private static ImmutableHashSet <SourceInfo> GetSourceInfos(SinkKind sinkKind) { switch (sinkKind) { case SinkKind.Sql: case SinkKind.Dll: case SinkKind.FilePathInjection: case SinkKind.ProcessCommand: case SinkKind.Xss: case SinkKind.Regex: case SinkKind.Ldap: case SinkKind.Redirect: case SinkKind.XPath: case SinkKind.Xml: case SinkKind.Xaml: return(WebInputSources.SourceInfos); case SinkKind.InformationDisclosure: return(InformationDisclosureSources.SourceInfos); case SinkKind.ZipSlip: return(ZipSlipSources.SourceInfos); case SinkKind.HardcodedEncryptionKey: return(HardcodedBytesSources.SourceInfos); case SinkKind.HardcodedCertificate: return(HardcodedCertificateSources.SourceInfos.AddRange(HardcodedBytesSources.SourceInfos)); default: Debug.Fail($"Unhandled SinkKind {sinkKind}"); return(ImmutableHashSet <SourceInfo> .Empty); } }
/// <summary> /// Get OpenCV access to the specified camera. /// </summary> /// <remarks> /// This allows you to get images from the camera for image processing on the roboRIO. /// </remarks> /// <param name="camera">The camera to get OpenCV access from /// (e.g. as returned by <see cref="StartAutomaticCapture()"/>.</param> /// <returns>The <see cref="CvSink"/> to get frames from.</returns> public CvSink GetVideo(VideoSource camera) { string name = $"opencv_{camera.Name}"; lock (m_lockObject) { VideoSink sink; m_sinks.TryGetValue(name, out sink); if (sink != null) { SinkKind kind = sink.Kind; if (kind != SinkKind.CV) { throw new VideoException($"expected OpenCV sink, but got {kind}"); } return((CvSink)sink); } } CvSink newSink = new CvSink(name); newSink.Source = camera; AddServer(newSink); return(newSink); }
private static ImmutableHashSet <SanitizerInfo> GetSanitizerInfos(SinkKind sinkKind) { switch (sinkKind) { case SinkKind.Sql: case SinkKind.XPath: return(PrimitiveTypeConverterSanitizers.SanitizerInfos); case SinkKind.Xss: return(XssSanitizers.SanitizerInfos); case SinkKind.Ldap: return(LdapSanitizers.SanitizerInfos); case SinkKind.Xml: return(PrimitiveTypeConverterSanitizers.SanitizerInfos.Union(XmlSanitizers.SanitizerInfos)); case SinkKind.Dll: case SinkKind.InformationDisclosure: case SinkKind.FilePathInjection: case SinkKind.ProcessCommand: case SinkKind.Regex: case SinkKind.Redirect: case SinkKind.Xaml: case SinkKind.HardcodedEncryptionKey: return(ImmutableHashSet <SanitizerInfo> .Empty); case SinkKind.ZipSlip: return(ZipSlipSanitizers.SanitizerInfos); default: Debug.Fail($"Unhandled SinkKind {sinkKind}"); return(ImmutableHashSet <SanitizerInfo> .Empty); } }
private static ImmutableHashSet <SourceInfo> GetSourceInfos(SinkKind sinkKind) { switch (sinkKind) { case SinkKind.Sql: case SinkKind.Dll: case SinkKind.FilePathInjection: case SinkKind.ProcessCommand: case SinkKind.Xss: case SinkKind.Regex: case SinkKind.Ldap: case SinkKind.Redirect: case SinkKind.XPath: case SinkKind.Xml: case SinkKind.Xaml: return(WebInputSources.SourceInfos); case SinkKind.InformationDisclosure: return(InformationDisclosureSources.SourceInfos); default: Debug.Fail($"Unhandled SinkKind {sinkKind}"); return(ImmutableHashSet <SourceInfo> .Empty); } }
// Just to make hardcoding SinkInfos more convenient. public static void AddSinkInfo( this PooledHashSet <SinkInfo> builder, string fullTypeName, SinkKind sinkKind, bool isInterface, bool isAnyStringParameterInConstructorASink, IEnumerable <string>?sinkProperties, IEnumerable <(string Method, string[] Parameters)>?sinkMethodParameters)
