"lineNumbers": "true",
"viewportMargin": 800
},
)
submit = SubmitField("Submit", render_kw={"class": "btn btn-primary"})
SECRET_KEY = "secret!"
# mandatory
CODEMIRROR_LANGUAGES = ["fortran"]
# optional
CODEMIRROR_ADDONS = (("display", "placeholder"), )
app = Flask(__name__)
app.config.from_object(__name__)
codemirror = CodeMirror(app)
@app.route("/")
def index():
form = MyForm()
if form.validate_on_submit():
form.source_code.data
return render_template("index.html", form=form, code="")
@app.errorhandler(For2PyError)
def handle_invalid_usage(error):
response = jsonify(error.to_dict())
response.status_code = error.status_code
flash(response.json["message"])
class Server:
app = Flask(__name__)
app.config.update(
CODEMIRROR_LANGUAGES=[
'php', 'htmlmixed', 'xml', 'css', 'javascript', 'clike', 'python'
],
SECRET_KEY='change_this',
CODEMIRROR_THEME='ambiance',
)
codemirror = CodeMirror(app)
@app.context_processor
def inject_configuration():
configuration = {
"description":
"""This is a taint analysis tool for the PHP language and it makes use of Static Taint Analysis + Symbolic Execution to achieve high recall and high precision. This analysis tool was written using the framework designed and implemented as part of the project.""",
"title": "Taint'em All"
}
return configuration
@app.route("/analyze", methods=["POST"])
def analyzeEndpoint():
form = MyForm()
if form.validate_on_submit():
profile = request.form.get('profile')
start = time.time()
CFGForest, taintedSink, stats, err = analyze(
form.source_code.data, profile)
end = time.time()
timetaken = (end - start)
if err:
return json.dumps({"error": err.message}), 400
sinks = []
profileJson = profiles.getProfiles()
if profile in profileJson:
profile = profileJson[profile]
for sink in taintedSink:
sinkDict = dict()
sinkDict['startLine'] = sink.startLine
sinkDict['endLine'] = sink.endLine
sinkDict['state'] = sink.state
sinks.append(sinkDict)
graph = ""
if CFGForest:
graphviz = Source(CFGForest.generateGraphViz(True))
graphviz.format = 'svg'
graph = graphviz.pipe().decode('utf-8')
return json.dumps({
'sinks': sinks,
'graph': graph,
'stats': stats,
'profile': profile,
'timetaken': timetaken
})
@app.route('/getModuleInfo', methods=["POST"])
def getModuleInfo():
filename = request.form.get('filename')
return json.dumps(modules.getModuleInfo(filename))
@app.route("/modules", methods=["GET"])
def showModules():
moduleList = modules.getModules()
form = ModuleForm()
form.source_code.data = form.source_code.data or defaultModuleCode
return render_template('modules.html', modules=moduleList, form=form)
@app.route("/addModule", methods=["POST"])
def addModule():
form = MyForm()
if modules.addModule(form.source_code.data):
return ""
else:
return json.dumps({"error": "something went wrong."}), 400
@app.route("/deleteModule", methods=["POST"])
def deleteModule():
if modules.deleteModule(request.form.get('filename')):
return ""
else:
return json.dumps({"error": "something went wrong."}), 400
@app.route("/editModule", methods=["POST"])
def editModule():
form = MyForm()
filename = request.form.get('filename')
print filename
if modules.editModule(filename, form.source_code.data):
return ""
else:
return json.dumps({"error": "something went wrong."}), 400
@app.route("/addProfile", methods=["POST"])
def addProfile():
if profiles.addProfile(request.form.get('profileName'), []):
return ""
else:
return json.dumps({"error": "something went wrong."}), 400
@app.route("/updateProfile", methods=["POST"])
def editProfile():
profileName = request.form.get('profileName')
delete = request.form.get('delete')
module = request.form.get('module')
traversal = request.form.get('traversal')
profileJson = profiles.getProfiles()
if profileName not in profileJson:
return json.dumps({"error": "something went wrong."}), 400
profile = profileJson[profileName]
if delete == None:
if module != None:
temp = importlib.import_module("Module.%s" % module)
className = getAnalyzerClassName(temp)
if len(profile) == 0:
return json.dumps({"error": "Add a traversal first."}), 400
profile[-1]['modules'].append(
("Module.%s" % module, temp.name))
if profiles.updateProfile(profileName, profile):
return ""
elif traversal != None:
profile.append({'traversal': traversal, 'modules': []})
if profiles.updateProfile(profileName, profile):
return ""
else:
if module != None:
traversal = int(traversal)
module = int(module)
if traversal <= len(
profile
) and traversal > 0 and module > 0 and module <= len(
profile[traversal - 1]['modules']):
del profile[traversal - 1]['modules'][module - 1]
print profile
if profiles.updateProfile(profileName, profile):
return ""
elif traversal != None:
traversal = int(traversal)
if traversal <= len(profile) and traversal > 0:
del profile[traversal - 1]
if profiles.updateProfile(profileName, profile):
return ""
return json.dumps({"error": "something went wrong."})
@app.route("/deleteProfile", methods=["POST"])
def deleteProfile():
if profiles.deleteProfile(request.form.get('profileName')):
return ""
else:
return json.dumps({"error": "something went wrong."})
@app.route("/profile", methods=["GET"])
def viewProfile():
profile = request.args.get('name')
moduleList = modules.getModules()
traversalList = modules.getTraversals()
profileJson = profiles.getProfiles()
if profile in profileJson:
return render_template('profile.html',
traversals=traversalList,
modules=moduleList,
profile=profileJson[profile],
name=profile)
else:
return json.dumps({"error": "something went wrong."}), 400
@app.route("/profiles", methods=["GET"])
def showProfiles():
profileJson = profiles.getProfiles()
return render_template('profiles.html', profiles=profileJson)
@app.route("/", methods=["GET"])
def analysisForm():
form = MyForm()
profileJson = profiles.getProfiles()
form.source_code.data = form.source_code.data or defaultCode
return render_template('analysis.html',
profiles=profileJson,
form=form)
def run(self):
self.app.run(port=8080, debug=True, threaded=True)
def test_exception(self):
app.config['CODEMIRROR_LANGUAGES'] = None
with self.assertRaises(CodeMirrorConfigException):
CodeMirror(app)
import os
from flask import Flask, current_app
from flask_admin import Admin
from flask_bootstrap import Bootstrap
from flask_sqlalchemy import SQLAlchemy
from flask_codemirror import CodeMirror
import jinja2_highlight
app = Flask(__name__)
with app.app_context():
current_app.jinja_options = dict(Flask.jinja_options)
current_app.jinja_options.setdefault('extensions', [])
current_app.jinja_options['extensions'].append('jinja2_highlight.HighlightExtension')
current_app.config.from_object('config')
bootstrap = Bootstrap(current_app)
db = SQLAlchemy(current_app)
admin = Admin(current_app, name='quiz', template_mode='bootstrap3', url='/assmin')
codemirror = CodeMirror(current_app)
from quiz.models import import_db
import quiz.views
if not os.path.exists(os.path.join(app.config['BASE_DIR'], 'app.db')):
db.create_all()
import_db()
import quiz.admin