C# Класс PHPAnalysis.Analysis.CFG.Taint.TaintBlockAnalyzer

Наследование: IBlockAnalyzer
Показать файл Открыть проект Примеры использования класса

Private Properties

Свойство Тип Описание
Analyze ExpressionInfo
AnalyzeAttribute ExpressionInfo
AnalyzeNode ExpressionInfo
AnalyzeScalar ExpressionInfo
AnalyzeSubnode ExpressionInfo
ApplyAnalysisExtensions ExpressionInfo
ApplyAnalysisExtensionsToFuncCall ExpressionInfo
CheckForSQLVulnerabilities void
CheckForXssVulnerabilities void
Expr_Array ExpressionInfo
Expr_AssignOp_Concat ExpressionInfo
Expr_AssignOp_NonSpecial_AlwaysSafe ExpressionInfo
Expr_BinaryOp_BooleanOperator ExpressionInfo
Expr_BinaryOp_Concat ExpressionInfo
Expr_BinaryOp_NonSpecial_AlwaysSafe ExpressionInfo
Expr_BooleanNot ExpressionInfo
Expr_Exit ExpressionInfo
Expr_IncDec ExpressionInfo
Expr_Include ExpressionInfo
Expr_Ternary ExpressionInfo
Expr_UnaryOp_AlwaysSafe ExpressionInfo
Handle_Expr_ArrayItem ValueInfo>.Tuple
InsertIntoStoredLocation void
Node_Echo ExpressionInfo
Node_Expr_ArrayDimFetch ExpressionInfo
Node_Expr_Assign ExpressionInfo
Node_Expr_Cast ExpressionInfo
Node_Expr_Variable ExpressionInfo
Node_FuncCall ExpressionInfo
Node_LDNumbers ExpressionInfo
Node_MethodCall ExpressionInfo
Node_New ExpressionInfo
Scalar_Encapsed ExpressionInfo
Stmt_Foreach ExpressionInfo
Stmt_Global ExpressionInfo
Stmt_Return ExpressionInfo
StoredFuncHandler ExpressionInfo
StoredMethodHandler ExpressionInfo
Subnode_Cond ExpressionInfo
Subnode_Exprs ExpressionInfo
Subnode_Init ExpressionInfo
Subnode_Key ExpressionInfo
Subnode_Value ExpressionInfo
Subnode_WithNode ExpressionInfo
Subnode_WithNodeOrScalar ExpressionInfo
TaintBlockAnalyzer System

Открытые методы

Метод Описание
Analyze ( XmlNode node, ImmutableVariableStorage knownTaint ) : ImmutableVariableStorage
TaintBlockAnalyzer ( IVulnerabilityStorage vulnerabilityStorage, IIncludeResolver inclusionResolver, AnalysisScope scope, Func analyzeTaint, AnalysisStacks stacks, FunctionAndMethodAnalyzerFactory subroutineAnalyzerFactory ) : System

Приватные методы

Метод Описание
Analyze ( XmlNode node ) : ExpressionInfo
AnalyzeAttribute ( XmlNode node ) : ExpressionInfo
AnalyzeNode ( XmlNode node ) : ExpressionInfo
AnalyzeScalar ( XmlNode node ) : ExpressionInfo
AnalyzeSubnode ( XmlNode node ) : ExpressionInfo
ApplyAnalysisExtensions ( XmlNode node, ExpressionInfo currentInfo ) : ExpressionInfo
ApplyAnalysisExtensionsToFuncCall ( XmlNode node, ExpressionInfo currentInfo, ExpressionInfo>.IDictionary argInfos ) : ExpressionInfo

Calls AnalyzeFuncCall on all external components. This was created because we currently do not call Analyze on "Node:Arg", which is needed to let the components find the arguments themselves. TODO: Handle Node:Arg in the analysis explicitly, to allow this.

