def detect_smell(self, token, project_name, src_file):
try:
if token.__contains__("line"): lineno = token["line"]
if token.__contains__("type"): tokenType = token["type"]
if token.__contains__("name"): name = token["name"]
if token.__contains__("args"): args = token["args"]
if tokenType == "function_call" and name in self.insecure_methods:
if self.has_dangerous_parameters_in_function_call(
token['args']):
self.trigger_alarm(project_name, src_file, lineno, token)
elif tokenType == 'function_call' and name == 'subprocess.call' and len(
args) > 0:
if isinstance(token['args'][0], list):
for arg in token['args'][0]:
if arg in self.insecure_methods:
if self.has_dangerous_parameters_in_function_call(
token['args'][0]):
self.trigger_alarm(project_name, src_file,
lineno, token)
else:
for arg in token['args']:
if arg in self.insecure_methods:
if self.has_dangerous_parameters_in_function_call(
token['args']):
self.trigger_alarm(project_name, src_file,
lineno, token)
except Exception as error:
save_token_detection_exception(
'file permission detection ' + str(error) + ' ' + str(token),
src_file)
def detect_smell(self, token, project_name, src_file):
try:
if token.__contains__("line"): lineno = token["line"]
if token.__contains__("type"): token_type = token["type"]
if token_type == "variable" and token.__contains__("valueSrc"):
if token["valueSrc"] in self.insecure_methods:
self.trigger_alarm(project_name, src_file, lineno, token)
elif token_type == "function_call" and token.__contains__("name"):
if token["name"] in self.insecure_methods:
self.trigger_alarm(project_name, src_file, lineno, token)
if token.__contains__("args"):
for arg in token["args"]:
if arg in self.insecure_methods:
self.trigger_alarm(project_name, src_file, lineno,
token)
elif token_type == "function_def" and token.__contains__(
"return") and token['return'] is not None:
for func_return in token["return"]:
if func_return in self.insecure_methods:
self.trigger_alarm(project_name, src_file, lineno,
token)
except Exception as error:
save_token_detection_exception(
'yaml load detection ' + str(error) + ' ' + str(token),
src_file)
def detect_smell(self, token, project_name, src_file):
try:
if token.__contains__("line"): lineno = token["line"]
if token.__contains__("type"): tokenType = token["type"]
if token.__contains__("name"): name = token["name"]
if tokenType == "variable" and name in self.context_variables and token[
'value'] is False:
self.trigger_alarm(project_name, src_file, lineno, token)
elif tokenType == "variable" and token.__contains__(
"valueSrc") and token.__contains__("funcKeywords"):
keywords = token['funcKeywords']
valueSrc = token['valueSrc']
if (valueSrc in self.http_libs
or self.is_http_call_relaxed(valueSrc)
) and len(keywords) > 0:
for keyword in keywords:
if keyword[0] == 'verify' and (keyword[1] is False or
keyword[1] == 'False'):
self.trigger_alarm(project_name, src_file, lineno,
token)
elif tokenType == "function_call" and (
name in self.http_libs or self.is_http_call_relaxed(name)
) and token.__contains__("keywords"):
keywords = token["keywords"]
for keyword in keywords:
if keyword[0] == 'verify' and (keyword[1] is False
or keyword[1] == 'False'):
self.trigger_alarm(project_name, src_file, lineno,
token)
elif tokenType == "function_def" and token.__contains__(
"return") and token.__contains__(
"returnKeywords") and token["return"] is not None:
keywords = token['returnKeywords']
for func_return in token['return']:
if func_return in self.http_libs or self.is_http_call_relaxed(
func_return):
for keyword in keywords:
if keyword[0] == 'verify' and (keyword[1] is False
or keyword[1]
== 'False'):
self.trigger_alarm(project_name, src_file,
lineno, token)
except Exception as error:
save_token_detection_exception(
'no certificate detection ' + str(error) + ' ' + str(token),
