public function analyse() { $vulnerabilityReporter = new VulnerabilityReporter(); $currentTaintEnv = new TaintEnvironment(); $nodeAnalyser = new NodeAnalyser($vulnerabilityReporter); foreach ($this->parseTree as $statement) { $nodeTaintEnv = $nodeAnalyser->analyse($statement, $currentTaintEnv); $currentTaintEnv->updateTaintEnvironment($nodeTaintEnv); } return $vulnerabilityReporter->getVulnerabilityReport(); }
protected function resolveStmtTaintEnvironment(Stmt $exp, TaintEnvironment $taintEnv) { if ($exp instanceof Return_) { return $this->resolveReturnStatementTaintEnvironment($exp, $taintEnv); } else { return parent::resolveStmtTaintEnvironment($exp, $taintEnv); } }