public override void EnterExpression([NotNull] CSharpParser.ExpressionContext context)
{
if (context.Start.Line >= listExpress[0].line)
{
return;
}
foreach (var item in listExpress)
{
if (isDefine(context.GetText(), context.Start.Line, item.value) && isStatic(context.GetText()))
{
item.isVuln = false;
}
else if (isDefine(context.GetText(), context.Start.Line, item.value) && !isStatic(context.GetText()))
{
item.isVuln = true;
}
}
//if (isDefine(context.GetText(), context.Start.Line))
//{
// isContain = true;
//}
//else
//{
// isContain = false;
//}
}
private (int ChildNodeIndex, Type tipo) treatExpression(CSharpParser.ExpressionContext context)
{
Console.WriteLine("Entering expression context.");
Node.Kind expressionKind = Node.Kind.Expression;
IToken token = null;
Type expressionType = null;
(int ChildNodeIndex, Type tipo)childTreat; //tipo e index de child node
if (context.assignment() != null)
{
childTreat = treatExpressionAssignment(context.assignment());
expressionType = childTreat.tipo;
}
else //non_assignment_expression | REF non_assignment_expression;
{
childTreat = treatExpressionNonAssignment(context.non_assignment_expression());
//tipo em non_assignment_expression
expressionType = childTreat.tipo;
if (context.REF() != null)
{
token = context.REF().Symbol;
}
}
// Creating the expression node and adding it to the AST:
Node expressionNode = new Node(token, expressionKind, expressionType);
ast.AddNode(expressionNode);
//add child
expressionNode.AddChildIndex(childTreat.ChildNodeIndex);
return(ast.NodeIndex(expressionNode), expressionType);
}
//Precedencia de tipos:
/* Primary > Unary > Range > switch > with > Multiplicative > Additive
* > Shift > Relational and type-testing > Equality > Boolean logical AND or bitwise logical AND
* > Boolean logical XOR or bitwise logical XOR > Boolean logical OR or bitwise logical OR
* > Conditional AND > Conditional OR > Null-coalescing operator > Conditional operator > Assignment and lambda declaration
* > query
* */
private void beginTreatExpression(CSharpParser.ExpressionContext context, Node parentNode)
{
//comeca aqui
// Getting the Parent Node:
Node ParentNode = parentNode;
(int ChildNodeIndex, Type tipo)childTreat; //tipo e index de child node
if (!context.IsEmpty)
{
childTreat = treatExpression(context);
ParentNode.AddChildIndex(childTreat.ChildNodeIndex);
}
}
public override void EnterExpression([NotNull] CSharpParser.ExpressionContext context)
{
string pattern = @"log.*Pass";
Regex regex = new Regex(pattern);
//MatchCollection logList = regex.Matches(context.GetText());
if (regex.IsMatch(context.GetText()))
//if (context.GetText().Contains("log.Info"))
{
//Console.WriteLine(context.GetText());
MethodInfor tmpMethod = new MethodInfor();
tmpMethod.BaselineItem = 700;
ParserRuleContext parrentOfTree = (ParserRuleContext)context.Parent;
while (!(parrentOfTree is CSharpParser.Method_declarationContext))
{
try
{
parrentOfTree = (ParserRuleContext)parrentOfTree.Parent;
if (parrentOfTree == null)
{
return;
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
if (parrentOfTree is CSharpParser.Method_declarationContext)
{
tmpMethod.methodName = parrentOfTree.GetChild(0).GetText();
tmpMethod.startLine = parrentOfTree.Start.Line;
}
if (listMethod != null)
{
if (!listMethod.Any(x => x.startLine == tmpMethod.startLine))
{
listMethod.Add(tmpMethod);
}
}
else
{
listMethod.Add(tmpMethod);
}
}
}
public override void EnterExpression([NotNull] CSharpParser.ExpressionContext context)
{
if (context.GetText().Contains(".SaveAs("))
{
MethodInfor tmpMethod = new MethodInfor();
tmpMethod.BaselineItem = 412;
ParserRuleContext parrentOfTree = (ParserRuleContext)context.Parent;
while (!(parrentOfTree is CSharpParser.Method_declarationContext))
{
try
{
parrentOfTree = (ParserRuleContext)parrentOfTree.Parent;
if (parrentOfTree == null)
{
return;
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
if (parrentOfTree is CSharpParser.Method_declarationContext)
{
tmpMethod.methodName = parrentOfTree.GetChild(0).GetText();
tmpMethod.startLine = parrentOfTree.Start.Line;
}
if (listMethod != null)
{
if (!listMethod.Any(x => x.startLine == tmpMethod.startLine))
{
listMethod.Add(tmpMethod);
}
}
else
{
listMethod.Add(tmpMethod);
}
}
}
public override void EnterExpression([NotNull] CSharpParser.ExpressionContext context)
{
foreach (var item in vulnContext)
{
if (context.GetText().Contains(item))
{
isVuln = false;
//tmpMethod.