src_file)
def detect_smell(self, token, project_name, src_file):
try:
if token.__contains__("line"): lineno = token["line"]
if token.__contains__("type"): tokenType = token["type"]
if tokenType == "variable" and token.__contains__(
"valueSrc") and token["valueSrc"] in self.insecure_methods:
self.trigger_alarm(project_name, src_file, lineno, token)
elif tokenType == "function_call":
if token["name"] is not None and token["name"].lower().strip(
) in self.insecure_methods:
self.trigger_alarm(project_name, src_file, lineno, token)
elif token["name"] is not None and token["name"].lower().strip(
) == 'hashlib.new':
black_listed_args = ['md4', 'md5', 'sha', 'sha1']
for arg in token["args"]:
if arg in black_listed_args:
self.trigger_alarm(project_name, src_file, lineno,
token)
if token.__contains__('keywords') and len(
token['keywords']) > 0:
for keyword in token['keywords']:
if keyword[1] is not None and keyword[
1] in self.insecure_methods and keyword[
2] is False:
self.trigger_alarm(project_name, src_file, lineno,
token)
elif tokenType == "function_def":
smell_found_in_return_statement = False
if token.__contains__(
"return") and token["return"] is not None:
for func_return in token["return"]:
if func_return in self.insecure_methods:
smell_found_in_return_statement = True
if token.__contains__('returnLine'):
lineno = token['returnLine']
self.trigger_alarm(project_name, src_file, lineno,
token)
if smell_found_in_return_statement is False and token.__contains__(
"returnArgs"):
for arg in token["returnArgs"]:
if arg in self.insecure_methods:
self.trigger_alarm(project_name, src_file, lineno,
token)
except Exception as error:
save_token_detection_exception(
'cipher detection ' + str(error) + ' ' + str(token),
src_file)
def detect_smell(self, token, project_name, src_file):
lineno = token['line']
try:
if token['type'] in self.insecure_token_types:
self.trigger_alarm(project_name, src_file, lineno, token)
except Exception as error:
save_token_detection_exception(
'assert detection ' + str(error) + ' ' + str(token),
src_file)
def detect_smell(self, token, project_name, src_file):
try:
if token.__contains__("line"): lineno = token["line"]
if token.__contains__("type"): token_type = token["type"]
if token.__contains__("name"): name = token["name"]
if token.__contains__("args"): args = token["args"]
if token["type"] == 'variable' and token['name'] is not None:
if token.__contains__('value') and token.__contains__(
'values') is False and token['value'] is not None:
if self.is_sql_query(
token['name']) and self.has_insecure_values(
[token['value']]):
self.trigger_alarm(project_name, src_file, lineno,
token)
if token.__contains__('value') and token.__contains__(
'values'):
if self.is_sql_query(
token['name']) and self.has_insecure_values(
token['values']):
self.trigger_alarm(project_name, src_file, lineno,
token)
if token["type"] == "variable" and token.__contains__(
'valueSrc') and token.__contains__('args'):
if (token['valueSrc'] in self.insecure_methods
or self.query_methods_has_patterns(token['valueSrc'])):
self.trigger_alarm(project_name, src_file, lineno, token)
elif token_type == "function_call" and token.__contains__(
'name') and token.__contains__('args'):
if (name in self.insecure_methods
or self.query_methods_has_patterns(name)):
if len(token['args']) > 1 and self.has_insecure_values(
token['args']):
self.trigger_alarm(project_name, src_file, lineno,
token)
elif token_type == "function_def" and token.__contains__(
'return'
) and token["return"] is not None and token.__contains__(
'returnArgs'):
for func_return in token['return']:
if (func_return in self.insecure_methods
or self.query_methods_has_patterns(func_return)):
self.trigger_alarm(project_name, src_file, lineno,
token)
except Exception as error:
save_token_detection_exception(
