public override UstNode Visit(PatternVarDef patternVarDef) { List <Expression> vars = patternVarDef.Values.Select(v => (Expression)Visit(v)).ToList(); vars.Sort(); return(new PatternVarDef(patternVarDef.Id, vars, patternVarDef.TextSpan)); }
public UstNode VisitLiteralOrPatternId(DslParser.LiteralOrPatternIdContext context) { Token result; if (context.Id() != null) { result = ProcessId(context.Id()); } else { if (context.patternId().Length == 1) { var firstPatternId = context.patternId().First(); result = (IdToken)VisitPatternId(firstPatternId); } else { Token[] values = context.patternId().Select(literal => { return((IdToken)VisitPatternId(literal)); }).ToArray(); result = new PatternVarDef(GetNewVarDefName(), values, context.GetTextSpan()); } } return(result); }
public UstNode VisitPatternOrExpression(DslParser.PatternOrExpressionContext context) { Expression[] values = context.expression().Select(expr => { return((Expression)VisitExpression(expr)); }).ToArray(); var result = new PatternVarDef(GetNewVarDefName(), values, context.GetTextSpan()); return(result); }
public void JsonSerialize_PatternWithVar_JsonEqualsToDsl() { var pwdVar = new PatternVarDef { Id = "pwd", Values = new List <Expression>() { new PatternIdToken("password") } }; var patternNode = new PatternNode { Vars = new List <PatternVarDef>() { pwdVar }, Node = new PatternStatements( new ExpressionStatement { Expression = new AssignmentExpression { Left = new PatternVarRef(pwdVar), Right = new PatternExpression() } }, new PatternMultipleStatements(), new ExpressionStatement { Expression = new InvocationExpression { Target = new PatternExpression(), Arguments = new PatternExpressions( new PatternMultipleExpressions(), new PatternVarRef(pwdVar), new PatternMultipleExpressions()) } } ) }; var jsonSerializer = new JsonUstNodeSerializer(typeof(UstNode), typeof(PatternVarDef)); jsonSerializer.Indented = true; jsonSerializer.IncludeTextSpans = false; string json = jsonSerializer.Serialize(patternNode); UstNode nodeFromJson = jsonSerializer.Deserialize(json, LanguageExt.AllPatternLanguages); var dslSeializer = new DslProcessor() { PatternExpressionInsideStatement = false }; var nodeFromDsl = dslSeializer.Deserialize("<[@pwd:password]> = #; ... #(#*, <[@pwd]>, #*);", LanguageExt.AllPatternLanguages); Assert.IsTrue(nodeFromJson.Equals(patternNode)); Assert.IsTrue(nodeFromJson.Equals(nodeFromDsl)); }
public UstNode VisitMemberReferenceOrLiteralExpression(DslParser.MemberReferenceOrLiteralExpressionContext context) { var textSpan = context.GetTextSpan(); var values = new Expression[] { new MemberReferenceExpression((Expression)VisitExpression(context.expression()), (Expression)VisitLiteralOrPatternId(context.literalOrPatternId()), textSpan, null), (Expression)VisitLiteralOrPatternId(context.literalOrPatternId()) }; var result = new PatternVarDef(GetNewVarDefName(), values, context.GetTextSpan()); return(result); }
public UstNode VisitDslCode(DslParser.DslCodeContext context) { UstNode result; if (context.statement().Length > 0) { Statement[] statements = context.statement().Select(statement => (Statement)VisitStatement(statement)) .Where(statement => statement.NodeType != NodeType.PatternMultipleStatements).ToArray(); var resultStatements = new List <Statement>(); foreach (var statement in statements) { resultStatements.Add(statement); resultStatements.Add(new PatternMultipleStatements()); } if (resultStatements.Count == 0) { resultStatements.Add(new PatternMultipleStatements()); } else { resultStatements.RemoveAt(resultStatements.Count - 1); } result = new PatternStatements { Statements = resultStatements, TextSpan = context.GetTextSpan() }; } else if (context.expression() != null) { result = VisitExpression(context.expression()); } else { PatternComment[] patternComments = context.PatternString().Select(literal => new PatternComment(RemoveQuotes(literal.GetText()), literal.GetTextSpan())).ToArray(); if (patternComments.Length == 1) { result = patternComments[0]; } else { result = new PatternVarDef(GetNewVarDefName(), patternComments, context.GetTextSpan()); } } return(result); }
