def test_nested_user_defined_function_calls(self):
path = os.path.normpath(
'examples/nested_functions_code/nested_user_defined_function_calls.py'
)
project_modules = get_modules_and_packages(os.path.dirname(path))
local_modules = get_directory_modules(os.path.dirname(path))
self.cfg_create_from_file(path, project_modules, local_modules)
EXPECTED = [
"Entry module", "foo = 'bar'", "save_1_foo = foo",
"save_2_foo = foo", "temp_2_inner_arg = foo",
"inner_arg = temp_2_inner_arg", "Function Entry inner",
"inner_ret_val = inner_arg + 'hey'", "ret_inner = inner_ret_val",
"Exit inner", "foo = save_2_foo", "~call_2 = ret_inner",
"temp_1_outer_arg = ~call_2", "outer_arg = temp_1_outer_arg",
"Function Entry outer", "outer_ret_val = outer_arg + 'hey'",
"ret_outer = outer_ret_val", "Exit outer", "foo = save_1_foo",
"~call_1 = ret_outer", "abc = ~call_1", "Exit module"
]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_from_package_import_star_with_alias(self):
path = os.path.normpath(
'examples/import_test_project/test_from_package_import_star_with_alias.py'
)
project_modules = get_modules_and_packages(os.path.dirname(path))
local_modules = get_directory_modules(os.path.dirname(path))
self.cfg_create_from_file(path, project_modules, local_modules)
EXPECTED = [
"Entry module", "Module Entry package_star_with_alias",
"Module Entry A", "Module Exit A", "Module Entry B",
"Module Exit B", "Module Entry folder", "Module Entry C",
"Module Exit C", "Module Exit folder",
"Module Exit package_star_with_alias", "Function Entry husk.cobia",
"~call_2 = ret_print('A')", "Exit husk.cobia",
"Function Entry meringue.al", "~call_4 = ret_print('B')",
"Exit meringue.al", "Function Entry corn.mousse.pastor",
"~call_6 = ret_print('C')", "Exit corn.mousse.pastor",
"Exit module"
]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_multiple_functions_with_aliases(self):
file_path = os.path.normpath(
'examples/import_test_project/test_multiple_functions_with_aliases.py'
)
project_path = os.path.normpath('examples/import_test_project')
project_modules = get_modules_and_packages(project_path)
local_modules = get_directory_modules(project_path)
self.cfg_create_from_file(file_path, project_modules, local_modules)
EXPECTED = [
"Entry module", "Module Entry A", "Module Exit A",
"temp_1_s = 'mutton'", "s = temp_1_s", "Function Entry B",
"ret_keens = s", "Exit B", "~call_1 = ret_keens", "a = ~call_1",
"save_2_a = a", "temp_2_s = 'tasting'", "s = temp_2_s",
"Function Entry C", "ret_C = s + 'see'", "Exit C", "a = save_2_a",
"~call_2 = ret_C", "b = ~call_2", "save_3_a = a", "save_3_b = b",
"temp_3_s = 'peking'", "s = temp_3_s", "Function Entry D",
"ret_duck_house = s + 'dee'", "Exit D", "a = save_3_a",
"b = save_3_b", "~call_3 = ret_duck_house", "c = ~call_3",
"Exit module"
]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_from_file_import_star(self):
path = os.path.normpath('examples/import_test_project/test_from_file_import_star.py')
project_modules = get_modules_and_packages(os.path.dirname(path))
local_modules = get_directory_modules(os.path.dirname(path))
self.cfg_create_from_file(path, project_modules, local_modules)
EXPECTED = ["Entry module",
"Module Entry A",
"Module Exit A",
"temp_1_s = '60'",
"s = temp_1_s",
"Function Entry B",
"ret_B = s",
"Exit B",
"~call_1 = ret_B",
"temp_2_s = 'minute'",
"s = temp_2_s",
"Function Entry C",
"ret_C = s + 'see'",
"Exit C",
"~call_2 = ret_C",
"temp_3_s = 'IPA'",
"s = temp_3_s",
"Function Entry D",
"ret_D = s + 'dee'",
"Exit D",
"~call_3 = ret_D",
"Exit module"]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_import_as(self):
path = os.path.normpath('examples/import_test_project/test_import_as.py')
project_modules = get_modules_and_packages(os.path.dirname(path))
local_modules = get_directory_modules(os.path.dirname(path))
self.cfg_create_from_file(path, project_modules, local_modules)
EXPECTED = ["Entry module",
"Module Entry A",
"Module Exit A",
"Module Entry A",
"Module Exit A",
"temp_1_s = 'str'",
"s = temp_1_s",
"Function Entry B",
"ret_B = s",
"Exit B",
"~call_1 = ret_B",
"b = ~call_1",
"save_2_b = b",
"temp_2_s = 'sss'",
"s = temp_2_s",
"Function Entry A.B",
"ret_foo.B = s",
"Exit A.B",
"b = save_2_b",
"~call_2 = ret_foo.B",
"c = ~call_2",
"Exit module"]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_relative_level_2(self):
path = os.path.normpath('examples/import_test_project/test_relative_level_2.py')
project_modules = get_modules_and_packages(os.path.dirname(path))
local_modules = get_directory_modules(os.path.dirname(path))
try:
self.cfg_create_from_file(path, project_modules, local_modules)
except Exception as e:
self.assertTrue("OSError('Input needs to be a file. Path: " in repr(e))
self.assertTrue("examples/A.py" in repr(e))
def analyze(file):
files = discover_files([file], "")
nosec_lines = defaultdict(set)