'constructing sql statement upon user input detection ' +
str(error) + ' ' + str(token), src_file)
def detect_smell(self, token, project_name, src_file):
try:
if token.__contains__("line"): lineno = token["line"]
if token.__contains__("type"): token_type = token["type"]
if token.__contains__("exceptionHandler"):
exception_handler = token["exceptionHandler"]
if token_type == "exception_handle" and exception_handler in self.unwanted_handlers:
self.trigger_alarm(project_name, src_file, lineno, token)
except Exception as error:
save_token_detection_exception(
'ignore except detection ' + str(error) + ' ' + str(token),
src_file)
def detect_smell(self, token, project_name, src_file):
try:
if token.__contains__("line"): lineno = token["line"]
if token.__contains__("type"): token_type = token["type"]
if token['type'] == 'import':
if token.__contains__('og'):
for method in self.insecure_methods:
if self.is_sublist_of_another_list(
token['og'].split('.'), method.split('.')):
self.trigger_alarm(project_name, src_file, lineno,
token)
break
elif token_type == "variable" and token.__contains__(
"valueSrc") and token["valueSrc"] in self.insecure_methods:
self.trigger_alarm(project_name, src_file, lineno, token)
elif token_type == "function_call":
if token.__contains__(
"name") and token["name"] in self.insecure_methods:
self.trigger_alarm(project_name, src_file, lineno, token)
if token.__contains__("args") and len(token["args"]) > 0:
for arg in token["args"]:
if arg in self.insecure_methods:
self.trigger_alarm(project_name, src_file, lineno,
token)
elif token_type == "function_def" and token.__contains__(
"return") and token["return"] is not None:
for func_return in token["return"]:
if func_return in self.insecure_methods:
self.trigger_alarm(project_name, src_file, lineno,
token)
except Exception as error:
save_token_detection_exception(
'deserialization detection ' + str(error) + ' ' + str(token),
src_file)
def detect_smell(self, token, project_name, src_file):
try:
if token.__contains__("line"): lineno = token["line"]
if token.__contains__("type"): tokenType = token["type"]
if tokenType == "variable":
if token.__contains__("valueSrc"): valueSrc = token["valueSrc"]
if self.is_insecure_method(valueSrc):
self.trigger_alarm(project_name, src_file, lineno, token)
if token.__contains__("args"):
for arg in token["args"]:
if self.is_insecure_method(arg):
self.trigger_alarm(project_name, src_file, lineno,
token)
elif tokenType == "function_call":
if token.__contains__("name"): name = token["name"]
if token.__contains__("args"): args = token["args"]
if self.is_insecure_method(name):
self.trigger_alarm(project_name, src_file, lineno, token)
for arg in args:
if self.is_insecure_method(arg):
self.trigger_alarm(project_name, src_file, lineno,
token)
elif tokenType == "function_def" and token.__contains__(
"return") and token["return"] is not None:
for func_return in token["return"]:
if self.is_insecure_method(func_return):
self.trigger_alarm(project_name, src_file, lineno,
token)
except Exception as error:
save_token_detection_exception(
'xss detection ' + str(error) + ' ' + str(token), src_file)
def detect_smell(self, token, project_name, src_file):
try:
if token.__contains__("line"): lineno = token["line"]
if token.__contains__("type"): tokenType = token["type"]
if token.__contains__("name"): name = token["name"]
if token.__contains__("args"): args = token["args"]
if token.__contains__("hasInputs"):
containsUserInput = token["hasInputs"]
if tokenType == "variable" and token.__contains__(
"valueSrc") and token["valueSrc"] is not None and token[
"valueSrc"] != 'initialization':
if token["valueSrc"].strip(
) in self.shell_methods or self.is_extended_shell_command_names(
token["valueSrc"].strip()):
self.trigger_alarm(project_name, src_file, lineno, token)
elif tokenType == "function_call" and name is not None and (