public void Sort_PatternVars() { var unsortedExpressions = new List <Expression>() { new IntLiteral { Value = 100 }, new IntLiteral { Value = 42 }, new IntLiteral { Value = 0 }, new StringLiteral { Text = "42" }, new StringLiteral { Text = "Hello World!" }, new IdToken { Id = "testId" }, new IdToken { Id = "42" }, new PatternExpression(new StringLiteral { Text = "42" }, true), }; var expectedSortedExpressions = new List <Expression> { new StringLiteral { Text = "42" }, new PatternExpression(new StringLiteral { Text = "42" }, true), new StringLiteral { Text = "Hello World!" }, new IdToken { Id = "42" }, new IdToken { Id = "testId" }, new IntLiteral { Value = 0 }, new IntLiteral { Value = 42 }, new IntLiteral { Value = 100 }, }; var patternVarDef = new PatternVarDef { Id = "testVarDef", Values = unsortedExpressions }; var patternVars = new PatternNode { Vars = new List <PatternVarDef>() { patternVarDef }, Node = new PatternVarRef(patternVarDef) }; var logger = new LoggerMessageCounter(); var processor = new DslProcessor(); UstPreprocessor preprocessor = new UstPreprocessor() { Logger = logger }; Expression[] resultSortedExpressions = ((PatternNode)preprocessor.Preprocess(patternVars)) .Vars.First().Values.ToArray(); Assert.AreEqual(expectedSortedExpressions.Count, resultSortedExpressions.Length); for (int i = 0; i < expectedSortedExpressions.Count; i++) { Assert.IsTrue(expectedSortedExpressions[i].Equals(resultSortedExpressions[i]), $"Not equal at {i} index: expected {expectedSortedExpressions[i]} not equals to {resultSortedExpressions[i]}"); } }
public IEnumerable <Pattern> CreatePlSqlPatterns() { var patterns = new List <Pattern>(); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "Dangerous Function", Languages = LanguageFlags.PlSql, Data = new PatternNode { Node = new InvocationExpression() { Target = new MemberReferenceExpression { Target = new IdToken("DBMS_UTILITY"), Name = new IdToken("EXEC_DDL_STATEMENT") }, Arguments = new PatternExpressions(new PatternMultipleExpressions()) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "Weak Cryptographic Hash (MD2, MD4, MD5, RIPEMD-160, and SHA-1)", Languages = LanguageFlags.PlSql, Data = new PatternNode { Node = new InvocationExpression() { Target = new MemberReferenceExpression { Target = new IdToken("DBMS_OBFUSCATION_TOOLKIT"), Name = new PatternIdToken("^(md2|md4|md5)$") }, Arguments = new PatternExpressions(new PatternMultipleExpressions()) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "Weak Cryptographic Hash (MD2, MD4, MD5, RIPEMD-160, and SHA-1)", Languages = LanguageFlags.PlSql, Data = new PatternNode { Node = new MemberReferenceExpression { Target = new IdToken("dbms_crypto"), Name = new IdToken("hash_sh1") } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "Insecure Randomness", Languages = LanguageFlags.PlSql, Data = new PatternNode { Node = new InvocationExpression { Target = new MemberReferenceExpression { Target = new IdToken("DBMS_RANDOM"), Name = new PatternIdToken() }, Arguments = new PatternExpressions(new PatternMultipleExpressions()) } } }); var cursorVar = new PatternVarDef { Id = "cursor", Values = new List <Expression>() { new PatternIdToken() } }; patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "Unreleased Resource: Cursor Snarfing", Languages = LanguageFlags.PlSql, Data = new PatternNode { Vars = new List <PatternVarDef> { cursorVar }, Node = new PatternStatements { Statements = new List <Statement>() { new PatternExpressionInsideStatement { Statement = new ExpressionStatement(new AssignmentExpression { Left = new PatternVarRef(cursorVar), Right = new MemberReferenceExpression { Target = new IdToken("DBMS_SQL"), Name = new IdToken("OPEN_CURSOR") } }) }, new PatternMultipleStatements(), new PatternExpressionInsideStatement { Statement = new ExpressionStatement(new InvocationExpression { Target = new MemberReferenceExpression { Target = new IdToken("DBMS_SQL"), Name = new IdToken("CLOSE_CURSOR") }, Arguments = new ArgsNode(new PatternVarRef(cursorVar)) }), Not = true } } } } }); var fileVar = new PatternVarDef { Id = "file", Values = new List <Expression>() { new PatternIdToken() } }; patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "Unreleased Resource: File Snarfing", Languages = LanguageFlags.PlSql, Data = new PatternNode { Vars = new List <PatternVarDef> { fileVar }, Node = new PatternStatements { Statements = new List <Statement>() { new PatternExpressionInsideStatement { Statement = new ExpressionStatement(new AssignmentExpression { Left = new PatternVarRef(fileVar), Right = new InvocationExpression { Target = new MemberReferenceExpression { Target = new PatternIdToken("(?i)UTL_FILE"), Name = new PatternIdToken("(?i)FOPEN") }, Arguments = new PatternExpressions(new PatternMultipleExpressions()) } }) }, new PatternMultipleStatements(), new PatternExpressionInsideStatement { Statement = new ExpressionStatement(new InvocationExpression { Target = new MemberReferenceExpression { Target = new PatternIdToken("(?i)UTL_FILE"), Name = new PatternIdToken("(?i)FCLOSE") }, Arguments = new ArgsNode(new PatternVarRef(fileVar)) }), Not = true } } } } }); return(patterns); }
