public Variable SqlXssTaintVariable(XSSTaintSet xsstaintSet, SQLITaintSet sqliTaintSet) { XssTaintVariable(xsstaintSet); SqliTaintVariable(sqliTaintSet); return(this); }
public TaintSets(SQLITaintSet sqliTaint, XSSTaintSet xssTaint) : this() { Preconditions.NotNull(sqliTaint, "sqliTaint"); Preconditions.NotNull(xssTaint, "xssTaint"); this.XssTaint.Add(xssTaint); this.SqliTaint.Add(sqliTaint); }
public void ExpressionInfo_Merge() { var sqliTaint = new SQLITaintSet(SQLITaint.SQL_ALL); var xsstaint = new XSSTaintSet(XSSTaint.XSS_ALL); var ts1 = new TaintSets(sqliTaint, xsstaint); var exprInfo1 = new ExpressionInfo { ExpressionTaint = ts1 }; var exprInfo2 = new ExpressionInfo(); var exprInfo = exprInfo2.Merge(exprInfo1); Assert.AreEqual(sqliTaint, exprInfo.ExpressionTaint.SqliTaint.Single(), "SQL Taint was not the expected"); Assert.AreEqual(xsstaint, exprInfo.ExpressionTaint.XssTaint.Single(), "XSS Taint was not the expected"); }
public void ExpressionInfo_Merge() { var sqliTaint = new SQLITaintSet(SQLITaint.SQL_ALL); var xsstaint = new XSSTaintSet(XSSTaint.XSS_ALL); var ts1 = new TaintSets(sqliTaint, xsstaint); var exprInfo1 = new ExpressionInfo { ExpressionTaint = ts1 }; var exprInfo2 = new ExpressionInfo(); var exprInfo = exprInfo2.Merge(exprInfo1); Assert.AreEqual(sqliTaint, exprInfo.ExpressionTaint.SqliTaint.Single(), "SQL Taint was not the expected"); Assert.AreEqual(xsstaint, exprInfo.ExpressionTaint.XssTaint.Single(), "XSS Taint was not the expected"); }
public Source(JToken JSON) { Name = (string)JSON.SelectToken(Keys.PHPDefinitionJSONKeys.GeneralKeys.Name); Type = (string)JSON.SelectToken(Keys.PHPDefinitionJSONKeys.GeneralKeys.Type); var xssTaintStr = (string)JSON.SelectToken(Keys.PHPDefinitionJSONKeys.GeneralKeys.XssTaint); var sqlTaintStr = (string)JSON.SelectToken(Keys.PHPDefinitionJSONKeys.GeneralKeys.SqlTaint); //Set up XSS taint from JSON, if it cannot be parsed, then use the default XSS_ALL tag XSSTaint tmpXss = XSSTaint.XSS_ALL; var success = Enum.TryParse(xssTaintStr, out tmpXss); if (success) { XssTaint = new XSSTaintSet(tmpXss); } else { XssTaint = new XSSTaintSet(XSSTaint.XSS_ALL); } //Set up SQL taint from JSON. If it cannot be parsed then use the default SQL_ALL tag. SQLITaint tmpSqli = SQLITaint.SQL_ALL; success = Enum.TryParse(sqlTaintStr, out tmpSqli); if (success) { SqliTaint = new SQLITaintSet(tmpSqli); } else { SqliTaint = new SQLITaintSet(SQLITaint.SQL_ALL); } Formats = new List <string>(); var formats = (JArray)JSON.SelectToken(Keys.PHPDefinitionJSONKeys.GeneralKeys.Formats); foreach (string format in formats) { Formats.Add(format); } }
public Source(JToken JSON) { Name = (string)JSON.SelectToken(Keys.PHPDefinitionJSONKeys.GeneralKeys.Name); Type = (string)JSON.SelectToken(Keys.PHPDefinitionJSONKeys.GeneralKeys.Type); var xssTaintStr = (string)JSON.SelectToken(Keys.PHPDefinitionJSONKeys.GeneralKeys.XssTaint); var sqlTaintStr = (string)JSON.SelectToken(Keys.PHPDefinitionJSONKeys.GeneralKeys.SqlTaint); //Set up XSS taint from JSON, if it cannot be parsed, then use the default XSS_ALL tag XSSTaint tmpXss = XSSTaint.XSS_ALL; var success = Enum.TryParse(xssTaintStr, out tmpXss); if (success) { XssTaint = new XSSTaintSet(tmpXss); } else { XssTaint = new XSSTaintSet(XSSTaint.XSS_ALL); } //Set up SQL taint from JSON. If it cannot be parsed then use the default SQL_ALL tag. SQLITaint tmpSqli = SQLITaint.SQL_ALL; success = Enum.TryParse(sqlTaintStr, out tmpSqli); if (success) { SqliTaint = new SQLITaintSet(tmpSqli); } else { SqliTaint = new SQLITaintSet(SQLITaint.SQL_ALL); } Formats = new List<string>(); var formats = (JArray)JSON.SelectToken(Keys.PHPDefinitionJSONKeys.GeneralKeys.Formats); foreach (string format in formats) { Formats.Add(format); } }
public TaintSets Merge(TaintSets other) { Preconditions.NotNull(other, "other"); var result = new TaintSets(); var resultSqliTaint = new SQLITaintSet(); if (this.SqliTaint.Any()) { var leftSqliTaint = this.SqliTaint.Aggregate((curr, next) => curr.Merge(next)); resultSqliTaint = resultSqliTaint.Merge(leftSqliTaint); } if (other.SqliTaint.Any()) { var rightSqliTaint = other.SqliTaint.Aggregate((curr, next) => curr.Merge(next)); resultSqliTaint = resultSqliTaint.Merge(rightSqliTaint); } XSSTaintSet resultXssTaintSet = new XSSTaintSet(); if (this.XssTaint.Any()) { resultXssTaintSet = resultXssTaintSet.Merge(this.XssTaint.Aggregate((curr, next) => curr.Merge(next))); } if (other.XssTaint.Any()) { var rightXssTaint = other.XssTaint.Aggregate((curr, next) => curr.Merge(next)); resultXssTaintSet = resultXssTaintSet.Merge(rightXssTaint); } result.SqliTaint.Add(resultSqliTaint); result.XssTaint.Add(resultXssTaintSet); return(result); }
public Variable SqliTaintVariable(SQLITaintSet taintSet) { Info.Taints.SqliTaint.Add(taintSet); return(this); }