def run_analysis(self, path):
path = os.path.normpath(path)
project_modules = get_modules(os.path.dirname(path))
local_modules = get_directory_modules(os.path.dirname(path))
self.cfg_create_from_file(path, project_modules, local_modules)
cfg_list = [self.cfg]
FrameworkAdaptor(cfg_list, [], [], is_flask_route_function)
initialize_constraint_table(cfg_list)
analyse(cfg_list, analysis_type=ReachingDefinitionsTaintAnalysis)
return vulnerabilities.find_vulnerabilities(
cfg_list,
ReachingDefinitionsTaintAnalysis,
UImode.NORMAL,
VulnerabilityFiles(
default_blackbox_mapping_file,
default_trigger_word_file
)
)
def run_analysis(self, path):
self.cfg_create_from_file(path)
cfg_list = [self.cfg]
FrameworkAdaptor(cfg_list, [], [], is_flask_route_function)
initialize_constraint_table(cfg_list)
analyse(cfg_list, analysis_type=ReachingDefinitionsTaintAnalysis)
return vulnerabilities.find_vulnerabilities(cfg_list, ReachingDefinitionsTaintAnalysis)
def test_find_triggers(self):
self.cfg_create_from_file('example/vulnerable_code/XSS.py')
cfg_list = [self.cfg]
FrameworkAdaptor(cfg_list, [], [], is_flask_route_function)
XSS1 = cfg_list[1]
trigger_words = [('get', [])]
l = vulnerabilities.find_triggers(XSS1.nodes, trigger_words)
self.assert_length(l, expected_length=1)
def run_analysis(self, path):
self.cfg_create_from_file(path)
cfg_list = [self.cfg]
FrameworkAdaptor(cfg_list, [], [], is_django_view_function)
initialize_constraint_table(cfg_list)
analyse(cfg_list, analysis_type=ReachingDefinitionsTaintAnalysis)
trigger_word_file = os.path.join('pyt', 'trigger_definitions', 'django_trigger_words.pyt')
return vulnerabilities.find_vulnerabilities(cfg_list, ReachingDefinitionsTaintAnalysis, trigger_word_file=trigger_word_file)
def run_analysis(self, path):
self.cfg_create_from_file(path)
cfg_list = [self.cfg]
FrameworkAdaptor(cfg_list, [], [], is_flask_route_function)
initialize_constraint_table(cfg_list)
analyse(cfg_list, analysis_type=ReachingDefinitionsTaintAnalysis)
return vulnerabilities.find_vulnerabilities(
cfg_list, ReachingDefinitionsTaintAnalysis, UImode.NORMAL,
VulnerabilityFiles(default_blackbox_mapping_file,
default_trigger_word_file))
def test_build_sanitiser_node_dict(self):
self.cfg_create_from_file('example/vulnerable_code/XSS_sanitised.py')
cfg_list = [self.cfg]
FrameworkAdaptor(cfg_list, [], [], is_flask_route_function)
cfg = cfg_list[1]
cfg_node = Node(None, None, line_number=None, path=None)
sinks_in_file = [vulnerabilities.TriggerNode('replace', ['escape'], cfg_node)]
sanitiser_dict = vulnerabilities.build_sanitiser_node_dict(cfg, sinks_in_file)
self.assert_length(sanitiser_dict, expected_length=1)
self.assertIn('escape', sanitiser_dict.keys())
self.assertEqual(sanitiser_dict['escape'][0], cfg.nodes[3])