public UstNode VisitPatternLiterals([NotNull] DslParser.PatternLiteralsContext context) { Expression result; PatternVarDef patternVarDef; if (context.patternNotLiteral().Length == 1) { result = (Expression)VisitPatternNotLiteral(context.patternNotLiteral().First()); if (context.PatternVar() != null) { string id = context.PatternVar().GetText().Substring(1); if (!patternVarDefs.TryGetValue(id, out patternVarDef)) { patternVarDef = new PatternVarDef(id, new Expression[] { result }, context.GetTextSpan()); patternVarDefs[id] = patternVarDef; } else { if (context.patternNotLiteral().Length != 0) { var lcTextSpan = new LineColumnTextSpan(patternVarDef.TextSpan, Data); throw new ConversionException( $"DSL Error: PatternVar {id} with matching Id already defined earlier at {lcTextSpan}") { TextSpan = context.PatternVar().GetTextSpan() }; } } result = new PatternVarRef(patternVarDef, context.GetTextSpan()); } } else { List <Expression> values = context.patternNotLiteral() .Select(literal => (Expression)VisitPatternNotLiteral(literal)).ToList(); if (values.Count == 0) { values.Add(new PatternIdToken("", context.GetTextSpan())); } if (context.PatternVar() == null) { result = new PatternVarDef(GetNewVarDefName(), values, context.GetTextSpan()); } else { string id = context.PatternVar().GetText().Substring(1); if (!patternVarDefs.TryGetValue(id, out patternVarDef)) { patternVarDef = new PatternVarDef(id, values, context.GetTextSpan()); patternVarDefs[id] = patternVarDef; } else { if (context.patternNotLiteral().Length != 0) { var lcTextSpan = new LineColumnTextSpan(patternVarDef.TextSpan, Data); throw new ConversionException( $"DSL Error: PatternVar {id} with matching Id already defined earlier at {lcTextSpan}") { TextSpan = context.PatternVar().GetTextSpan() }; } } result = new PatternVarRef(patternVarDef, context.GetTextSpan()); } } return(result); }
public IEnumerable <Pattern> CreateJavaPatterns() { var patterns = new List <Pattern>(); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "InadequateRsaPadding. Weak Encryption: Inadequate RSA Padding. ", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new InvocationExpression { Target = new MemberReferenceExpression { Name = new IdToken("getInstance"), Target = new MemberReferenceExpression { Name = new IdToken("Cipher"), Target = new MemberReferenceExpression { Name = new IdToken("crypto"), Target = new IdToken("javax") } } }, Arguments = new ArgsNode(new List <Expression>() { new PatternStringLiteral("^RSA/NONE/NoPadding$") }) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "WeakCryptographicAlgorithm. Weak Encryption: Broken or Risky Cryptographic Algorithm" + "https://cwe.mitre.org/data/definitions/327.html", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new InvocationExpression { Target = new MemberReferenceExpression { Name = new IdToken("getInstance"), Target = new MemberReferenceExpression { Name = new IdToken("Cipher"), Target = new MemberReferenceExpression { Name = new IdToken("crypto"), Target = new IdToken("javax") } } }, Arguments = new ArgsNode(new List <Expression>() { new PatternStringLiteral(@"DES") }) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "OverlyBroadPath. Cookie Security: Overly Broad Path.", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new InvocationExpression { Target = new MemberReferenceExpression { Name = new IdToken("setPath"), Target = new PatternIdToken(@"[cC]ookie") }, Arguments = new ArgsNode(new List <Expression>() { new PatternStringLiteral { Text = "^/?$" } }) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "OverlyBroadDomain Cookie Security: Overly Broad Domain.", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new InvocationExpression { Target = new MemberReferenceExpression { Name = new IdToken("setDomain"), Target = new PatternIdToken { Id = @"[cC]ookie" } }, Arguments = new ArgsNode(new List <Expression>() { new PatternStringLiteral(@"^.?