSinkLine(CurrentLineNo, LeftResult.SinkReasons);
}
}
RemoveJintStackFrom(StatusIndex);
}
List<JintItem> RightItems = new List<JintItem>();
if (Stmt.Right != null)
{
int StatusIndex = AddToJintStack(Stmt.Left.Source, JintState.AssignmentExpressionRight);
Analyze(Stmt.Right);
RightItems = RemoveJintStackFrom(StatusIndex + 1);
if (Stmt.Right.GetType().Name.Equals("AssignmentExpression"))
{
Analyze(((AssignmentExpression)Stmt.Right).Left);
RightItems = RemoveJintStackFrom(StatusIndex + 1);
}
List<List<JintItem>> RightItemParts = ItemChecker.GetItemParts(RightItems);
UpdateMappings(LeftItems, RightItemParts);
foreach (List<JintItem> RightItemPart in RightItemParts)
{
TaintResult RightResult = TC.Check(RightItemPart);
if (RightResult.SourceTaint)
{
foreach (JintItem Item in LeftItems)
{
Item.SourceReasons.AddRange(RightResult.SourceReasons);
}
AddToSourceObjects(LeftItems);
if (RightItems.Count > 0)
AddSourceLine(RightItemPart[0].LineNo, RightResult.SourceReasons);
else
AddSourceLine(CurrentLineNo, RightResult.SourceReasons);
if (SinkTaintedLeftItems.Count > 0)
if (LeftItems.Count > 0)
AddSourceToSinkLine(LeftItems[0].LineNo);
else
AddSourceToSinkLine(CurrentLineNo);
}
else
{
foreach (List<JintItem> LeftItemPart in LeftItemParts)
{
RemoveFromSourceTaintedItems(LeftItemPart);
}
}
if (RightResult.SinkTaint)
{
foreach (JintItem Item in LeftItems)
{
Item.SinkReasons.AddRange(RightResult.SinkReasons);
}
foreach (List<JintItem> LeftItemPart in LeftItemParts)
{
AddToSinkObjects(LeftItemPart);
}
if (RightItems.Count > 0)
AddSinkLine(RightItemPart[0].LineNo, RightResult.SinkReasons);
else
AddSinkLine(CurrentLineNo, RightResult.SinkReasons);
}
else
{
foreach (List<JintItem> LeftItemPart in LeftItemParts)
{
RemoveFromSinkTaintedItems(LeftItemPart);
}
}
}
RemoveJintStackFrom(StatusIndex);
}
}
