private TaintSets AnalyzeNode(XmlNode node)
{
switch (node.LocalName)
{
case AstConstants.Nodes.Expr_BooleanNot:
return(Expr_BooleanNot(node));
case AstConstants.Nodes.Expr_FuncCall:
return(Node_FuncCall(node));
case AstConstants.Nodes.Stmt_Case:
case AstConstants.Nodes.Stmt_Do:
case AstConstants.Nodes.Stmt_ElseIf:
case AstConstants.Nodes.Stmt_For:
case AstConstants.Nodes.Stmt_If:
case AstConstants.Nodes.Stmt_While:
return(Analyze(Conditional.GetCondNode(node)));
//case AstConstants.Nodes.Stmt_Switch:
// Conditional sanitization is currently not supported with switches.
// Since they require special handling (the condition is a mix of the switch node as well as the case nodes).
case AstConstants.Nodes.Expr_BinaryOp_Equal:
case AstConstants.Nodes.Expr_BinaryOp_Identical:
return(EqualsComparison(node));
case AstConstants.Nodes.Expr_BinaryOp_NotEqual:
case AstConstants.Nodes.Expr_BinaryOp_NotIdentical:
isNegated = !isNegated;
return(EqualsComparison(node));
default:
return(new TaintSets().ClearTaint());
}
}
private void DoStatementEnter(XmlNode node)
{
var loopEntryBlock = new CFGBlock();
if (!CurrentBlock.BreaksOutOfScope)
{
loopEntryBlock = ConnectNewBlockTo(CurrentBlock, EdgeType.Normal);
}
Graph.AddVertex(loopEntryBlock);
CurrentBlock = loopEntryBlock;
CFGBlock conditionBlock = new CFGBlock {
AstEntryNode = node
};
CFGBlock loopDoneBlock = ConnectNewBlockTo(conditionBlock, EdgeType.False);
ConnectBlocks(conditionBlock, loopEntryBlock, EdgeType.True);
var loopScope = new LoopScope(loopEntryBlock)
{
LoopBodyStartBlock = loopEntryBlock,
LoopConditionBlock = conditionBlock,
ContinueDestination = conditionBlock,
EndBlock = loopDoneBlock,
};
scopeHandler.EnterLoop(loopScope);
DoNotVisitChildren(Conditional.GetCondNode(node));
}
private void ElseIfStatementsEnter(XmlNode node)
{
var conditionNode = new CFGBlock {
AstEntryNode = node
};
var trueNode = new CFGBlock();
var currentScope = scopeHandler.GetIfStmt();
TaggedEdge <CFGBlock, EdgeTag> toCurrentConditionNode;
if (currentScope.ElseifBlock != null)
{
toCurrentConditionNode = new TaggedEdge <CFGBlock, EdgeTag>(currentScope.ElseifBlock, conditionNode, new EdgeTag(EdgeType.False));
}
else
{
toCurrentConditionNode = new TaggedEdge <CFGBlock, EdgeTag>(currentScope.EntryBlock, conditionNode, new EdgeTag(EdgeType.False));
}
var toTrueNodeEdge = new TaggedEdge <CFGBlock, EdgeTag>(conditionNode, trueNode, new EdgeTag(EdgeType.True));
Graph.AddVerticesAndEdge(toCurrentConditionNode);
currentScope.ElseifBlock = conditionNode;
Graph.AddVerticesAndEdge(toTrueNodeEdge);
DoNotVisitChildren(Conditional.GetCondNode(node));
CurrentBlock = trueNode;
}
private void IfStatementEnter(XmlNode node)
{
if (CurrentBlock.BreaksOutOfScope)
{
CurrentBlock = new CFGBlock();
Graph.AddVertex(CurrentBlock);
}
CFGBlock conditionBlock = ConnectNewBlockTo(CurrentBlock, EdgeType.Normal);
CurrentBlock = conditionBlock;
CFGBlock trueBlock = ConnectNewBlockTo(CurrentBlock, EdgeType.True);
CurrentBlock = trueBlock;
conditionBlock.AstEntryNode = node;
var ifScope = new IfScope(conditionBlock, trueBlock)
{
EndBlock = new CFGBlock()
};
Graph.AddVertex(ifScope.EndBlock);
DoNotVisitChildren(Conditional.GetCondNode(node));