[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-]+$") }) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "PoorSeeding.", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new InvocationExpression { Target = new MemberReferenceExpression { Name = new IdToken("setSeed"), Target = new PatternExpression() }, Arguments = new ArgsNode(new List <Expression>() { new PatternIntLiteral() }) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "WeakCryptographicHash.", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new InvocationExpression { Target = new MemberReferenceExpression { Name = new IdToken("getInstance"), Target = new IdToken("MessageDigest") }, Arguments = new ArgsNode(new List <Expression>() { new PatternStringLiteral("MD5|SHA-1") }) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "AndroidPermissionCheck. Often Misused: Android Permission Check.", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new InvocationExpression { Target = new MemberReferenceExpression { Name = new PatternIdToken("^(checkCallingOrSelfPermission|checkCallingOrSelfUriPermission)$"), Target = new PatternExpression() }, Arguments = new PatternExpressions(new PatternMultipleExpressions()) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "AndroidHostnameVerificationDisabled. Insecure SSL: Android Hostname Verification Disabled.", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new PatternVarDef { Values = new List <Expression>() { new MemberReferenceExpression { Name = new IdToken("ALLOW_ALL_HOSTNAME_VERIFIER"), Target = new IdToken("SSLSocketFactory") }, new ObjectCreateExpression { Type = new TypeToken { TypeText = "AllowAllHostnameVerifier" }, Arguments = new PatternExpressions(new PatternMultipleExpressions()) } } } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "SAXReaderExternalEntity", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new InvocationExpression { Arguments = new ArgsNode { Collection = new List <Expression>() { new PatternExpression(new PatternStringLiteral(), true) } }, Target = new MemberReferenceExpression { Name = new IdToken("read"), Target = new ObjectCreateExpression { Type = new TypeToken { TypeText = "SAXReader" }, Arguments = new ArgsNode() } } } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "XmlExternalEntity", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new InvocationExpression { Arguments = new ArgsNode { Collection = new List <Expression>() { new PatternExpression(new PatternStringLiteral(), true) } }, Target = new MemberReferenceExpression { Name = new IdToken("parse"), Target = new ObjectCreateExpression { Type = new TypeToken { TypeText = "XMLUtil" }, Arguments = new ArgsNode() } } } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "StickyBroadcast. Android Bad Practices: Sticky Broadcast.", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new InvocationExpression { Arguments = new ArgsNode { Collection = new List <Expression>() { new PatternExpression() } }, Target = new MemberReferenceExpression { Name = new IdToken("sendStickyBroadcast"), Target = new PatternExpression() } } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "SendStickyBroadcastAsUser. Android Bad Practices: Sticky Broadcast.", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new InvocationExpression { Arguments = new ArgsNode { Collection = new List <Expression>() { new PatternExpression(), new PatternExpression() } }, Target = new MemberReferenceExpression { Name = new IdToken("sendStickyBroadcastAsUser"), Target = new PatternExpression() } } } }); // TODO: implement "createSocket" patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "InsecureSSL. Insecure SSL: Android Socket.", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new InvocationExpression { Arguments = new ArgsNode { Collection = new List <Expression>() { new PatternExpression(), new PatternExpression() } }, Target = new MemberReferenceExpression { Name = new IdToken { Id = "getInsecure" }, Target = new PatternExpression() } } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "HardcodedSalt. Weak Cryptographic Hash: Hardcoded Salt.", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new InvocationExpression { Arguments = new ArgsNode { Collection = new List <Expression>() { new