}
}
if (tmpMethod == null)
{
tmpMethod = new MethodInfor();
tmpMethod.BaselineItem = 418;
ParserRuleContext parrentOfTree = (ParserRuleContext)context.Parent;
while (!(parrentOfTree is CSharpParser.Method_declarationContext))
{
try
{
parrentOfTree = (ParserRuleContext)parrentOfTree.Parent;
if (parrentOfTree == null)
{
return;
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
if (parrentOfTree is CSharpParser.Method_declarationContext)
{
tmpMethod.methodName = parrentOfTree.GetChild(0).GetText();
tmpMethod.startLine = parrentOfTree.Start.Line;
}
}
//Console.WriteLine(context.GetText());
}
private void TreatVariableInitializer(CSharpParser.Local_variable_initializerContext initializer, Node parentNode)
{
Action <CSharpParser.Array_initializerContext, Node> TreatArrayInit = null;
TreatArrayInit = (arrayInit, parent) =>
{
CSharpParser.Variable_initializerContext[] varInit = arrayInit.variable_initializer();
foreach (CSharpParser.Variable_initializerContext varInitializer in varInit)
{
CSharpParser.ExpressionContext expression = varInitializer.expression();
if (expression != null)
{
beginTreatExpression(expression, parentNode);
}
else
{
CSharpParser.Array_initializerContext a = varInitializer.array_initializer();
if (a != null)
{
TreatArrayInit(a, parent);
}
}
}
};
CSharpParser.ExpressionContext expression = initializer.expression();
if (expression != null)
{
beginTreatExpression(expression, parentNode);
}
else
{
CSharpParser.Array_initializerContext array = initializer.array_initializer();
if (array != null)
{
TreatArrayInit(array, parentNode);
}
}
}
public override void EnterExpression([NotNull] CSharpParser.ExpressionContext context)
{
foreach (var item in signList)
{
if (context.GetText().Contains(item))
{
//Console.WriteLine(context.GetText());
ParserRuleContext parentOfTree = (ParserRuleContext)context.Parent;
while (!(parentOfTree is CSharpParser.Method_declarationContext))
{
try
{
parentOfTree = (ParserRuleContext)parentOfTree.Parent;
if (parentOfTree == null)
{
return;
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
if (parentOfTree is CSharpParser.Method_declarationContext)
{
if (listMethodContext != null)
{
if (!listMethodContext.Any(x => x.startLine == parentOfTree.Start.Line))
{
List <int> tmpLine = new List <int>();
tmpLine.Add(context.Start.Line);
MethodContext tmpMethod = new MethodContext(parentOfTree, tmpLine, parentOfTree.Start.Line);
listMethodContext.Add(tmpMethod);
}
else
{
//update them vi tri
//listMethodContext.Where(x =>x.startLine == parentOfTree.Start.Line)
}
}
else
{
this.listMethodContext = new List <MethodContext>();
List <int> tmpLine = new List <int>();
tmpLine.Add(context.Start.Line);
MethodContext tmpMethod = new MethodContext(parentOfTree, tmpLine, parentOfTree.Start.Line);
this.listMethodContext.Add(tmpMethod);
}
}
}
}
foreach (var item in xmlList)
{
if (context.GetText().Contains(item))
{
//Console.WriteLine(context.GetText());
ParserRuleContext parentOfTree = (ParserRuleContext)context.Parent;
while (!(parentOfTree is CSharpParser.Method_declarationContext))
{
try
{
