internal static void RunInfoLevelTaintAnalysisCase(TestCase testCase, bool prototype = true)
{
var analyses = CreateAnalyses(testCase);
foreach (var analysis in analyses)
{
var ppg = GetAnalyzedGraph(testCase, analysis);
if (prototype)
{
var nextPhase = new SimpleTaintForwardAnalysis(ppg);
nextPhase.Analyse();
}
else
{
var nextPhase = new TaintForwardAnalysis(ppg);
nextPhase.Analyse();
}
testCase.Assert(ppg);
}
}
/// <summary>
/// Execute the static analysis and print results
/// </summary>
/// <param name="filenames">List of file name patterns from command line</param>
/// <param name="memoryModel">The memory model used for analysis</param>
private static void RunStaticAnalysis(string[] filenames, MemoryModels.MemoryModelFactory memoryModel, bool displayTaintFlows)
{
var console = new ConsoleOutput();
console.CommentLine("Using " + memoryModel.ToString());
console.CommentLine("");
foreach (var argument in filenames)
{
var filesInfo = Analyzer.GetFileNames(argument);
if (filesInfo == null)
{
Console.WriteLine("Path \"{0}\" cannot be recognized", argument);
Console.WriteLine();
continue;
}
else if (filesInfo.Length <= 0)
{
Console.WriteLine("Path pattern \"{0}\" does not match any file", argument);
Console.WriteLine();
continue;
}
foreach (var fileInfo in filesInfo)
{
// This is for time consumption analyzing only
// Analyze twice - because of omitting .NET initialization we get better analysis time
//Analyzer.Run(fileInfo, memoryModel);
#if TEST
// Process analysis
// First phase
var watch = System.Diagnostics.Stopwatch.StartNew();
var ppGraph = Analyzer.Run(fileInfo, memoryModel);
watch.Stop();
// Second phase
var watch2 = System.Diagnostics.Stopwatch.StartNew();
var nextPhase = new TaintForwardAnalysis(ppGraph);
nextPhase.Analyse();
watch2.Stop();
// Build output
console.CommentLine(string.Format("File path: {0}\n", fileInfo.FullName));
var graphWalker = new GraphWalking.CallGraphPrinter(ppGraph);
console.CommentLine(string.Format("Analysis completed in: {0}ms\n", watch.ElapsedMilliseconds));
//graphWalker.Run(console);
console.Warnings(AnalysisWarningHandler.GetWarnings(), AnalysisWarningHandler.GetSecurityWarnings());
console.CommentLine(string.Format("Analysis completed in: {0}ms\n", watch.ElapsedMilliseconds));
console.CommentLine(string.Format("The number of nodes in the application is: {0}\n", numProgramPoints(new HashSet <ProgramPointGraph>(), new Dictionary <string, HashSet <int> >(), ppGraph)));
//printIncludes(console, ppGraph);
//console.CommentLine(string.Format("Analysis in the second phase completed in: {0}ms\n", watch2.ElapsedMilliseconds));
//console.WarningsTaint(nextPhase.analysisTaintWarnings);
if (ppGraph.End.OutSet != null)
{
console.CommentLine(string.Format("The number of memory locations is: {0}\n", ppGraph.End.OutSnapshot.NumMemoryLocations()));
int[] statistics = ppGraph.End.OutSnapshot.GetStatistics().GetStatisticsValues();
console.CommentLine(string.Format("The number of memory entry assigns is: {0}\n", statistics[(int)Statistic.MemoryEntryAssigns]));
console.CommentLine(string.Format("The number of value reads is: {0}\n", statistics[(int)Statistic.ValueReads]));
console.CommentLine(string.Format("The number of memory entry merges is: {0}\n", statistics[(int)Statistic.MemoryEntryMerges]));
console.CommentLine(string.Format("The number of index reads is: {0}\n", statistics[(int)Statistic.IndexReads]));
console.CommentLine(string.Format("The number of value reads is: {0}\n", statistics[(int)Statistic.ValueReads]));
}
else
{
console.CommentLine(string.Format("Snapshot statistics are not available, because end point was not reached"));
}
#else
console.CommentLine(string.Format("File path: {0}\n", fileInfo.FullName));
TaintForwardAnalysis nextPhase = null;
System.Diagnostics.Stopwatch watch = null;
try
{
watch = System.Diagnostics.Stopwatch.StartNew();
var ppGraph = Analyzer.Run(fileInfo, memoryModel);
