string GetIndexStringValue(JintItem IndexItem)
{
string IndexValue = "";
switch (IndexItem.State)
{
case (JintState.IdentifierIndex):
IndexValue = IJ.GetStringObject(new List <JintItem>()
{
new JintItem(IndexItem.LineNo, IndexItem.CharNo, JintState.Identifier, IndexItem.Value)
});
break;
case (JintState.Indexer):
IndexValue = IJ.GetStringObject(IndexItem.SubItems);
break;
}
return(IndexValue);
}
string GetIndexStringValue(JintItem IndexItem)
{
string IndexValue = "";
switch(IndexItem.State)
{
case (JintState.IdentifierIndex):
IndexValue = IJ.GetStringObject(new List<JintItem>() { new JintItem(IndexItem.LineNo, IndexItem.CharNo, JintState.Identifier, IndexItem.Value) });
break;
case (JintState.Indexer):
IndexValue = IJ.GetStringObject(IndexItem.SubItems);
break;
}
return IndexValue;
}
void Analyze(MethodCall Stmt)
{
SetCurrentLineAndCharNos(Stmt);
int LineNo = CurrentLineNo;
JintItem LastItem;
if (JintStack.Count > 0)
{
LastItem = JintStack[JintStack.Count - 1];
if (LastItem.State == JintState.MethodCallArgument || LastItem.State == JintState.MethodName)
{
LastItem = new JintItem(CurrentLineNo, 0, JintState.AnonymousMethod);
JintStack.Add(LastItem);
}
}
else
{
LastItem = new JintItem(CurrentLineNo, 0, JintState.AnonymousMethod);
JintStack.Add(LastItem);
}
int MethodCallIndex = 0;
if (LastItem.State == JintState.Identifier || LastItem.State == JintState.Property || LastItem.State == JintState.Indexer || LastItem.State == JintState.StringIndex || LastItem.State == JintState.IdentifierIndex || LastItem.State == JintState.IntIndex || LastItem.State == JintState.AnonymousMethod || LastItem.LineNo != LineNo)
{
RemoveJintStackFrom(JintStack.Count - 1);
if (LastItem.State == JintState.Identifier || LastItem.State == JintState.Property)
JintStack.Add(new JintItem(LastItem.LineNo, LastItem.CharNo, JintState.MethodCallName, LastItem.Value));
else
JintStack.Add(new JintItem(LastItem.LineNo, LastItem.CharNo, JintState.MethodCallName, ""));
LineNo = LastItem.LineNo;
MethodCallIndex = JintStack.Count - 1;
if (Stmt.Arguments != null)
{
if (Stmt.Arguments.Count > 0)
Analyze(Stmt.Arguments);
else
AddToJintStack(Stmt.Source, JintState.MethodCallArgument);
}
List<JintItem> MethodRelatedItems = GetMethodItems(MethodCallIndex);
ItemChecker IC = new ItemChecker(this);
List<JintItem> MethodArguments = IC.GetLastMethodArguments(MethodRelatedItems);
List<int> SourcePositions = new List<int>();
List<int> SinkPositions = new List<int>();
for (int i = 0; i < MethodArguments.Count; i++)
{
TaintResult Result = IC.Check(MethodArguments[i].SubItems);
if (Result.SourceTaint)
{
SourcePositions.Add(i);
Result.SourceReasons.Add("Method Argument is a Source");
AddSourceLine(CurrentLineNo, Result.SourceReasons);
}
if (Result.SinkTaint)
{
SinkPositions.Add(i);
Result.SinkReasons.Add("Method Argument is a Sink");
AddSinkLine(CurrentLineNo, Result.SinkReasons);
}
}
foreach (List<JintItem> Template in ArgumentAssignedASourceMethods)
{
if(Template.Count == 0) continue;
TaintResult MethodResult = IC.IsMatch(MethodRelatedItems, Template);
if (MethodResult.NeutralReasons.Count > 0)
{
List<JintItem> TemplateArguments = IC.GetLastMethodArguments(Template);
if(TemplateArguments.Count == 0) continue;
AddSourceLine(LineNo, Template[0].SourceReasons);
if (TemplateArguments.Count == 1 && TemplateArguments[0].SubItems.Count == 0 && SinkPositions.Count > 0)
AddSourceToSinkLine(LineNo);
else if (MethodArguments.Count == TemplateArguments.Count)
{
foreach (int i in SinkPositions)
{
if(TemplateArguments.Count > i)
if(TemplateArguments[i].SubItems.Count > 0)
if(TemplateArguments[i].SubItems[0].State == JintState.MethodCallArgumentTaintPointer)
AddSourceToSinkLine(LineNo);
}
}
}
}
foreach (List<JintItem> Template in ArgumentAssignedToSinkMethods)
{
if (Template.Count == 0) continue;
TaintResult MethodResult = IC.IsMatch(MethodRelatedItems, Template);
if (MethodResult.NeutralReasons.Count > 0)
{
List<JintItem> TemplateArguments = IC.GetLastMethodArguments(Template);
if (TemplateArguments.Count == 0) continue;
AddSinkLine(LineNo, Template[0].SinkReasons);
if (TemplateArguments.Count == 1 && TemplateArguments[0].SubItems.Count == 0 && SourcePositions.Count > 0)
AddSourceToSinkLine(LineNo);
else if (MethodArguments.Count == TemplateArguments.Count)
{
foreach (int i in SourcePositions)
{
if (TemplateArguments.Count > i)
if (TemplateArguments[i].SubItems.Count > 0)
if (TemplateArguments[i].SubItems[0].State == JintState.MethodCallArgumentTaintPointer)
AddSourceToSinkLine(LineNo);
}
}
}
}
}
else
{
IronException.Report("MethodName missing in IronJint", "LastItem State -" + LastItem.State.ToString());
}
if (Stmt.Generics != null) Analyze(Stmt.Generics);
}