scopeHandler.PushIfStmt(ifScope);
}
private void WhileOrForeachStatementEnter(XmlNode node)
{
CFGBlock conditionBlock = new CFGBlock();
if (!CurrentBlock.BreaksOutOfScope)
{
conditionBlock = ConnectNewBlockTo(CurrentBlock, EdgeType.Normal);
}
CFGBlock loopBodyBlock;
CFGBlock loopExitBlock;
if (node.LocalName == AstConstants.Nodes.Stmt_Foreach)
{
loopBodyBlock = ConnectNewBlockTo(conditionBlock, EdgeType.Normal);
loopExitBlock = ConnectNewBlockTo(conditionBlock, EdgeType.Normal);
}
else
{
loopBodyBlock = ConnectNewBlockTo(conditionBlock, EdgeType.True);
loopExitBlock = ConnectNewBlockTo(conditionBlock, EdgeType.False);
}
conditionBlock.AstEntryNode = node;
var whileLoopScope = new LoopScope(conditionBlock)
{
LoopConditionBlock = conditionBlock,
LoopBodyStartBlock = loopBodyBlock,
ContinueDestination = conditionBlock,
EndBlock = loopExitBlock
};
scopeHandler.EnterLoop(whileLoopScope);
if (node.LocalName == AstConstants.Nodes.Stmt_Foreach)
{
DoNotVisitChildren(node.GetSubNode(AstConstants.Subnode + ":" + AstConstants.Subnodes.Expr));
DoNotVisitChildren(node.GetSubNode(AstConstants.Subnode + ":" + AstConstants.Subnodes.KeyVar));
DoNotVisitChildren(node.GetSubNode(AstConstants.Subnode + ":" + AstConstants.Subnodes.ValueVar));
}
else
{
DoNotVisitChildren(Conditional.GetCondNode(node));
}
CurrentBlock = loopBodyBlock;
}
private void SwitchCaseStatementEnter(XmlNode node)
{
var conditionNode = new CFGBlock();
var trueNode = new CFGBlock();
conditionNode.AstEntryNode = node;
var currentScope = (SwitchScope)scopeHandler.GetInnermostLoop();
TaggedEdge <CFGBlock, EdgeTag> toCurrentConditionNode;
if (CurrentBlock == currentScope.EntryBlock)
{
toCurrentConditionNode = new TaggedEdge <CFGBlock, EdgeTag>(CurrentBlock, conditionNode, new EdgeTag(EdgeType.Normal));
}
else
{
if (currentScope.CurrentCondition != null)
{
toCurrentConditionNode = new TaggedEdge <CFGBlock, EdgeTag>(currentScope.CurrentCondition, conditionNode, new EdgeTag(EdgeType.False));
}
else
{
toCurrentConditionNode = new TaggedEdge <CFGBlock, EdgeTag>(currentScope.EntryBlock, conditionNode, new EdgeTag(EdgeType.Normal));
}
}
var toTrueNodeEdge = new TaggedEdge <CFGBlock, EdgeTag>(conditionNode, trueNode, new EdgeTag(EdgeType.True));
if (Case.IsDefaultCase(node))
{
currentScope.DefaultBlock = conditionNode;
currentScope.DefaultTrueBlock = trueNode;
}
else
{
Graph.AddVerticesAndEdge(toCurrentConditionNode);
currentScope.CurrentCondition = conditionNode;
}
Graph.AddVerticesAndEdge(toTrueNodeEdge);
if (!CurrentBlock.BreaksOutOfScope && CurrentBlock != currentScope.EntryBlock)
{
var fallthrough = new TaggedEdge <CFGBlock, EdgeTag>(CurrentBlock, trueNode, new EdgeTag(EdgeType.Normal));
Graph.AddEdge(fallthrough);
}
CurrentBlock = trueNode;
DoNotVisitChildren(Conditional.GetCondNode(node));
}
private void ForStatementEnter(XmlNode node)
{
CFGBlock forLoopInit = new CFGBlock();
if (!CurrentBlock.BreaksOutOfScope)
{
forLoopInit = ConnectNewBlockTo(CurrentBlock, EdgeType.Normal);
}
forLoopInit.AstEntryNode = ForLoop.GetInitNode(node);
DoNotVisitChildren(forLoopInit.AstEntryNode);
CFGBlock conditionBlock = ConnectNewBlockTo(forLoopInit, EdgeType.Normal);
