public PatternUst VisitPatternOrExpression(DslParser.PatternOrExpressionContext context)
{
IEnumerable <PatternUst> values = context.expression().Select(expr => VisitExpression(expr));
var result = new PatternOr(values, context.GetTextSpan());
return(result);
}
public PatternUst VisitMemberReferenceOrLiteralExpression(DslParser.MemberReferenceOrLiteralExpressionContext context)
{
var textSpan = context.GetTextSpan();
var values = new PatternUst[]
{
new PatternMemberReferenceExpression((PatternUst)VisitExpression(context.expression()),
VisitLiteralOrPatternId(context.literalOrPatternId()), textSpan),
VisitLiteralOrPatternId(context.literalOrPatternId())
};
var result = new PatternOr(values, context.GetTextSpan());
return(result);
}
public override PatternUst Visit(PatternOr patternOr)
{
if (patternOr.Patterns.Count == 1)
{
return(Visit(patternOr.Patterns[0]));
}
IEnumerable <PatternUst> exprs = patternOr.Patterns
.Select(e => Visit(e))
.OrderBy(e => e);
return(new PatternOr(exprs, patternOr.TextSpan));
}
public void Sort_PatternVars_CorrectOrder()
{
var unsorted = new PatternOr
(
new PatternStringLiteral("42"),
new PatternIntLiteral(100),
new PatternIntLiteral(42),
new PatternIntLiteral(0),
new PatternStringLiteral("42"),
new PatternNot(new PatternStringLiteral("42")),
new PatternStringLiteral("Hello World!"),
new PatternIdToken("testId"),
new PatternIdToken("42"),
new PatternNot(new PatternStringLiteral("42"))
);
var expectedSorted = new PatternOr
(
new PatternIdToken("42"),
new PatternIdToken("testId"),
new PatternIntLiteral(0),
new PatternIntLiteral(42),
new PatternIntLiteral(100),
new PatternNot(new PatternStringLiteral("42")),
new PatternNot(new PatternStringLiteral("42")),
new PatternStringLiteral("42"),
new PatternStringLiteral("42"),
new PatternStringLiteral("Hello World!")
);
var logger = new TestLogger();
var processor = new DslProcessor();
var normalizer = new PatternNormalizer()
{
Logger = logger
};
var actualPattern = (PatternOr)normalizer.Visit(unsorted);
List <PatternUst> actualAlternatives = actualPattern.Patterns;
List <PatternUst> expectedAlternatives = expectedSorted.Patterns;
Assert.AreEqual(expectedAlternatives.Count, actualAlternatives.Count);
for (int i = 0; i < expectedAlternatives.Count; i++)
{
Assert.IsTrue(expectedAlternatives[i].Equals(actualAlternatives[i]),
$"Not equal at {i} index: expected {expectedAlternatives[i]} not equals to {actualAlternatives[i]}");
}
}
public override PatternUst Visit(PatternOr patternOr)
{
if (patternOr.Patterns.Count == 1)
{
return(Visit(patternOr.Patterns[0]));
}
var exprs = new List <PatternUst>(patternOr.Patterns.Count);
foreach (PatternUst pattern in patternOr.Patterns)
{
exprs.Add(Visit(pattern));
}
exprs.Sort();
return(new PatternOr(exprs, patternOr.TextSpan));
}
private PatternUst ProcessPatternIds(IList <DslParser.PatternIdContext> contexts)
{
PatternUst result;
var firstPatternId = contexts.First();
if (contexts.Count == 1)
{
result = VisitPatternId(firstPatternId);
}
else
{
IEnumerable <PatternUst> values =
contexts.Select(literal => VisitPatternId(literal));
result = new PatternOr(values, firstPatternId.GetTextSpan());
}
return(result);
}
public PatternUst VisitDslCode(DslParser.DslCodeContext context)
{
PatternUst result;
if (context.statement().Length > 0)
{
List <PatternUst> statements = context.statement().Select(
statement => VisitStatement(statement))
.Where(statement => statement != null).ToList();
if (statements.Count == 1)
{
result = statements.First();
}
else
{
result = new PatternStatements(statements)
{
TextSpan = context.GetTextSpan()
};
}
}
else if (context.expression() != null)
{
result = VisitExpression(context.expression());
}
else
{
IEnumerable <PatternCommentRegex> patternComments = context.PatternString().Select(literal =>
new PatternCommentRegex(RemoveQuotes(literal.GetText()), literal.GetTextSpan()));