name.strip() in self.shell_methods
or self.is_extended_shell_command_names(name.strip())):
self.trigger_alarm(project_name, src_file, lineno, token)
elif tokenType == "function_def" and token.__contains__(
'return') and token["return"] is not None:
for func_return in token['return']:
if isinstance(func_return, str) and (
func_return in self.shell_methods or
self.is_extended_shell_command_names(func_return)):
self.trigger_alarm(project_name, src_file, lineno,
token)
except Exception as error:
print(str(error))
save_token_detection_exception(
'command injection detection ' + str(error) + ' ' +
str(token), src_file)
def detect_smell(self, token, project_name, src_file):
try:
if token.__contains__("line"): lineno = token["line"]
if token.__contains__("type"): token_type = token["type"]
if token.__contains__("name"): name = token["name"]
if token.__contains__("value"): value = token["value"]
if token.__contains__("valueSrc"): valueSrc = token["valueSrc"]
if token_type == "variable" and name is not None and value is not None and valueSrc == "initialization":
for key in self.common_keywords:
if re.match(r'[_A-Za-z0-9-\.]*{key}\b'.format(key=key),
name.lower().strip()) or re.match(
r'\b{key}[_A-Za-z0-9-\.]*'.format(key=key),
name.lower().strip()):
if self.is_valid_hardcoded_value(value):
self.trigger_alarm(project_name, src_file, lineno,
token)
break
if token_type == "variable" and name is not None and token.__contains__(
'funcKeywords'):
for keyword in token['funcKeywords']:
for key in self.common_keywords:
if re.match(r'[_A-Za-z0-9-]*{key}\b'.format(key=key),
keyword[0].lower().strip(
)) and self.is_valid_hardcoded_value(
keyword[1]):
self.trigger_alarm(project_name, src_file, lineno,
token)
break
elif (token_type == "list" or token_type == "set"
) and name is not None and token.__contains__("values"):
for key in self.common_keywords:
if re.match(r'[_A-Za-z0-9-]*{key}\b'.format(key=key),
name.lower().strip()):
for value in token['values']:
if self.is_valid_hardcoded_value(value):
self.trigger_alarm(project_name, src_file,
lineno, token)
break
elif token_type == "dict" and token.__contains__("pairs"):
for value_pair in token['pairs']:
if len(value_pair
) == 2 and value_pair[0] is not None and isinstance(
value_pair[0],
str) and value_pair[1] is not None:
for key in self.common_keywords:
if re.match(
r'[_A-Za-z0-9-]*{key}\b'.format(key=key),
value_pair[0].lower().strip()
) and self.is_valid_hardcoded_value(value_pair[1]):
self.trigger_alarm(project_name, src_file,
lineno, token)
break
elif token_type == "comparison" and token.__contains__("pairs"):
for pair in token["pairs"]:
if len(pair) == 2 and pair[0] is not None and isinstance(
pair[0], str) and pair[0] != 'key' and pair[
0] != 'token' and pair[1] is not None:
for key in self.common_keywords:
if re.match(
r'[_A-Za-z0-9-]*{key}\b'.format(key=key),
pair[0].lower().strip()
) and self.is_valid_hardcoded_value(pair[1]):
self.trigger_alarm(project_name, src_file,
lineno, token)
break
elif token_type == "function_call" and token.__contains__(
'keywords'):
for keyword in token['keywords']:
if len(keyword) == 3 and isinstance(
keyword[0], str) and keyword[0].lower(
) is not None and keyword[
1] is not None and keyword[2] is True:
for key in self.common_keywords:
if re.match(
r'[_A-Za-z0-9-]*{key}\b'.format(key=key),
keyword[0].lower().strip()
) and self.is_valid_hardcoded_value(keyword[1]):
self.trigger_alarm(project_name, src_file,
lineno, token)
break
elif token_type == "function_def" and token.__contains__(
"args") and token.__contains__("defaults"):
defaults_size = len(token['defaults'])
args = token['args'][-defaults_size:]
for pair in zip(args, token['defaults']):
for key in self.common_keywords:
if re.match(r'[_A-Za-z0-9-]*{key}\b'.format(
key=key
), pair[0].lower().strip()) and pair[1][