watch.Stop();
if (ppGraph.End.OutSet != null)
{
//console.ProgramPointInfo("End point", ppGraph.End);
}
else
{
//console.Error("End point was not reached");
}
console.CommentLine(string.Format("First phase of the analysis completed in: {0} seconds\n", watch.ElapsedMilliseconds / 1000));
nextPhase = new TaintForwardAnalysis(ppGraph);
nextPhase.Analyse();
}
catch (OutOfMemoryException)
{
watch.Stop();
console.Error(string.Format("The analyser ran out of memory after {0} seconds, terminating the analysis.\n", watch.ElapsedMilliseconds / 1000));
}
catch (Exception e)
{
console.Error("Analyser crashed (" + e.Message + ").");
}
finally
{
console.Warnings(AnalysisWarningHandler.GetWarnings(), nextPhase != null ? nextPhase.analysisTaintWarnings : new List <AnalysisTaintWarning>(), displayTaintFlows);
}
#endif
}
//Console.ReadKey();
Console.WriteLine();
}
}
private static void RunStaticAnalysis(string[] filenames, MemoryModels.MemoryModelFactory memoryModel)
{
var bigWatch = System.Diagnostics.Stopwatch.StartNew();
var console = new ConsoleOutput();
foreach (var argument in filenames)
{
var filesInfo = Analyzer.GetFileNames(argument);
if (filesInfo == null)
{
fileOutput.WriteLine("Path \"{0}\" cannot be recognized", argument);
fileOutput.WriteLine();
continue;
}
else if (filesInfo.Length <= 0)
{
fileOutput.WriteLine("Path pattern \"{0}\" does not match any file", argument);
fileOutput.WriteLine();
}
foreach (var fileInfo in filesInfo)
{
console.CommentLine(string.Format("File path: {0}\n", fileInfo.FullName));
//try
{
var watch = System.Diagnostics.Stopwatch.StartNew();
var ppGraph = Analyzer.Run(fileInfo, memoryModel);
watch.Stop();
GC.Collect();
GC.WaitForPendingFinalizers();
var watch2 = System.Diagnostics.Stopwatch.StartNew();
var nextPhase = new TaintForwardAnalysis(ppGraph);
nextPhase.analysisTaintWarnings = new List <AnalysisTaintWarning>();
if (SECOND_PHASE)
{
nextPhase.Analyse();
}
watch2.Stop();
fileOutput.WriteLine("Analysis warnings:");
var firstPhaseWarnings = AnalysisWarningHandler.GetWarnings();
//PrintWarnings(new List<AnalysisWarning>());
PrintWarnings(firstPhaseWarnings);
var firstPhaseSecurityWarnings = new List <AnalysisSecurityWarning>();
if (!SECOND_PHASE)
{
firstPhaseSecurityWarnings = AnalysisWarningHandler.GetSecurityWarnings();
PrintSecurityWarnings(firstPhaseSecurityWarnings);
}
//fileOutput.WriteLine("Security warnings with taint flow:");
if (SECOND_PHASE)
{
PrintTaintWarnings(nextPhase.analysisTaintWarnings);
}
fileOutput.WriteLine("Variables:");
var processedPPGraphs = new HashSet <ProgramPointGraph>();
var processedPPoints = new HashSet <ProgramPointBase>();
writeAll(ppGraph, ref processedPPGraphs, ref processedPPoints);
bigWatch.Stop();
fileOutput.WriteLine("Overview:");
fileOutput.WriteLine("Total number of warnings: " + (firstPhaseWarnings.Count + firstPhaseSecurityWarnings.Count + nextPhase.analysisTaintWarnings.Count));
fileOutput.WriteLine("Number of warnings in the first phase: " + firstPhaseWarnings.Count);
fileOutput.WriteLine("Number of warnings in the second phase: " + nextPhase.analysisTaintWarnings.Count);
fileOutput.WriteLine("Weverca analyzer time consumption: " + bigWatch.ElapsedMilliseconds);
fileOutput.WriteLine("First phase time consumption: " + watch.ElapsedMilliseconds);
fileOutput.WriteLine("Second phase time consumption: " + watch2.ElapsedMilliseconds);
var programLines = new Dictionary <string, HashSet <int> > ();
fileOutput.WriteLine("The number of nodes in the application is: " + Program.numProgramPoints(new HashSet <ProgramPointGraph>(), programLines, ppGraph));
var programLinesNum = 0;
foreach (var script in programLines.Values)
{
programLinesNum += script.Count;
}
fileOutput.WriteLine("The number of processed lines of code is: " + programLinesNum);
}
/*
* catch (Exception e)
* {
* fileOutput.WriteLine("error");
* //console.Error(e.Message);
* fileOutput.WriteLine (e.Message);
* }*/
}
}
}