Esempio n. 1
0
 public function analyse()
 {
     $vulnerabilityReporter = new VulnerabilityReporter();
     $currentTaintEnv = new TaintEnvironment();
     $nodeAnalyser = new NodeAnalyser($vulnerabilityReporter);
     foreach ($this->parseTree as $statement) {
         $nodeTaintEnv = $nodeAnalyser->analyse($statement, $currentTaintEnv);
         $currentTaintEnv->updateTaintEnvironment($nodeTaintEnv);
     }
     return $vulnerabilityReporter->getVulnerabilityReport();
 }
Esempio n. 2
0
 private function checkSinkNodes($paramMappings, VulnerabilityReporter $reporter)
 {
     foreach ($this->sinkNodes as $lineNum => $sinkNode) {
         $taintMappings = $sinkNode->getTaints();
         $node = $sinkNode->getNode();
         $finalTaints = array();
         foreach ($taintMappings as $taintResult) {
             $taintResult = $taintResult->copy();
             foreach ($paramMappings as $paramName => $taint) {
                 if ($taintResult->isAffectingParameter($paramName)) {
                     $taintResult->merge($taint);
                 }
                 $finalTaints[] = $taintResult;
             }
         }
         $reporter->runNodeVulnerabilityChecks($node, $finalTaints);
     }
 }