1] is True and self.is_valid_hardcoded_value(
pair[1][0]):
self.trigger_alarm(project_name, src_file, lineno,
token)
break
except Exception as error:
save_token_detection_exception(
'hard-coded secret detection ' + str(error) + ' ' +
str(token), src_file)
def detect_smell(self, token, project_name, src_file):
try:
if token.__contains__("line"): lineno = token["line"]
if token.__contains__("type"): token_type = token["type"]
if token.__contains__("name"): name = token["name"]
if token.__contains__("value"): value = token["value"]
if token.__contains__("valueSrc"): valueSrc = token["valueSrc"]
if (token_type == "variable" and name is not None
and isinstance(value, str)
and (value is None or len(value) == 0)
and token.__contains__('values') is False
and valueSrc == "initialization"):
for pwd in self.common_passwords:
if (re.match(r'[_A-Za-z0-9-\.]*{pwd}\b'.format(pwd=pwd),
name.lower().strip())
or re.match(
r'\b{pwd}[_A-Za-z0-9-\.]*'.format(pwd=pwd),
name.lower().strip())):
self.trigger_alarm(project_name, src_file, lineno,
token)
break
elif token_type == "dict" and name is not None and token.__contains__(
"pairs"):
for pair in token['pairs']:
for pwd in self.common_passwords:
if (isinstance(pair[0], str) and (re.match(
r'[_A-Za-z0-9-\.]*{pwd}\b'.format(pwd=pwd),
pair[0].lower().strip()) or re.match(
r'\b{pwd}[_A-Za-z0-9-\.]*'.format(pwd=pwd),
pair[0].lower().strip()))
and (pair[1] is None or len(pair[1]) == 0)):
self.trigger_alarm(project_name, src_file, lineno,
token)
elif token_type == "comparison" and token.__contains__("pairs"):
for pair in token["pairs"]:
for pwd in self.common_passwords:
if (isinstance(pair[0], str) and (re.match(
r'[_A-Za-z0-9-\.]*{pwd}\b'.format(pwd=pwd),
pair[0].lower().strip()) or re.match(
r'\b{pwd}[_A-Za-z0-9-\.]*'.format(pwd=pwd),
pair[0].lower().strip())) and
(pair[1] is None or (isinstance(pair[1], str)
and len(pair[1]) == 0))):
self.trigger_alarm(project_name, src_file, lineno,
token)
break
elif token_type == "function_call" and token.__contains__(
'keywords'):
for keyword in token['keywords']:
for pwd in self.common_passwords:
if (len(keyword) == 3 and isinstance(keyword[0], str)
and re.match(
r'[_A-Za-z0-9-]*{pwd}\b'.format(pwd=pwd),
keyword[0].lower().strip()) and
(keyword[1] is None or len(str(keyword[1])) == 0)
and keyword[2] is True):
self.trigger_alarm(project_name, src_file, lineno,
token)
break
elif token_type == "function_def" and token.__contains__(
"args") and token.__contains__("defaults"):
defaults_size = len(token['defaults'])
args = token['args'][-defaults_size:]
for pair in zip(args, token['defaults']):
for pwd in self.common_passwords:
if re.match(r'[_A-Za-z0-9-]*{pwd}\b'.format(
pwd=pwd), pair[0].lower().strip()) and (
pair[1][0] == None or len(str(pair[1][0]))
== 0) and pair[1][1] is True:
self.trigger_alarm(project_name, src_file, lineno,
token)
break
except Exception as error:
save_token_detection_exception(
'empty password detection ' + str(error) + ' ' + str(token),
src_file)
def detect_smell(self, token, project_name, src_file):
try:
if token.__contains__("line"): lineno = token["line"]
if token.__contains__("type"): tokenType = token["type"]
if token.__contains__("name"): name = token["name"]
if token.__contains__("values"): values = token["values"]
if tokenType == "variable" and name is not None and token[
'value'] is not None:
for dir_name in self.unwanted_dir_names:
if ((re.match(
r'[_A-Za-z0-9-]*{dir}\b'.format(dir=dir_name),
name.lower().strip()) or re.match(
r'\b{dir}[_A-Za-z0-9-]*'.format(dir=dir_name),
name.lower().strip()))
and self.is_valid_path(token['value'])):
self.trigger_alarm(project_name, src_file, lineno,
token)
break
elif (
tokenType == "list" or tokenType == "set"
) and token['name'] is not None and token.__contains__('values'):
smell_found = False