cfg_list = list()
for path in sorted(files):
directory = os.path.dirname(path)
project_modules = get_modules(directory, prepend_module_root=True)
local_modules = get_directory_modules(directory)
tree = generate_ast(path)
cfg = make_cfg(
tree,
project_modules,
local_modules,
path,
allow_local_directory_imports=False
)
cfg_list = [cfg]
framework_route_criteria = is_fastapi_route_function
# Add all the route functions to the cfg_list
FrameworkAdaptor(
cfg_list,
project_modules,
local_modules,
framework_route_criteria
)
initialize_constraint_table(cfg_list)
analyse(cfg_list)
vulnerabilities = find_vulnerabilities(
cfg_list,
default_blackbox_mapping_file,
default_trigger_word_file,
False,
nosec_lines
)
return vulnerabilities
def run_analysis(self, path):
path = os.path.normpath(path)
project_modules = get_modules(os.path.dirname(path))
local_modules = get_directory_modules(os.path.dirname(path))
self.cfg_create_from_file(path, project_modules, local_modules)
cfg_list = [self.cfg]
FrameworkAdaptor(cfg_list, [], [], is_flask_route_function)
initialize_constraint_table(cfg_list)
analyse(cfg_list)
return find_vulnerabilities(cfg_list, default_blackbox_mapping_file,
default_trigger_word_file)
def test_from_dot_dot(self):
file_path = os.path.normpath(
'examples/import_test_project/other_dir/test_from_dot_dot.py')
project_path = os.path.normpath('examples/import_test_project')
project_modules = get_modules_and_packages(project_path)
local_modules = get_directory_modules(project_path)
self.cfg_create_from_file(file_path, project_modules, local_modules)
EXPECTED = [
'Entry module', 'Module Entry A', 'Module Exit A',
'temp_1_s = \'sss\'', 's = temp_1_s', 'Function Entry A.B',
'ret_A.B = s', 'Exit A.B', '~call_1 = ret_A.B', 'c = ~call_1',
'Exit module'
]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_relative_from_directory(self):
file_path = os.path.normpath(
'examples/import_test_project/test_relative_from_directory.py')
project_path = os.path.normpath('examples/import_test_project')
project_modules = get_modules_and_packages(project_path)
local_modules = get_directory_modules(project_path)
self.cfg_create_from_file(file_path, project_modules, local_modules)
EXPECTED = [
"Entry module", "Module Entry bar", "Module Exit bar",
"temp_1_s = 'hey'", "s = temp_1_s", "Function Entry bar.H",
"ret_bar.H = s + 'end'", "Exit bar.H", "~call_1 = ret_bar.H",
"Exit module"
]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_from_package_with_file(self):
file_path = os.path.normpath(
'examples/import_test_project/test_from_package_with_file.py')
project_path = os.path.normpath('examples/import_test_project')
project_modules = get_modules_and_packages(project_path)
local_modules = get_directory_modules(project_path)
self.cfg_create_from_file(file_path, project_modules, local_modules)
EXPECTED = [
"Entry module", "Module Entry package_with_file",
"Module Entry Starbucks", "Module Exit Starbucks",
"Module Exit package_with_file", "Function Entry Starbucks.Tea",
"~call_2 = ret_print('Teavana Green')", "Exit Starbucks.Tea",
"Exit module"
]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_from_package_with_function(self):
file_path = os.path.normpath(
'examples/import_test_project/test_from_package_with_function.py')
project_path = os.path.normpath('examples/import_test_project')
project_modules = get_modules_and_packages(project_path)
local_modules = get_directory_modules(project_path)
self.cfg_create_from_file(file_path, project_modules, local_modules)
EXPECTED = [
"Entry module", "Module Entry package_with_function",
"Module Entry nested_folder_with_init", "Module Entry starbucks",
"Module Exit starbucks", "Module Exit nested_folder_with_init",
"Module Exit package_with_function",
"Function Entry StarbucksVisitor",
"~call_2 = ret_print('Iced Mocha')", "Exit StarbucksVisitor",
"Exit module"
]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
def test_package_with_folder_and_alias(self):
file_path = os.path.normpath(
'examples/import_test_project/test_package_with_folder_and_alias.py'
)
project_path = os.path.normpath('examples/import_test_project')
project_modules = get_modules_and_packages(project_path)
local_modules = get_directory_modules(project_path)
self.cfg_create_from_file(file_path, project_modules, local_modules)
EXPECTED = [
"Entry module", "Module Entry package_with_folder_and_alias",
"Module Entry nested_folder_with_init", "Module Entry moose",
"Module Exit moose", "Module Exit nested_folder_with_init",
"Module Exit package_with_folder_and_alias",
"Function Entry package_with_folder_and_alias.heyo.moose.fast",
"~call_2 = ret_print('real fast')",
"Exit package_with_folder_and_alias.heyo.moose.fast", "Exit module"
]
for node, expected_label in zip(self.cfg.nodes, EXPECTED):
self.assertEqual(node.label, expected_label)