conditionBlock.AstEntryNode = node;
DoNotVisitChildren(Conditional.GetCondNode(node));
CFGBlock loopUpdateBlock = new CFGBlock {
AstEntryNode = ForLoop.GetLoopNode(node)
};
DoNotVisitChildren(loopUpdateBlock.AstEntryNode);
var edge = new TaggedEdge <CFGBlock, EdgeTag>(loopUpdateBlock, conditionBlock, new EdgeTag(EdgeType.Normal));
Graph.AddVerticesAndEdge(edge);
CFGBlock loopBodyBlock = ConnectNewBlockTo(conditionBlock, EdgeType.True);
CFGBlock loopDoneBlock = ConnectNewBlockTo(conditionBlock, EdgeType.False);
var loopScope = new LoopScope(forLoopInit)
{
LoopConditionBlock = loopUpdateBlock,
LoopBodyStartBlock = loopBodyBlock,
LoopUpdateBlock = loopUpdateBlock,
ContinueDestination = loopUpdateBlock,
EndBlock = loopDoneBlock
};
scopeHandler.EnterLoop(loopScope);
CurrentBlock = loopBodyBlock;
}
private void SwitchStatementEnter(XmlNode node)
{
if (CurrentBlock.BreaksOutOfScope)
{
CurrentBlock = new CFGBlock();
Graph.AddVertex(CurrentBlock);
}
var switchScope = new SwitchScope(new CFGBlock()
{
AstEntryNode = node
}, new CFGBlock());
var edgeToSwitch = new TaggedEdge <CFGBlock, EdgeTag>(CurrentBlock, switchScope.SwitchStartNode, new EdgeTag(EdgeType.Normal));
Graph.AddVerticesAndEdge(edgeToSwitch);
Graph.AddVertex(switchScope.EndBlock);
CurrentBlock = switchScope.SwitchStartNode;
scopeHandler.EnterLoop(switchScope);
DoNotVisitChildren(Conditional.GetCondNode(node));
}
private ReachingSet AnalyzeNode(TaggedEdge <CFGBlock, EdgeTag> edge)
{
if (ReachingSetDictionary[edge.Source] == null)
{
ReachingSetDictionary = ReachingSetDictionary.SetItem(edge.Source, new ReachingSet());
}
if (ReachingSetDictionary[edge.Target] == null)
{
ReachingSetDictionary = ReachingSetDictionary.SetItem(edge.Target, new ReachingSet());
}
var node = edge.Target;
// IN:
// U RD_OUT(l')
// (l'~>l)
ReachingSetDictionary = ReachingSetDictionary.SetItem(node,
ReachingSetDictionary[node].AddInVarRange(ReachingSetDictionary[edge.Source].DefinedOutVars, true));
// OUT:
// (RD_IN(l) \ kill(l)) U gen(l)
var Out = ReachingSetDictionary[node];
Out = Out.AddOutVarRange(ReachingSetDictionary[node].DefinedInVars);
XmlTraverser xmlTraverser = new XmlTraverser();
CFGASTNodeVisitor nodeVisitor = new CFGASTNodeVisitor();
xmlTraverser.AddVisitor(nodeVisitor);
if (node.AstEntryNode != null)
{
var nodeToTraverse = Conditional.HasConditionNode(node.AstEntryNode) ? Conditional.GetCondNode(node.AstEntryNode)
: node.AstEntryNode;
xmlTraverser.Traverse(nodeToTraverse);
foreach (var currNode in nodeVisitor.NodesOfInterest)
{
var varNode = AstNodeInfo.GetVarNameXmlNode(currNode);
ValueInfo varInfo = new ValueInfo()
{
Block = node
};
varInfo = VariableInfoComposer.AnalyzeBlock(varInfo);
var gs = new Variable(AstNodeInfo.GetVarNameXmlNode(currNode).Name, VariableScope.Unknown);
gs = gs.AddVarInfo(varInfo);
Out = Out.AddOutVar(varNode.InnerText, gs);
}
}
ReachingSetDictionary = ReachingSetDictionary.SetItem(node, ReachingSetDictionary[node].AddOutVarRange(Out.DefinedOutVars));
return(ReachingSetDictionary[node]);
}
private void WhileStatementEnter(XmlNode node)
{
WhileOrForeachStatementEnter(node);
DoNotVisitChildren(Conditional.GetCondNode(node));
}
