def cfg_create_from_file(self,
filename,
project_modules=list(),
local_modules=list()):
project_definitions.clear()
tree = generate_ast(filename)
self.cfg = make_cfg(tree, project_modules, local_modules, filename)
def cfg_create_from_ast(self,
ast_tree,
project_modules=list(),
local_modules=list()):
project_definitions.clear()
self.cfg = make_cfg(ast_tree,
project_modules,
local_modules,
filename='?')
def analyze(file):
files = discover_files([file], "")
nosec_lines = defaultdict(set)
cfg_list = list()
for path in sorted(files):
directory = os.path.dirname(path)
project_modules = get_modules(directory, prepend_module_root=True)
local_modules = get_directory_modules(directory)
tree = generate_ast(path)
cfg = make_cfg(
tree,
project_modules,
local_modules,
path,
allow_local_directory_imports=False
)
cfg_list = [cfg]
framework_route_criteria = is_fastapi_route_function
# Add all the route functions to the cfg_list
FrameworkAdaptor(
cfg_list,
project_modules,
local_modules,
framework_route_criteria
)
initialize_constraint_table(cfg_list)
analyse(cfg_list)
vulnerabilities = find_vulnerabilities(
cfg_list,
default_blackbox_mapping_file,
default_trigger_word_file,
False,
nosec_lines
)
return vulnerabilities