private static ImmutableHashSet <SinkInfo> GetSinkInfos(SinkKind sinkKind) { switch (sinkKind) { case SinkKind.Sql: return(SqlSinks.SinkInfos); case SinkKind.Dll: return(DllSinks.SinkInfos); case SinkKind.InformationDisclosure: case SinkKind.Xss: return(WebOutputSinks.SinkInfos); case SinkKind.FilePathInjection: return(FilePathInjectionSinks.SinkInfos); case SinkKind.ProcessCommand: return(ProcessCommandSinks.SinkInfos); case SinkKind.Regex: return(RegexSinks.SinkInfos); case SinkKind.Ldap: return(LdapSinks.SinkInfos); case SinkKind.Redirect: return(RedirectSinks.SinkInfos); case SinkKind.XPath: return(XPathSinks.SinkInfos); case SinkKind.Xml: return(XmlSinks.SinkInfos); case SinkKind.Xaml: return(XamlSinks.SinkInfos); case SinkKind.ZipSlip: return(ZipSlipSinks.SinkInfos); case SinkKind.HardcodedEncryptionKey: return(HardcodedEncryptionKeySinks.SinkInfos); case SinkKind.HardcodedCertificate: return(HardcodedCertificateSinks.SinkInfos); default: Debug.Fail($"Unhandled SinkKind {sinkKind}"); return(ImmutableHashSet <SinkInfo> .Empty); } }
private TaintedDataSymbolMap <T> GetFromMap <T>(SinkKind sinkKind, ImmutableDictionary <SinkKind, Lazy <TaintedDataSymbolMap <T> > > map) where T : ITaintedDataInfo { if (map.TryGetValue(sinkKind, out Lazy <TaintedDataSymbolMap <T> > lazySourceSymbolMap)) { return(lazySourceSymbolMap.Value); } else { Debug.Fail($"SinkKind {sinkKind} entry missing from {typeof(T).Name} map"); return(new TaintedDataSymbolMap <T>(this.WellKnownTypeProvider, Enumerable.Empty <T>())); } }
static WebOutputSinks() { // TODO paulming: Review why InformationDisclosure and XSS sinks are different. var builder = PooledHashSet <SinkInfo> .GetInstance(); SinkKind[] sinkKinds = new SinkKind[] { SinkKind.InformationDisclosure, SinkKind.Xss }; builder.AddSinkInfo( WellKnownTypeNames.SystemWebUIITextControl, sinkKinds, isInterface: true, isAnyStringParameterInConstructorASink: false, sinkProperties: new[] { "Text" }, sinkMethodParameters: null); builder.AddSinkInfo( WellKnownTypeNames.SystemWebHttpResponseBase, sinkKinds, isInterface: false, isAnyStringParameterInConstructorASink: false, sinkProperties: null, sinkMethodParameters: new[] {
public bool HasTaintArraySource(SinkKind sinkKind) { return(GetSourceInfos(sinkKind).Any(o => o.TaintConstantArray)); }
public TaintedDataSymbolMap <SinkInfo> GetSinkSymbolMap(SinkKind sinkKind) { return(this.GetFromMap <SinkInfo>(sinkKind, this.SinkSymbolMap)); }
public TaintedDataSymbolMap <SanitizerInfo> GetSanitizerSymbolMap(SinkKind sinkKind) { return(this.GetFromMap <SanitizerInfo>(sinkKind, this.SanitizerSymbolMap)); }
public bool HasTaintArraySource(SinkKind sinkKind, Configuration config) { return(GetSourceInfos(sinkKind, config).Any(o => o.TaintConstantArray)); }
private ImmutableHashSet <SourceInfo> GetSourceInfos(SinkKind sinkKind, Configuration config) { var typeToInfos = new Dictionary <string, AggregatedSource>(); foreach (var entryPoint in config.TaintEntryPoints) { if (!typeToInfos.TryGetValue(entryPoint.Key, out var value)) { value = new AggregatedSource(); typeToInfos.Add(entryPoint.Key, value); } if (value.entryPoint != null) { throw new ArgumentException($"Duplicate entrypoint for type '{entryPoint.Key}'"); } value.entryPoint = entryPoint.Value; } foreach (var source in config.TaintSources) { if (source.TaintTypes != null && !source.TaintTypes.Contains((TaintType)sinkKind)) { continue; } if (!typeToInfos.TryGetValue(source.Type, out var value)) { value = new AggregatedSource(); typeToInfos.Add(source.Type, value); } if (value.source != null) { throw new ArgumentException($"Duplicate taint source for type '{source.Type}'"); } value.source = source; } foreach (var sanitizer in config.Sanitizers) { var methods = sanitizer.Methods.Where(x => x.InOut != null && x.InOut.Any(io => io.outArgumentName != TaintedTargetValue.Return)); if (!methods.Any()) { continue; } if (!typeToInfos.TryGetValue(sanitizer.Type, out var value)) { value = new AggregatedSource(); typeToInfos.Add(sanitizer.Type, value); } if (value.sanitizer != null) { throw new ArgumentException($"Duplicate sanitizer for type '{sanitizer.Type}'"); } value.sanitizer = sanitizer; } foreach (var transfer in config.Transfers) { if (!typeToInfos.TryGetValue(transfer.Type, out var value)) { value = new AggregatedSource(); typeToInfos.Add(transfer.Type, value); } if (value.transfer != null) { throw new ArgumentException($"Duplicate taint source for type '{transfer.Type}'"); } value.transfer = transfer; } var sourceInfosBuilder = PooledHashSet <SourceInfo> .GetInstance(); foreach (var type in typeToInfos) { bool?isIterface = null; if (type.Value.sanitizer?.IsInterface != null) { if (isIterface.HasValue && isIterface != type.Value.sanitizer.IsInterface) { throw new ArgumentException($"Inconsistent 'IsInterface' for type '{type.Key}'"); } else { isIterface = type.Value.sanitizer.IsInterface; } } if (type.Value.source?.IsInterface != null) { if (isIterface.HasValue && isIterface != type.Value.sanitizer.IsInterface) { throw new ArgumentException($"Inconsistent 'IsInterface' for type '{type.Key}'"); } else { isIterface = type.Value.source.IsInterface; } } if (type.Value.transfer?.IsInterface != null) { if (isIterface.HasValue && isIterface != type.Value.transfer.IsInterface) { throw new ArgumentException($"Inconsistent 'IsInterface' for type '{type.Key}'"); } else { isIterface = type.Value.sanitizer.IsInterface; } } SourceInfo metadata; if (type.Value.source != null && type.Value.source.Methods == null && type.Value.source.Properties == null) { metadata = new SourceInfo( type.Key, isInterface: isIterface ?? false, taintedMethods: ImmutableHashSet <(MethodMatcher, ImmutableHashSet <string>)> .Empty, taintedMethodsNeedsPointsToAnalysis: ImmutableHashSet <(MethodMatcher, ImmutableHashSet <(PointsToCheck, string)>)> .Empty, taintedMethodsNeedsValueContentAnalysis: ImmutableHashSet <(MethodMatcher, ImmutableHashSet <(ValueContentCheck, string)>)> .Empty, transferMethods: ImmutableHashSet <(MethodMatcher, ImmutableHashSet <(string, string)>)> .Empty, allProperitesAreTainted: true, allFieldsAreTainted: true ); } else { metadata = new SourceInfo( type.Key, isInterface: isIterface ?? false, taintedProperties: type.Value.source?.Properties?.ToImmutableHashSet(StringComparer.Ordinal) ?? ImmutableHashSet <string> .Empty, taintedFields: ImmutableHashSet <string> .Empty, dependencyFullTypeNames: type.Value.entryPoint?.Dependency?.ToImmutableArray(), taintedArguments: type.Value.entryPoint != null ? new ParameterMatcher[] { (parameter, wellKnownTypeProvider) => { if (!(parameter.ContainingSymbol is IMethodSymbol methodSymbol) || methodSymbol.IsPropertyAccessor()) { return(false); } if (type.Value.entryPoint.Class != null) { if (!