for dir_name in self.unwanted_dir_names:
if (re.match(r'[_A-Za-z0-9-]*{dir}\b'.format(dir=dir_name),
name.lower().strip())
or re.match(
r'\b{dir}[_A-Za-z0-9-]*'.format(dir=dir_name),
name.lower().strip())):
for value in token['values']:
if self.is_valid_path(value):
self.trigger_alarm(project_name, src_file,
lineno, token)
smell_found = True
break
if smell_found is True: break
elif tokenType == "dict" and name is not None and token.__contains__(
'pairs'):
smell_found = False
for pair in token['pairs']:
for dir_name in self.unwanted_dir_names:
if ((re.match(
r'[_A-Za-z0-9-]*{dir}\b'.format(dir=dir_name),
pair[0].lower().strip())
or re.match(
r'\b{dir}[_A-Za-z0-9-]*'.format(dir=dir_name),
pair[0].lower().strip()))
and self.is_valid_path(pair[1])):
self.trigger_alarm(project_name, src_file, lineno,
token)
smell_found = True
break
if smell_found is True: break
if tokenType == "function_call" and token.__contains__('keywords'):
for keyword in token['keywords']:
for dir_name in self.unwanted_dir_names:
if (len(keyword) == 2 and
(re.match(
r'[_A-Za-z0-9-]*{dir}\b'.format(dir=dir_name),
keyword[0].lower().strip())
or re.match(
r'\b{dir}[_A-Za-z0-9-]*'.format(dir=dir_name),
keyword[0].lower().strip()))
and self.is_valid_path(keyword[1])):
self.trigger_alarm(project_name, src_file, lineno,
token)
break
except Exception as error:
save_token_detection_exception(
'hard-coded tmp directory detection ' + str(error) + ' ' +
str(token), src_file)
def detect_smell(self, token, project_name, src_file):
try:
if token.__contains__("line"): lineno = token["line"]
if token.__contains__("type"): tokenType = token["type"]
if token.__contains__("name"): name = token["name"]
if token.__contains__("args"): args = token["args"]
if tokenType == "variable" and token.__contains__(
'value') and token.__contains__('valueSrc'):
if token['value'] is not None and self.is_valid_http_url(
token['value']
) and token['valueSrc'] == 'initialization':
self.trigger_alarm(project_name, src_file, lineno, token)
if tokenType == "variable" and token.__contains__('funcKeywords'):
for keyword in token['funcKeywords']:
if keyword[1] is not None and self.is_valid_http_url(
keyword[1]):
self.trigger_alarm(project_name, src_file, lineno,
token)
break
if tokenType == "variable" and token.__contains__(
"valueSrc") and token.__contains__("args"):
args = token['args']
valueSrc = token['valueSrc']
if valueSrc in self.http_libs and len(args) > 0 and args[
0] is not None and self.is_valid_http_url(args[0]):
self.trigger_alarm(project_name, src_file, lineno, token)
elif valueSrc in self.new_http_libs and len(args) > 1 and args[
1] is not None and self.is_valid_http_url(args[1]):
self.trigger_alarm(project_name, src_file, lineno, token)
elif tokenType == "function_call" and name is not None:
if name in self.http_libs and len(args) > 0 and args[
0] is not None and self.is_valid_http_url(args[0]):
self.trigger_alarm(project_name, src_file, lineno, token)
elif name in self.new_http_libs and len(args) > 1 and args[
1] is not None and self.is_valid_http_url(args[1]):
self.trigger_alarm(project_name, src_file, lineno, token)
elif tokenType == "function_def" and token.__contains__(
'return') and token.__contains__(
'returnArgs') and token["return"] is not None:
returnArgs = token['returnArgs']
for func_return in token["return"]:
if func_return in self.http_libs and len(
returnArgs) > 0 and returnArgs[
0] is not None and self.is_valid_http_url(
returnArgs[0]):
self.trigger_alarm(project_name, src_file, lineno,
token)
elif func_return in self.new_http_libs and len(
returnArgs) > 1 and returnArgs[
1] is not None and self.is_valid_http_url(
returnArgs[1]):
self.trigger_alarm(project_name, src_file, lineno,
token)
except Exception as error:
save_token_detection_exception(
'http only detection ' + str(error) + ' ' + str(token),
src_file)