PatternExpression(), new PatternStringLiteral() } }, Target = new MemberReferenceExpression { Name = new IdToken { Id = "hash" }, Target = new PatternExpression() } } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "MissingReceiverPermission. The program sends a broadcast without specifying the receiver permission. " + "Broadcasts sent without the receiver permission are accessible to any receiver. If these broadcasts contain sensitive data or reach a malicious receiver, the application may be compromised.", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new InvocationExpression { Arguments = new ArgsNode { Collection = new List <Expression>() { new PatternExpression() } }, Target = new MemberReferenceExpression { Name = new IdToken { Id = "sendBroadcast" }, Target = new PatternExpression() } } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "MissingBroadcasterPermission. The program registers a receiver without specifying the broadcaster permission. " + "Receiver registered without the broadcaster permission will receive messages from any broadcaster. " + "If these messages contain malicious data or come from a malicious broadcaster, the application may be compromised. " + "Use this form: public abstract Intent registerReceiver (BroadcastReceiver receiver, IntentFilter filter, String broadcastPermission, Handler scheduler)", Languages = LanguageFlags.Java, Data = new PatternNode { Node = new InvocationExpression { Arguments = new ArgsNode { Collection = new List <Expression>() { new PatternExpression(), new PatternExpression() } }, Target = new MemberReferenceExpression { Name = new IdToken { Id = "registerReceiver" }, Target = new PatternExpression() } } } }); var cookieVar = new PatternVarDef { Id = "cookie", Values = new List <Expression>() { new PatternIdToken() } }; patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "CookieNotSentOverSSL. Cookie Security: Cookie not Sent Over SSL. ", Languages = LanguageFlags.Java, Data = new PatternNode { Vars = new List <PatternVarDef> { cookieVar }, Node = new PatternStatements { Statements = new List <Statement>() { new ExpressionStatement(new VariableDeclarationExpression { Type = new TypeToken() { TypeText = "Cookie" }, Variables = new List <AssignmentExpression> { new AssignmentExpression { Left = new PatternVarRef(cookieVar), Right = new ObjectCreateExpression { Type = new TypeToken { TypeText = "Cookie" }, Arguments = new PatternExpressions(new PatternMultipleExpressions()) }, } } }), new PatternMultipleStatements(), new PatternStatement(new ExpressionStatement(new InvocationExpression { Arguments = new ArgsNode { Collection = new List <Expression>() { new BooleanLiteral { Value = true } } }, Target = new MemberReferenceExpression { Name = new IdToken { Id = "setSecure" }, Target = new PatternVarRef(cookieVar) } }), true), new PatternMultipleStatements(), new ExpressionStatement(new InvocationExpression { Arguments = new ArgsNode { Collection = new List <Expression>() { new PatternVarRef(cookieVar) } }, Target = new MemberReferenceExpression { Name = new IdToken { Id = "addCookie" }, Target = new PatternExpression() } }) } } } }); return(patterns); }
public virtual UstNode Visit(PatternVarDef patternVarDef) { return(VisitChildren(patternVarDef)); }
public IEnumerable <Pattern> CreateTSqlPatterns() { var patterns = new List <Pattern>(); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "Dangerous Function", Languages = LanguageFlags.TSql, Data = new PatternNode { Node = new InvocationExpression() { Target = new PatternIdToken("xp_cmdshell"), Arguments = new PatternExpressions(new PatternMultipleExpressions()) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "Insecure Randomness", Languages = LanguageFlags.TSql, Data = new PatternNode { Node = new InvocationExpression { Target = new PatternIdToken("(?i)^rand$"), Arguments = new PatternExpressions() } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "Weak Cryptographic Hash (MD2, MD4, MD5, RIPEMD-160, and SHA-1)", Languages = LanguageFlags.TSql, Data = new PatternNode { Node = new InvocationExpression { Target = new PatternIdToken("(?i)^HashBytes$"), Arguments = new PatternExpressions( new PatternStringLiteral("(?i)^(md2|md4|md5)$"), new PatternMultipleExpressions() ) } } }); var cursorVar = new PatternVarDef { Id = "cursor", Values = new List <Expression>() { new