public void FixtureSetUp() { Config = Config.ReadConfiguration(TestSettings.ConfigFile); // ARGH!!!! FunctionsHandler.Instance.FunctionSpecification = Config.FuncSpecSettings; FunctionsHandler.Instance.LoadJsonSpecifications(); }
public static void CTLLTLMain(Arguments args, Config conf) { Arguments arguments = args; if (arguments.Result == null || arguments.Main == null) { Console.WriteLine("Result dir and Main file must be specified"); Environment.Exit(1); } Configuration = conf; Config configuration = Configuration; Analyze (arguments, configuration); }
private static void Analyze(Arguments arguments, Config configuration) { Console.WriteLine ("Parsing project at: " + arguments.Target); Console.WriteLine (); var stopwatch = Stopwatch.StartNew (); Console.WriteLine ("Building ASTs.."); ParseResult parseResult = ParseTarget (arguments, configuration); Console.WriteLine (" - AST build for " + parseResult.ParsedFiles.Count + " files (" + parseResult.FilesThatFailedToParse.Count + " failed).."); Console.WriteLine ("Traversing ASTs.."); var filesCollection = new List<File> (); foreach (var parsedFile in parseResult.ParsedFiles) { ExtractFunctions (parsedFile); } /*Parallel.ForEach(parseResult.ParsedFiles,parsedFile => { ExtractFunctions(parsedFile); });*/ var bag = new ConcurrentBag<File> (); Parallel.ForEach (parseResult.ParsedFiles, parsedFile => { Console.WriteLine ("File: " + parsedFile.Key); var file = BuildFileCFGAndExtractFileInformation (parsedFile); bag.Add (file); }); filesCollection.AddRange (bag); Console.WriteLine ("Creating CTLLTL Model..."); File mainfile = filesCollection.Find (x => x.Name == arguments.Main); IncludeResolver ir = new IncludeResolver (filesCollection); var c = new CTLLTL (); string p = Path.Combine (arguments.Result, "graph-ctl"); mainfile.CFG.VisualizeGraph (p, Configuration.GraphSettings); c.makeModel ((QuickGraph.BidirectionalGraph<CFGBlock, QuickGraph.TaggedEdge<CFGBlock, EdgeTag>>)mainfile.CFG, ir, Path.Combine (arguments.Result, "model.smv")); stopwatch.Stop (); Console.WriteLine ("Time spent: " + stopwatch.Elapsed); }
public void FixtureTearDown() { Config = null; }
private static ParseResult ParseFile(Config configuration, Arguments arguments) { var fileParser = new FileParser (configuration.PHPSettings.PHPParserPath); var result = fileParser.ParsePHPFile (arguments.Target); var parseResult = new ParseResult (); parseResult.ParsedFiles.Add (arguments.Target, result); return parseResult; }
private static ParseResult ParseTarget(Arguments arguments, Config configuration) { if (Directory.Exists (arguments.Target)) { return ParseDirectoryFiles (configuration, arguments); } if (System.IO.File.Exists (arguments.Target)) { return ParseFile (configuration, arguments); } Console.WriteLine ("Target does not seem to be a valid directory or file."); Environment.Exit (1); return null; }
private static ParseResult ParseDirectoryFiles(Config configuration, Arguments arguments) { var projectParser = new ProjectParser (arguments.Target, configuration.PHPSettings); ParseResult parseResult = projectParser.ParseProjectFiles (); return parseResult; }
public AnalysisStartingEventArgs(Config config, Arguments arguments) { this.Configuration = config; this.Arguments = arguments; }
private static void Analyze(Arguments arguments, Config configuration) { Console.WriteLine("Parsing project at: " + arguments.Target); Console.WriteLine(); foreach (var analysisStartingListener in _components.AnalysisStartingListeners) { // TODO - This should probably be a proper event - same goes for EndingEvent (this will also remove the loop(s)). analysisStartingListener.AnalysisStarting(null, new AnalysisStartingEventArgs(configuration, arguments)); } var stopwatch = Stopwatch.StartNew(); Console.WriteLine("Building ASTs.."); ParseResult parseResult = ParseTarget(arguments, configuration); Console.WriteLine(" - AST build for {0} files ({1} failed)..", parseResult.ParsedFiles.Count, parseResult.FilesThatFailedToParse.Count); Console.WriteLine("Traversing ASTs.."); var filesCollection = new List<File>(); var runningVulnReporter = new CompositeVulneribilityReporter(_components.VulnerabilityReporters); var vulnerabilityStorage = new ReportingVulnerabilityStorage(runningVulnReporter); var progrssIndicator = ProgressIndicatorFactory.CreateProgressIndicator(parseResult.ParsedFiles.Count()); foreach (var parsedFile in