if (patternComments.Count() == 1)
{
result = patternComments.ElementAt(0);
}
else
{
result = new PatternOr(patternComments, context.GetTextSpan());
}
}
return(result);
}
public virtual T Visit(PatternOr patternOr)
{
return(VisitChildren(patternOr));
}
public IEnumerable <PatternRoot> CreatePhpPatterns()
{
var patterns = new List <PatternRoot>();
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "HardcodedPasswordIn_mysql_connect. Hardcoded passwords could compromise system security in a way that cannot be easily remedied.",
Languages = new HashSet <Language> {
Php.Language
},
Node = new PatternInvocationExpression
{
Target = new PatternIdRegexToken("(?i)^mysql_connect$"),
Arguments = new PatternArgs
(
new PatternAnyExpression(),
new PatternAnyExpression(),
new PatternStringRegexLiteral()
)
}
});
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "InsecureRandomness. Standard pseudorandom number generators cannot withstand cryptographic attacks.",
Languages = new HashSet <Language>()
{
Php.Language
},
Node = new PatternInvocationExpression
{
Target = new PatternIdRegexToken("(?i)^(mt_rand|rand|uniqid|shuffle|lcg_value)$"),
Arguments = new PatternArgs()
}
});
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "OverlyPermissiveCORSPolicyg. The program defines an overly permissive Cross-Origin Resource Sharing (CORS) policy.",
Languages = new HashSet <Language>()
{
Php.Language
},
Node = new PatternInvocationExpression
{
Target = new PatternIdRegexToken("(?i)^header$"),
Arguments = new PatternArgs(new PatternStringRegexLiteral(@"Access-Control-Allow-Origin:\s*\*"))
}
});
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "InadequateRSAPadding. Public key RSA encryption is performed without using OAEP padding, thereby making the encryption weak.",
Languages = new HashSet <Language>()
{
Php.Language
},
Node = new PatternIdToken("OPENSSL_NO_PADDING")
});
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "BrokenRiskyCryptographicAlgorithm. Weak Encryption: Broken or Risky Cryptographic Algorithm.",
Languages = new HashSet <Language>()
{
Php.Language
},
Node = new PatternIdToken("MCRYPT_DES")
});
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "WeakCryptographicHash. Weak cryptographic hashes cannot guarantee data integrity and should not be used in security-critical contexts.",
Languages = new HashSet <Language>()
{
Php.Language
},
Node = new PatternInvocationExpression
{
Target = new PatternIdRegexToken("(?i)^(md5|sha1)$"),
Arguments = new PatternArgs(new PatternMultipleExpressions())
}
});
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "ExcessiveSessionTimeout. An overly long session timeout gives attackers more time to potentially compromise user accounts.",
Languages = new HashSet <Language>()
{
Php.Language
},
Node = new PatternInvocationExpression
{
Target = new PatternMemberReferenceExpression
{
Target = new PatternIdToken("Configure"),
Name = new PatternIdRegexToken("write")
},
Arguments = new PatternArgs
(
new PatternStringLiteral("Security.level"),
new PatternStringLiteral("low")
)
}
});
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "DebugInformation. A CakePHP debug level of 1 or greater can cause sensitive data to be logged.",
Languages = new HashSet <Language>()
{
Php.Language
},
Node = new PatternInvocationExpression
{
Target = new PatternMemberReferenceExpression
{
Target = new PatternIdToken("Configure"),
Name = new PatternIdToken("write")
},
Arguments = new PatternArgs
(
new PatternStringLiteral("debug"),
new PatternIntRangeLiteral(1, 9)
)
}
});
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "SystemInformationLeak. Revealing system data or debugging information helps an adversary learn about the system and form a plan of attack.",
Languages = new HashSet <Language>()
{
Php.Language
},