CheckForSQLVulnerabilities ( ExpressionInfo expressionInfo, XmlNode node ) : void
CheckForXssVulnerabilities ( ExpressionInfo expressionInfo, XmlNode node ) : void
Expr_Array ( XmlNode node ) : ExpressionInfo
Expr_AssignOp_Concat ( XmlNode node ) : ExpressionInfo
Expr_AssignOp_NonSpecial_AlwaysSafe ( XmlNode node ) : ExpressionInfo
Expr_BinaryOp_BooleanOperator ( XmlNode node ) : ExpressionInfo
Expr_BinaryOp_Concat ( XmlNode node ) : ExpressionInfo
Expr_BinaryOp_NonSpecial_AlwaysSafe ( XmlNode node ) : ExpressionInfo
Expr_BooleanNot ( XmlNode node ) : ExpressionInfo
Expr_Exit ( XmlNode node ) : ExpressionInfo
Expr_IncDec ( XmlNode node ) : ExpressionInfo
Expr_Include ( XmlNode node ) : ExpressionInfo
Expr_Ternary ( XmlNode node ) : ExpressionInfo
Expr_UnaryOp_AlwaysSafe ( XmlNode node ) : ExpressionInfo
Handle_Expr_ArrayItem ( XmlNode node ) : ValueInfo>.Tuple
InsertIntoStoredLocation ( ExpressionInfo expressionInfo, XmlNode node ) : void
Node_Echo ( XmlNode node ) : ExpressionInfo
Node_Expr_ArrayDimFetch ( XmlNode node ) : ExpressionInfo
Node_Expr_Assign ( XmlNode node ) : ExpressionInfo
Node_Expr_Cast ( XmlNode node ) : ExpressionInfo
Node_Expr_Variable ( XmlNode node ) : ExpressionInfo
Node_FuncCall ( XmlNode node ) : ExpressionInfo
Node_LDNumbers ( XmlNode node ) : ExpressionInfo
Node_MethodCall ( XmlNode node ) : ExpressionInfo
Node_New ( XmlNode node ) : ExpressionInfo
Scalar_Encapsed ( XmlNode node ) : ExpressionInfo
Stmt_Foreach ( XmlNode node ) : ExpressionInfo
Stmt_Global ( XmlNode node ) : ExpressionInfo
Stmt_Return ( XmlNode node ) : ExpressionInfo
StoredFuncHandler ( ExpressionInfo exprInfo, XmlNode node, List argInfos ) : ExpressionInfo
StoredMethodHandler ( ExpressionInfo exprInfo, XmlNode node ) : ExpressionInfo
Subnode_Cond ( XmlNode node ) : ExpressionInfo
Subnode_Exprs ( XmlNode node ) : ExpressionInfo
Subnode_Init ( XmlNode node ) : ExpressionInfo
Subnode_Key ( XmlNode node ) : ExpressionInfo
Subnode_Value ( XmlNode node ) : ExpressionInfo
Subnode_WithNode ( XmlNode node ) : ExpressionInfo
Subnode_WithNodeOrScalar ( XmlNode node ) : ExpressionInfo
TaintBlockAnalyzer ( ) : System

Описание методов

Analyze() публичный метод

public Analyze ( XmlNode node, ImmutableVariableStorage knownTaint ) : ImmutableVariableStorage
node System.Xml.XmlNode
knownTaint ImmutableVariableStorage
Результат ImmutableVariableStorage

TaintBlockAnalyzer() публичный метод

public TaintBlockAnalyzer ( IVulnerabilityStorage vulnerabilityStorage, IIncludeResolver inclusionResolver, AnalysisScope scope, Func analyzeTaint, AnalysisStacks stacks, FunctionAndMethodAnalyzerFactory subroutineAnalyzerFactory ) : System
vulnerabilityStorage IVulnerabilityStorage
inclusionResolver IIncludeResolver
scope AnalysisScope
analyzeTaint Func
stacks AnalysisStacks
subroutineAnalyzerFactory FunctionAndMethodAnalyzerFactory
Результат System