Esempi di codice in C# (CSharp) per Analysis.FlagType

Esempio n. 1

0

Mostra file

        /// <summary>
        /// Gets a list of all taint flows determined by a flag
        /// </summary>
        /// <param name="script">last script</param>
        /// <param name="flag">flag determining the taint</param>
        /// <returnslist of taint flows></returns>
        public List <String> toString(ref String script, Analysis.FlagType flag)
        {
            List <string> result = new List <string>();

            if (!flow.taint.get(flag))
            {
                return(result);
            }
            String thisScript = script;

            foreach (TaintFlow childFlow in flow.possibleTaintFlows)
            {
                String        refscript = thisScript;
                List <String> flows     = childFlow.toString(ref refscript, flag);
                String        thisPoint = getThisPoint(ref refscript);
                foreach (String flowString in flows)
                {
                    result.Add(flowString + thisPoint);
                }
            }

            if (result.Count == 0)
            {
                String refscript = thisScript;
                String thisPoint = getThisPoint(ref refscript);
                result.Add(thisPoint);
            }

            script = "";
            if (flow.point != null && flow.point.OwningScript != null)
            {
                script = flow.point.OwningScriptFullName;
            }
            return(result);
        }

Esempio n. 2

0

Mostra file

        public TaintStatus(TaintInfo taintInfo, Analysis.FlagType flag)
        {
            this.tainted  = taintInfo.taint;
            this.priority = taintInfo.priority;

            lines = getLines(taintInfo, flag);
        }

Esempio n. 3

0

Mostra file

 internal TestCase HasTaintStatus(TaintStatus taintStatus, Analysis.FlagType flag)
 {
     _asserts.Add((ppg) =>
     {
         var output = GetEndOutput(ppg);
         AnalysisTestUtils.AssertHasTaintStatus(output, VariableName, AssertMessage, taintStatus, flag);
     });
     return(this);
 }

Esempio n. 4

0

Mostra file

 /// <summary>
 /// Gets the corresponding value to a flag type
 /// </summary>
 /// <param name="flag"></param>
 /// <returns>true if flag type value is true, false otherwise</returns>
 public bool get(Analysis.FlagType flag)
 {
     if (flag == Analysis.FlagType.HTMLDirty)
     {
         return(HTML);
     }
     if (flag == Analysis.FlagType.SQLDirty)
     {
         return(SQL);
     }
     return(FilePath);
 }

Esempio n. 5

0

Mostra file

        public bool EqualTo(TaintStatus other, Analysis.FlagType flag)
        {
            if (this.tainted.get(flag) != other.tainted.get(flag))
            {
                return(false);
            }
            if (this.priority.get(flag) != other.priority.get(flag))
            {
                return(false);
            }
            if (!checkFlowEquality(other.lines))
            {
                return(false);
            }

            return(true);
        }

Esempio n. 6

0

Mostra file

        public string ToString(Analysis.FlagType flag)
        {
            var result = new StringBuilder();

            result.AppendLine("Tainted: " + this.tainted.get(flag));
            result.AppendLine("Priority: " + this.priority.get(flag));
            foreach (List <int> flow in lines)
            {
                var flowString = new StringBuilder();
                flowString.Append("Flow: ");
                foreach (int i in flow)
                {
                    flowString.Append(i + " ");
                }
                result.AppendLine(flowString.ToString());
            }

            return(result.ToString());
        }

Esempio n. 7

0

Mostra file

        private List <List <int> > getLines(TaintInfo info, Analysis.FlagType flag)
        {
            List <List <int> > result = new List <List <int> >();

            if ((!info.taint.get(flag) && !info.nullValue) || info.point == null || info.point.Partial == null)
            {
                return(result);
            }
            int firstLine = info.point.Partial.Position.FirstLine;

            if (info.possibleTaintFlows.Count == 0)
            {
                result.Add(new List <int>()
                {
                    firstLine
                });
            }
            foreach (TaintFlow flowPair in info.possibleTaintFlows)
            {
                var flow = flowPair.flow;
                if (!flow.taint.get(flag))
                {
                    continue;
                }
                List <List <int> > flows = getLines(flow);
                foreach (List <int> oneFlow in flows)
                {
                    oneFlow.Add(firstLine);
                }
                result.AddRange(flows);
            }
            if (result.Count == 0)
            {
                result.Add(new List <int>()
                {
                    firstLine
                });
            }
            return(result);
        }

Esempio n. 8

0

Mostra file

        /// <summary>
        /// Returns a string containing taint flows of the taint specified by a flag
        /// </summary>
        /// <param name="flag">flag specifying the taint</param>
        /// <returns>string containing the taint flows</returns>
        public String print(Analysis.FlagType flag)
        {
            String        currentScript = "";
            List <String> resultFlows   = new List <String>();

            if (!taint.get(flag))
            {
                return(print(resultFlows));
            }

            foreach (TaintFlow flow in possibleTaintFlows)
            {
                String        refScript     = currentScript;
                List <String> flowAsStrings = flow.toString(ref refScript, flag);
                foreach (String flowAsString in flowAsStrings)
                {
                    String script = refScript;
                    resultFlows.Add(flowAsString + currentPointString(ref script));
                }
            }
            return(print(resultFlows));
        }

Esempio n. 9

0

Mostra file

        internal static void AssertHasTaintStatus(FlowOutputSet outSet, string variableName, string assertMessage, TaintStatus taintStatus, Analysis.FlagType flag)
        {
            var varID               = new VariableIdentifier(variableName);
            var variable            = outSet.GetVariable(varID);
            var values              = variable.ReadMemory(outSet.Snapshot).PossibleValues.ToArray();
            var computedTaintStatus = new TaintStatus(false, true);

            if (values.Count() == 0)
            {
                computedTaintStatus.priority.setAll(false);
            }
            foreach (var value in values)
            {
                if (!(value is InfoValue <TaintInfo>))
                {
                    continue;
                }
                TaintInfo   valueTaintInfo   = (value as InfoValue <TaintInfo>).Data;
                TaintStatus valueTaintStatus = new TaintStatus(valueTaintInfo, flag);
                computedTaintStatus.tainted.copyTaint(true, valueTaintStatus.tainted);
                computedTaintStatus.priority.copyTaint(false, valueTaintStatus.priority);
                computedTaintStatus.lines.AddRange(valueTaintStatus.lines);
            }
            String taintStatusString         = taintStatus.ToString(flag);
            String computedTaintStatusString = computedTaintStatus.ToString(flag);

            Assert.IsTrue(taintStatus.EqualTo(computedTaintStatus, flag), "Taint status of the taint type {0} of variable ${1} should be {2}, taint analysis computed {3}", flag, variableName, taintStatusString, computedTaintStatusString);
        }

Esempi in C# (CSharp) per Analysis.FlagType