public function analyse()
{
$vulnerabilityReporter = new VulnerabilityReporter();
$currentTaintEnv = new TaintEnvironment();
$nodeAnalyser = new NodeAnalyser($vulnerabilityReporter);
foreach ($this->parseTree as $statement) {
$nodeTaintEnv = $nodeAnalyser->analyse($statement, $currentTaintEnv);
$currentTaintEnv->updateTaintEnvironment($nodeTaintEnv);
}
return $vulnerabilityReporter->getVulnerabilityReport();
}
private function checkSinkNodes($paramMappings, VulnerabilityReporter $reporter)
{
foreach ($this->sinkNodes as $lineNum => $sinkNode) {
$taintMappings = $sinkNode->getTaints();
$node = $sinkNode->getNode();
$finalTaints = array();
foreach ($taintMappings as $taintResult) {
$taintResult = $taintResult->copy();
foreach ($paramMappings as $paramName => $taint) {
if ($taintResult->isAffectingParameter($paramName)) {
$taintResult->merge($taint);
}
$finalTaints[] = $taintResult;
}
}
$reporter->runNodeVulnerabilityChecks($node, $finalTaints);
}
}