(methodSymbol.ContainingSymbol is INamedTypeSymbol typeSymbol)) { return(false); } var classCache = s_classIsControllerByCompilation.GetOrCreateValue(wellKnownTypeProvider.Compilation, (compilation) => new ConcurrentDictionary <INamedTypeSymbol, bool>()); if (!classCache.TryGetValue(typeSymbol, out bool isTaintEntryClass)) { isTaintEntryClass = false; bool IsTaintEntryClassBySuffix() { if (typeSymbol.Name.EndsWith(type.Value.entryPoint.Class.Suffix.Text, StringComparison.Ordinal)) { return(true); } else if (type.Value.entryPoint.Class.Suffix.IncludeParent && typeSymbol.GetBaseTypes().Any(x => x.Name.EndsWith(type.Value.entryPoint.Class.Suffix.Text, StringComparison.Ordinal))) { return(true); } else { return(false); } } if (type.Value.entryPoint.Class.Accessibility != null && type.Value.entryPoint.Class.Accessibility.All(a => a != typeSymbol.DeclaredAccessibility)) { isTaintEntryClass = false; } else { if (type.Value.entryPoint.Class.Suffix != null && type.Value.entryPoint.Class.Parent == null) { isTaintEntryClass = IsTaintEntryClassBySuffix(); } else if (type.Value.entryPoint.Class.Parent != null) { var parentType = wellKnownTypeProvider.GetOrCreateTypeByMetadataName(type.Value.entryPoint.Class.Parent); if ((parentType.TypeKind == TypeKind.Interface && typeSymbol.AllInterfaces.Any(x => x == parentType)) || typeSymbol.GetBaseTypesAndThis().Any(x => x == parentType)) { isTaintEntryClass = type.Value.entryPoint.Class.Suffix != null ? IsTaintEntryClassBySuffix() : true; } } if (type.Value.entryPoint.Class.Attributes?.Exclude != null && type.Value.entryPoint.Class.Attributes.Exclude.Any(x => typeSymbol.HasDerivedTypeAttribute(wellKnownTypeProvider.GetOrCreateTypeByMetadataName(x.Type)))) { isTaintEntryClass = false; } else if (type.Value.entryPoint.Class.Attributes?.Include != null && type.Value.entryPoint.Class.Attributes.Include.Any(x => typeSymbol.HasDerivedTypeAttribute(wellKnownTypeProvider.GetOrCreateTypeByMetadataName(x.Type)))) { isTaintEntryClass = true; } } classCache.TryAdd(typeSymbol, isTaintEntryClass); } if (!isTaintEntryClass) { return(false); } } if (type.Value.entryPoint.Method != null) { if (type.Value.entryPoint.Method.Static.HasValue && type.Value.entryPoint.Method.Static != methodSymbol.IsStatic) { return(false); } if (type.Value.entryPoint.Method.Name != null) { if (type.Value.entryPoint.Method.NameRegex == null) { return(type.Value.entryPoint.Method.Name == methodSymbol.Name); } if (!type.Value.entryPoint.Method.NameRegex.IsMatch(methodSymbol.Name)) { return(false); } } if (type.Value.entryPoint.Method.IncludeConstructor.HasValue && type.Value.entryPoint.Method.IncludeConstructor != methodSymbol.IsConstructor()) { return(false); } if (type.Value.entryPoint.Method.Accessibility.All(a => a != methodSymbol.DeclaredAccessibility)) { return(false); } if (type.Value.entryPoint.Method.Attributes?.Exclude != null && type.Value.entryPoint.Method.Attributes.Exclude.Any(x => methodSymbol.HasDerivedMethodAttribute(wellKnownTypeProvider.GetOrCreateTypeByMetadataName(x.Type)))) { return(false); } } if (type.Value.entryPoint.Parameter?.Attributes?.Exclude != null && type.Value.entryPoint.Parameter.Attributes.Exclude.Any(x => parameter.HasAttribute(wellKnownTypeProvider.GetOrCreateTypeByMetadataName(x.Type)))) { return(false); } return(true); } }.ToImmutableHashSet() : ImmutableHashSet <ParameterMatcher> .Empty,