Node = new PatternInvocationExpression
{
Target = new PatternIdRegexToken("(?i)^(debug_print_backtrace|var_dump|debug_zval_dump|print_r|var_export|phpinfo|mysql_error)$"),
Arguments = new PatternArgs()
}
});
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "WeakCryptographicHashHardcodedSalt. A hardcoded salt may compromise system security in a way that cannot be easily remedied.",
Languages = new HashSet <Language>()
{
Php.Language
},
Node = new PatternInvocationExpression
{
Target = new PatternIdRegexToken("(?i)crypt"),
Arguments = new PatternArgs
(
new PatternAnyExpression(),
new PatternStringRegexLiteral()
)
}
});
var patternNullOrString = new PatternOr
(
new PatternStringRegexLiteral(),
new PatternNullLiteral()
);
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "KeyManagementNullEncryptionKey. Null encryption keys may compromise system security in a way that cannot be easily remedied.",
Languages = new HashSet <Language>()
{
Php.Language
},
Node = new PatternStatements
(
new PatternAssignmentExpression
{
Left = new PatternVar("encryption_key"),
Right = patternNullOrString
},
new PatternAssignmentExpression
{
Left = new PatternAnyExpression(),
Right = new PatternObjectCreateExpression
{
Type = new PatternIdToken("Zend_Filter_Encrypt"),
Arguments = new PatternArgs(new PatternVar("encryption_key"))
}
}
)
});
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "KeyManagementNullEncryptionKey",
Languages = new HashSet <Language>()
{
Php.Language
},
Node = new PatternObjectCreateExpression
{
Type = new PatternIdToken("Zend_Filter_Encrypt"),
Arguments = new PatternArgs(patternNullOrString)
}
});
// TODO: Union this next pattern.
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "CookieSecurityOverlyBroadPath. A cookie with an overly broad path can be accessed through other applications on the same domain.",
Languages = new HashSet <Language>()
{
Php.Language
},
Node = new PatternInvocationExpression
{
Target = new PatternIdRegexToken("(?i)setcookie"),
Arguments = new PatternArgs
(
new PatternAnyExpression(),
new PatternAnyExpression(),
new PatternAnyExpression(),
new PatternStringLiteral("/"),
new PatternAnyExpression(),
new PatternAnyExpression(),
new PatternAnyExpression()
)
}
});
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "CookieSecurityOverlyBroadDomain. A cookie with an overly broad domain opens an application to attacks through other applications.",
Languages = new HashSet <Language>()
{
Php.Language
},
Node = new PatternInvocationExpression
{
Target = new PatternIdRegexToken("(?i)setcookie"),
Arguments = new PatternArgs
(
new PatternAnyExpression(),
new PatternAnyExpression(),
new PatternAnyExpression(),
new PatternAnyExpression(),
new PatternStringRegexLiteral(@"^\..*"),
new PatternAnyExpression(),
new PatternAnyExpression()
)
}
});
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "CookieSecurityHTTPOnlyNotSet. The program creates a cookie, but fails to set the HttpOnly flag to true.",
Languages = new HashSet <Language>()
{
Php.Language
},
Node = new PatternInvocationExpression
{
Target = new PatternIdRegexToken("(?i)setcookie"),
Arguments = new PatternArgs
(
new PatternAnyExpression(),
new PatternAnyExpression(),
new PatternAnyExpression(),
new PatternAnyExpression(),
new PatternAnyExpression(),
new PatternAnyExpression()
)
}
});
patterns.Add(new PatternRoot
{
Key = patternIdGenerator.NextId(),
DebugInfo = "CookieSecurityCookieNotSentOverSSL. The program creates a cookie without setting the secure flag to true.",
Languages = new HashSet <Language>()
{
Php.Language
},
Node = new PatternInvocationExpression
{
Target = new PatternIdRegexToken("(?i)setcookie"),
Arguments = new PatternArgs
(
new PatternAnyExpression(),
new PatternAnyExpression(),
new PatternAnyExpression(),
new PatternAnyExpression(),
new PatternAnyExpression()
)
}
});
return(patterns);
}