parentOfTree = (ParserRuleContext)parentOfTree.Parent;
if (parentOfTree == null)
{
return;
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
if (parentOfTree is CSharpParser.Method_declarationContext)
{
if (listXMLContext != null)
{
if (!listXMLContext.Any(x => x.Start.Line == parentOfTree.Start.Line))
{
this.listXMLContext.Add(parentOfTree);
}
}
else
{
this.listXMLContext = new List <ParserRuleContext>();
this.listXMLContext.Add(parentOfTree);
}
}
}
}
foreach (var item in badcryptList)
{
if (context.GetText().Contains(item))
{
//Console.WriteLine(context.GetText());
ParserRuleContext parentOfTree = (ParserRuleContext)context.Parent;
while (!(parentOfTree is CSharpParser.Method_declarationContext))
{
try
{
parentOfTree = (ParserRuleContext)parentOfTree.Parent;
if (parentOfTree == null)
{
return;
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
if (parentOfTree is CSharpParser.Method_declarationContext)
{
if (listBadCryptContext != null)
{
if (!listBadCryptContext.Any(x => x.Start.Line == parentOfTree.Start.Line))
{
this.listBadCryptContext.Add(parentOfTree);
}
}
else
{
this.listBadCryptContext = new List <ParserRuleContext>();
this.listBadCryptContext.Add(parentOfTree);
}
}
}
}
}
public override void EnterExpression([NotNull] CSharpParser.ExpressionContext context)
{
//foreach(var item in method.lineList)
//{
// if (context.Start.Line != item)
// {
// return;
// }
//}
if (!method.lineList.Contains(context.Start.Line))
{
return;
}
foreach (var item in listCase)
{
tmpExpression = new List <TempExpression>();
if (context.GetText().Contains(item.signal))
{
string[] part = context.GetText().Split(char.Parse(item.partition));
for (int i = 0; i < part.Length; i++)
{
//Console.WriteLine(part[i].Replace(")", ""));
tmpExpression.Add(new TempExpression(part[i].Replace(")", ""), context.Start.Line));
}
if (tmpExpression.Count == 0)
{
continue;
}
ParserRuleContext parentOfTree = (ParserRuleContext)context.Parent;
while (!(parentOfTree is CSharpParser.Method_declarationContext))
{
try
{
parentOfTree = (ParserRuleContext)parentOfTree.Parent;
if (parentOfTree == null)
{
return;
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
}
if (parentOfTree is CSharpParser.Method_declarationContext)
{
TraceForCase102 tracer = new TraceForCase102(parser, parentOfTree, tmpExpression);
if (!tracer.isVulnMethod)
{
continue;
}
if (listResult != null)
{
if (!(listResult.Any(x => x.methodName == tracer.methodInfor.methodName)))
{
listResult.Add(tracer.methodInfor);
}
else
{
if (!(listResult.SingleOrDefault(x => x.methodName == tracer.methodInfor.methodName).listExp.Any(x => x.line == tracer.methodInfor.listExp[0].line)))
{
MethodInfor tmpMethod = listResult.SingleOrDefault(x => x.methodName == tracer.methodInfor.methodName);
foreach (var tmpItem in tracer.methodInfor.listExp)
{
tmpMethod.listExp.Add(tmpItem);
}
listResult.RemoveAll(x => x.methodName == tracer.methodInfor.methodName);
listResult.Add(tmpMethod);
}
}
}
else
{
listResult = new List <MethodInfor>();
listResult.Add(tracer.methodInfor);
}
}
//printResult(tracer.methodInfor);
}
}
}