parseResult.ParsedFiles) { progrssIndicator.Step(); var file = BuildFileCFGAndExtractFileInformation(parsedFile); filesCollection.Add(file); } var subroutineAnalyzerFactory = new FunctionAndMethodAnalyzerFactory { UseSummaries = arguments.UseFunctionSummaries }; Func<ImmutableVariableStorage, IIncludeResolver, AnalysisScope, AnalysisStacks, ImmutableVariableStorage> fileTaintAnalyzer = null; fileTaintAnalyzer = (varStorage, inclResolver, scope, stacks) => { Preconditions.NotNull(varStorage, "varStorage"); Preconditions.NotNull(inclResolver, "inclResolver"); var blockAnalyzer = new TaintBlockAnalyzer(vulnerabilityStorage, inclResolver, scope, fileTaintAnalyzer, stacks, subroutineAnalyzerFactory); blockAnalyzer.AnalysisExtensions.AddRange(_components.BlockAnalyzers); var condAnalyser = new ConditionTaintAnalyser(scope, inclResolver, stacks.IncludeStack); var cfgTaintAnalysis = new TaintAnalysis(blockAnalyzer, condAnalyser, varStorage); var fileToAnalyze = stacks.IncludeStack.Peek(); var analyzer = new CFGTraverser(new ForwardTraversal(), cfgTaintAnalysis, new ReversePostOrderWorkList(fileToAnalyze.CFG)); //var analyzer = new CFGTraverser(new ForwardTraversal(), cfgTaintAnalysis, new QueueWorklist()); analyzer.Analyze(fileToAnalyze.CFG); return cfgTaintAnalysis.Taints[fileToAnalyze.CFG.Vertices.Single(block => block.IsLeaf)].Out[EdgeType.Normal]; }; foreach (var file in filesCollection) { Console.WriteLine(Environment.NewLine + "============================="); Console.WriteLine("Analyzing {0}..", file.FullPath); var initialTaint = GetDefaultTaint(); var inclusionResolver = new IncludeResolver(filesCollection); var stacks = new AnalysisStacks(file); fileTaintAnalyzer(initialTaint, inclusionResolver, AnalysisScope.File, stacks); } Console.WriteLine("Scanned {0}/{1} subroutines. ", FunctionsHandler.Instance.ScannedFunctions.Count, FunctionsHandler.Instance.CustomFunctions.Count); if (arguments.ScanAllSubroutines) { Console.WriteLine("Scanning remaining subroutines.."); ScanUnscannedSubroutines(filesCollection, fileTaintAnalyzer, subroutineAnalyzerFactory, vulnerabilityStorage); } vulnerabilityStorage.CheckForStoredVulnerabilities(); //parseResult.ParsedFiles.Values.First().Save(@"C:\Users\Kenneth\Documents\Uni\TestScript\current\parsedFile"); stopwatch.Stop(); foreach (var analysisEndedListener in _components.AnalysisEndedListeners) { analysisEndedListener.AnalysisEnding(null, new AnalysisEndedEventArgs(stopwatch.Elapsed)); } Console.WriteLine("Time spent: " + stopwatch.Elapsed); Console.WriteLine("Found {0} vulnerabilities.", runningVulnReporter.NumberOfReportedVulnerabilities); }
private static void WPGotoAnalysis(Arguments arguments, Config configuration) { var v = Stopwatch.StartNew(); var folders = Directory.GetDirectories(@"G:\WP"); int counter = 0; var progress = new BikeGuyRidingAnimation(folders.Count()); var locker = new object(); Parallel.ForEach(folders, new ParallelOptions() { MaxDegreeOfParallelism = 7 }, folder => { int myNumber = Interlocked.Increment(ref counter); arguments.Target = Path.Combine(arguments.Target, folder); if (!Directory.Exists(arguments.Target)) return; var projectParser = new ProjectParser(arguments.Target, configuration.PHPSettings); ParseResult parseResult = projectParser.ParseProjectFiles(); foreach (var parsedFile in parseResult.ParsedFiles) { //Console.WriteLine("File: " + parsedFile.Key); var traverser = new XmlTraverser(); var metricVisitor = new MetricVisitor(); traverser.AddVisitor(metricVisitor); traverser.Traverse(parsedFile.Value); if (metricVisitor.Gotos > 0) { lock (locker) { System.IO.File.AppendAllLines(@"C:/pluginDLMessages.txt", new [] { "Goto found in " + parsedFile.Key}); } } } //Console.WriteLine(folder); if ((myNumber % 250) == 0) { Console.WriteLine(myNumber + " plugins scanned.."); } }); Console.WriteLine(v.Elapsed); Environment.Exit(1); }
static void Main(string[] args) { Arguments arguments = ParseArguments(args); Configuration = GetConfiguration(arguments.ConfigLocation); Config configuration = Configuration; if (arguments.CTLLTL) { Console.WriteLine("Got here!"); CTLLTLProgram.CTLLTLMain(arguments, configuration); Environment.Exit(0); } FunctionsHandler.Instance.FunctionSpecification = configuration.FuncSpecSettings; FunctionsHandler.Instance.LoadJsonSpecifications(); _components = ImportExternalComponents(configuration.ComponentSettings); Analyze(arguments, configuration); }