def process_mdecl(t, local_tree, filename):
global vuln_found
try:
for b in t.body:
if type(b) is m.MethodInvocation:
if common.sink_list_check(b, local_tree):
common.logger.warning(
"This subclass extends a superclass, potentially via another superclass, which contains a sensitive method invocation: "
+ str(b.name) +
", but does not appear to be tainted by user input. You should review this manually to determine whether the execution of this method by itself represents an issue. Extended class: "
+ str(filename))
vuln_found = True
elif b.target == 'super':
find_extensions(local_tree, t)
#TODO - potentially add setResult check here
elif type(b) is list:
for l in b:
process_mdecl_body(l, local_tree, filename)
elif hasattr(b, '_fields'):
for f in b._fields:
process_mdecl_body(getattr(b, f), local_tree, filename)
except Exception as e:
common.logger.error(
"Problem in process_mdecl function of findSupers.py: " + str(e))
return
def process_mdecl_body(t,local_tree,filename):
global vuln_found
try:
if type(t) is m.MethodInvocation:
#TODO - This might spew out extras when not needed
#findExtras.find_extras(filename,t.name)
try:
if common.sink_list_check(t,local_tree):
common.logger.warning("This subclass extends a superclass, potentially via another superclass, which contains a sensitive method invocation: " + str(t.name) + ", but does not appear to be tainted by user input. You should review this manually to determine whether the execution of this method by itself represents an issue. Extended class: " + str(filename))
vuln_found=True
elif t.target == 'super':
try:
find_extensions(local_tree,t)
except Exception as e:
common.logger.error("Problem calling find_extensions from process_mdecl_body in findSupers.py: " +str(e))
except Exception as e:
common.logger.error("Problem processing MethodInvocation in process_mdecl_body: " +str(e))
elif type(t) is list:
for l in t:
try:
process_mdecl_body(l,local_tree,filename)
except Exception as e:
common.logger.error("Problem recursively calling process_mdecl_body for list from itself in findSupers.py: " +str(e))
elif hasattr(t,'_fields'):
for f in t._fields:
try:
process_mdecl_body(getattr(t,f),local_tree,filename)
except Exception as e:
common.logger.error("Problem recursively calling process_mdecl_body for fields from itself in findSupers.py: " +str(e))
except Exception as e:
common.logger.error("Problem in process_mdecl_body function of findSupers.py "+str(e))
return
def sinks_encountered(t):
global localTree
global found
if type(t) is m.MethodInvocation:
# raw_input()
try:
found=common.sink_list_check(t,localTree)
except Exception as e:
common.logger.error("Problem in call to common.sink_list_check from localMethodDeclarations.py: " + str(e))
elif type(t) is list:
for l in t:
sinks_encountered(l)
elif hasattr(t,'_fields'):
for f in t._fields:
sinks_encountered(f)
return found
def sinks_encountered(token,tree): found=False for type_decl in tree.type_declarations: if type(type_decl) is m.ClassDeclaration: for t in type_decl.body: if type(t) is m.MethodInvocation: if str(t.name)==str(token.name): if len(t.arguments)==len(token.arguments): found=common.sink_list_check(token,tree) elif type(type_decl) is list: for l in type_decl: sinks_encountered(type_decl,tree) elif hasattr(type_decl,'_fields'): for f in type_decl._fields: sinks_encountered(getattr(type_decl,f),tree) if found: common.logger.log(common.VULNERABILITY_LEVEL,"It appears a vulnerablity was found here, but unfortunately we haven't completed this branch yet.") # raw_input() return found
def sinks_encountered(token, tree):
found = False
for type_decl in tree.type_declarations:
if type(type_decl) is m.ClassDeclaration:
for t in type_decl.body:
if type(t) is m.MethodInvocation:
if str(t.name) == str(token.name):
if len(t.arguments) == len(token.arguments):
found = common.sink_list_check(token, tree)
elif type(type_decl) is list:
for l in type_decl:
sinks_encountered(type_decl, tree)
elif hasattr(type_decl, '_fields'):
for f in type_decl._fields:
sinks_encountered(getattr(type_decl, f), tree)
if found:
common.logger.log(
common.VULNERABILITY_LEVEL,
"It appears a vulnerablity was found here, but unfortunately we haven't completed this branch yet."
)
# raw_input()
return found
def process_mdecl(t,local_tree,filename):
global vuln_found
try:
for b in t.body:
if type(b) is m.MethodInvocation:
if common.sink_list_check(b,local_tree):
common.logger.warning("This subclass extends a superclass, potentially via another superclass, which contains a sensitive method invocation: " + str(b.name) + ", but does not appear to be tainted by user input. You should review this manually to determine whether the execution of this method by itself represents an issue. Extended class: " + str(filename))
vuln_found=True
elif b.target == 'super':
find_extensions(local_tree,t)
#TODO - potentially add setResult check here
elif type(b) is list:
for l in b:
process_mdecl_body(l,local_tree,filename)
elif hasattr(b,'_fields'):
for f in b._fields:
process_mdecl_body(getattr(b,f),local_tree,filename)
except Exception as e:
common.logger.error("Problem in process_mdecl function of findSupers.py: "+str(e))
return