PatternIdToken() } }; patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "Unreleased Resource: Cursor Snarfing", Languages = LanguageFlags.TSql, Data = new PatternNode { Vars = new List <PatternVarDef> { cursorVar }, Node = new PatternStatements { Statements = new List <Statement>() { new PatternExpressionInsideStatement { Statement = new ExpressionStatement(new InvocationExpression { Target = new PatternIdToken("(?i)^declare_cursor$"), Arguments = new ArgsNode(new PatternVarRef(cursorVar), new PatternMultipleExpressions()) }) }, new PatternExpressionInsideStatement { Statement = new ExpressionStatement(new InvocationExpression { Target = new PatternIdToken("(?i)^deallocate$"), Arguments = new ArgsNode(new PatternVarRef(cursorVar)) }), Not = true } } } } }); return(patterns); }
public virtual void Exit(PatternVarDef patternVarDef) { }
public virtual void Enter(PatternVarDef patternVarDef) { }
public IEnumerable <Pattern> CreatePhpPatterns() { var patterns = new List <Pattern>(); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "HardcodedPasswordIn_mysql_connect. Hardcoded passwords could compromise system security in a way that cannot be easily remedied.", Languages = LanguageFlags.Php, Data = new PatternNode { Node = new InvocationExpression { Target = new PatternIdToken("(?i)^mysql_connect$"), Arguments = new ArgsNode { Collection = new List <Expression>() { new PatternExpression(), new PatternExpression(), new PatternStringLiteral() } } } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "InsecureRandomness. Standard pseudorandom number generators cannot withstand cryptographic attacks.", Languages = LanguageFlags.Php, Data = new PatternNode { Node = new InvocationExpression { Target = new PatternIdToken("(?i)^(mt_rand|rand|uniqid|shuffle|lcg_value)$"), Arguments = new PatternExpressions() } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "OverlyPermissiveCORSPolicyg. The program defines an overly permissive Cross-Origin Resource Sharing (CORS) policy.", Languages = LanguageFlags.Php, Data = new PatternNode { Node = new InvocationExpression { Target = new PatternIdToken("(?i)^header$"), Arguments = new ArgsNode(new[] { new PatternStringLiteral(@"Access-Control-Allow-Origin:\s*\*") }) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "InadequateRSAPadding. Public key RSA encryption is performed without using OAEP padding, thereby making the encryption weak.", Languages = LanguageFlags.Php, Data = new PatternNode { Node = new IdToken("OPENSSL_NO_PADDING") } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "BrokenRiskyCryptographicAlgorithm. Weak Encryption: Broken or Risky Cryptographic Algorithm.", Languages = LanguageFlags.Php, Data = new PatternNode { Node = new IdToken("MCRYPT_DES") } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "WeakCryptographicHash. Weak cryptographic hashes cannot guarantee data integrity and should not be used in security-critical contexts.", Languages = LanguageFlags.Php, Data = new PatternNode { Node = new InvocationExpression { Target = new PatternIdToken("(?i)^(md5|sha1)$"), Arguments = new PatternExpressions(new PatternMultipleExpressions()) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "ExcessiveSessionTimeout. An overly long session timeout gives attackers more time to potentially compromise user accounts.", Languages = LanguageFlags.Php, Data = new PatternNode { Node = new InvocationExpression { Target = new MemberReferenceExpression { Target = new IdToken("Configure"), Name = new PatternIdToken("(?i)write") }, Arguments = new ArgsNode(new[] { new StringLiteral("Security.level"), new StringLiteral("low") }) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "DebugInformation. A CakePHP debug level of 1 or greater can cause sensitive data to be logged.", Languages = LanguageFlags.Php, Data = new PatternNode { Node = new InvocationExpression { Target = new MemberReferenceExpression { Target = new PatternIdToken("(?i)^Configure$"), Name = new PatternIdToken("(?i)^write$") }, Arguments = new ArgsNode(new List <Expression>() { new StringLiteral("debug"), new PatternIntLiteral(1, 9) }) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "SystemInformationLeak. Revealing system data or debugging information helps an adversary learn about the system and form a plan of attack.", Languages = LanguageFlags.Php, Data = new PatternNode { Node = new InvocationExpression { Target = new PatternIdToken("(?i)^(debug_print_backtrace|var_dump|debug_zval_dump|print_r|var_export|phpinfo|mysql_error)$"), Arguments = new PatternExpressions() } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "WeakCryptographicHashHardcodedSalt. A hardcoded salt may compromise system security in a way that cannot be easily remedied.", Languages = LanguageFlags.Php, Data = new PatternNode { Node = new InvocationExpression { Target = new PatternIdToken("(?i)crypt"), Arguments = new ArgsNode(new List <Expression>() { new PatternExpression(), new PatternStringLiteral() }) } } }); var encryptKeyVarName = new PatternVarDef { Id = "encryption_key", Values = new List <Expression>() { new PatternIdToken() } }; var encryptKeyVarValue = new PatternVarDef { Id = "encryption_key_value", Values = new List <Expression> { new NullLiteral(), new PatternStringLiteral() } }; patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "KeyManagementNullEncryptionKey. Null encryption keys may compromise system security in a way that cannot be easily remedied.", Languages = LanguageFlags.Php, Data = new PatternNode { Vars = new List <PatternVarDef> { encryptKeyVarName, encryptKeyVarValue }, Node = new PatternStatements { Statements = new List <Statement>() { new ExpressionStatement { Expression = new AssignmentExpression { Left = new PatternVarRef(encryptKeyVarName), Right = new PatternVarRef(encryptKeyVarValue) } }, new PatternMultipleStatements(), new ExpressionStatement { Expression = new AssignmentExpression { Left = new PatternExpression(), Right = new ObjectCreateExpression { Type = new TypeToken("Zend_Filter_Encrypt"), Arguments = new ArgsNode { Collection = new List <Expression>() { new PatternVarRef(encryptKeyVarName) } } } } } } } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "KeyManagementNullEncryptionKey", Languages = LanguageFlags.Php, Data = new PatternNode { Vars = new List <PatternVarDef> { encryptKeyVarValue }, Node = new ObjectCreateExpression { Type = new TypeToken("Zend_Filter_Encrypt"), Arguments = new ArgsNode { Collection = new List <Expression>() { new PatternVarRef(encryptKeyVarValue) } } } } }); // TODO: Union this next pattern. patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "CookieSecurityOverlyBroadPath. A cookie with an overly broad path can be accessed through other applications on the same domain.", Languages = LanguageFlags.Php, Data = new PatternNode { Node = new InvocationExpression { Target = new PatternIdToken("(?i)setcookie"), Arguments = new ArgsNode(new List <Expression>() { new PatternExpression(), new PatternExpression(), new PatternExpression(), new StringLiteral("/"), new PatternExpression(), new PatternExpression(), new PatternExpression(), }) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "CookieSecurityOverlyBroadDomain. A cookie with an overly broad domain opens an application to attacks through other applications.", Languages = LanguageFlags.Php, Data = new PatternNode { Node = new InvocationExpression { Target = new PatternIdToken("(?i)setcookie"), Arguments = new ArgsNode(new List <Expression>() { new PatternExpression(), new PatternExpression(), new PatternExpression(), new PatternExpression(), new PatternStringLiteral(@"^\..*"), new PatternExpression(), new PatternExpression(), }) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "CookieSecurityHTTPOnlyNotSet. The program creates a cookie, but fails to set the HttpOnly flag to true.", Languages = LanguageFlags.Php, Data = new PatternNode { Node = new InvocationExpression { Target = new PatternIdToken("(?i)setcookie"), Arguments = new ArgsNode(new List <Expression>() { new PatternExpression(), new PatternExpression(), new PatternExpression(), new PatternExpression(), new PatternExpression(), new PatternExpression(), }) } } }); patterns.Add(new Pattern { Key = patternIdGenerator.NextId(), DebugInfo = "CookieSecurityCookieNotSentOverSSL. The program creates a cookie without setting the secure flag to true.", Languages = LanguageFlags.Php, Data = new PatternNode { Node = new InvocationExpression { Target = new PatternIdToken("(?i)setcookie"), Arguments = new ArgsNode(new List <Expression>() { new PatternExpression(), new PatternExpression(), new PatternExpression(), new PatternExpression(), new PatternExpression() }) } } }); return(patterns); }