def run_analysis(self, path):
path = os.path.normpath(path)
project_modules = get_modules(os.path.dirname(path))
local_modules = get_directory_modules(os.path.dirname(path))
self.cfg_create_from_file(path, project_modules, local_modules)
cfg_list = [self.cfg]
FrameworkAdaptor(cfg_list, [], [], is_flask_route_function)
initialize_constraint_table(cfg_list)
analyse(cfg_list, analysis_type=ReachingDefinitionsTaintAnalysis)
return vulnerabilities.find_vulnerabilities(
cfg_list,
ReachingDefinitionsTaintAnalysis,
UImode.NORMAL,
VulnerabilityFiles(
default_blackbox_mapping_file,
default_trigger_word_file
)
)
def run_analysis(self, path):
self.cfg_create_from_file(path)
cfg_list = [self.cfg]
FrameworkAdaptor(cfg_list, [], [], is_flask_route_function)
initialize_constraint_table(cfg_list)
analyse(cfg_list, analysis_type=ReachingDefinitionsTaintAnalysis)
return vulnerabilities.find_vulnerabilities(cfg_list, ReachingDefinitionsTaintAnalysis)
def run_analysis(self, path=None):
if path:
self.cfg_create_from_file(path)
cfg_list = [self.cfg]
FrameworkAdaptor(cfg_list, [], [], is_flask_route_function)
initialize_constraint_table(cfg_list)
analyse(cfg_list)
return find_vulnerabilities(cfg_list, default_blackbox_mapping_file,
default_trigger_word_file)
def run_analysis(self, path):
self.cfg_create_from_file(path)
cfg_list = [self.cfg]
FrameworkAdaptor(cfg_list, [], [], is_django_view_function)
initialize_constraint_table(cfg_list)
analyse(cfg_list, analysis_type=ReachingDefinitionsTaintAnalysis)
trigger_word_file = os.path.join('pyt', 'trigger_definitions', 'django_trigger_words.pyt')
return vulnerabilities.find_vulnerabilities(cfg_list, ReachingDefinitionsTaintAnalysis, trigger_word_file=trigger_word_file)
def run_analysis(self):
cfg_list = [self.cfg]
FrameworkAdaptor(cfg_list, [], [], is_flask_route_function)
initialize_constraint_table(cfg_list)
analyse(cfg_list)
trigger_word_file = os.path.join('pyt', 'vulnerability_definitions',
'test_positions.pyt')
return find_vulnerabilities(cfg_list, default_blackbox_mapping_file,
trigger_word_file)
def run_analysis(self, path):
self.cfg_create_from_file(path)
cfg_list = [self.cfg]
FrameworkAdaptor(cfg_list, [], [], is_flask_route_function)
initialize_constraint_table(cfg_list)
analyse(cfg_list, analysis_type=ReachingDefinitionsTaintAnalysis)
return vulnerabilities.find_vulnerabilities(
cfg_list, ReachingDefinitionsTaintAnalysis, UImode.NORMAL,
VulnerabilityFiles(default_blackbox_mapping_file,
default_trigger_word_file))
def run_analysis(self, path):
self.cfg_create_from_file(path)
cfg_list = [self.cfg]
FrameworkAdaptor(cfg_list, [], [], is_function)
initialize_constraint_table(cfg_list)
analyse(cfg_list)
trigger_word_file = os.path.join('pyt', 'vulnerability_definitions',
'all_trigger_words.pyt')
return find_vulnerabilities(cfg_list, default_blackbox_mapping_file,
trigger_word_file)
def run_analysis(self, path):
path = os.path.normpath(path)
project_modules = get_modules(os.path.dirname(path))
local_modules = get_directory_modules(os.path.dirname(path))
self.cfg_create_from_file(path, project_modules, local_modules)
cfg_list = [self.cfg]
FlaskAdaptor(cfg_list, [], [])
initialize_constraint_table(cfg_list)
analyse(cfg_list, analysis_type=ReachingDefinitionsTaintAnalysis)
return vulnerabilities.find_vulnerabilities(cfg_list, ReachingDefinitionsTaintAnalysis)
def analyze(file):
files = discover_files([file], "")
nosec_lines = defaultdict(set)
cfg_list = list()
for path in sorted(files):
directory = os.path.dirname(path)
project_modules = get_modules(directory, prepend_module_root=True)
local_modules = get_directory_modules(directory)
tree = generate_ast(path)
cfg = make_cfg(
tree,
project_modules,
local_modules,
path,
allow_local_directory_imports=False
)
cfg_list = [cfg]
framework_route_criteria = is_fastapi_route_function
# Add all the route functions to the cfg_list
FrameworkAdaptor(
cfg_list,
project_modules,
local_modules,
framework_route_criteria
)
initialize_constraint_table(cfg_list)
analyse(cfg_list)
vulnerabilities = find_vulnerabilities(
cfg_list,
default_blackbox_mapping_file,
default_trigger_word_file,
False,
nosec_lines
)
return vulnerabilities
