From 644e256756c456ecc2bf6cce3539cec9406fc0c7 Mon Sep 17 00:00:00 2001 From: Robert Haimerl Date: Thu, 12 Oct 2023 12:46:38 +0200 Subject: [PATCH 1/8] use main commit via jitpack --- cloudpg/build.gradle.kts | 6 ++++ .../java/io/clouditor/graph/ValueResolver.kt | 12 +++---- .../frontends/ruby/DeclarationHandler.kt | 4 +-- .../graph/frontends/ruby/ExpressionHandler.kt | 8 +++-- .../frontends/ruby/RubyLanguageFrontend.kt | 32 +++++++++++-------- .../graph/frontends/ruby/StatementHandler.kt | 8 ++--- .../java/io/clouditor/graph/passes/Azure.kt | 23 ++++++------- .../graph/passes/DFGExtensionPass.kt | 1 + .../graph/passes/DatabaseOperationPass.kt | 6 ++-- .../graph/passes/HttpStatusCodesPass.kt | 4 +-- .../graph/passes/LabelExtractionPass.kt | 4 +-- .../graph/passes/golang/GinGonicPass.kt | 11 +++---- .../graph/passes/golang/GoCryptoPass.kt | 2 +- .../graph/passes/golang/GolangHttpPass.kt | 9 ++---- .../passes/golang/GolangHttpRequestPass.kt | 7 ++-- .../graph/passes/java/JaxRsClientPass.kt | 12 +++---- .../clouditor/graph/passes/js/JSHttpPass.kt | 5 ++- .../graph/passes/python/CryptographyPass.kt | 4 +-- .../graph/passes/ruby/WebBrickPass.kt | 8 ++--- 19 files changed, 80 insertions(+), 86 deletions(-) diff --git a/cloudpg/build.gradle.kts b/cloudpg/build.gradle.kts index 026c4d7..0e760aa 100644 --- a/cloudpg/build.gradle.kts +++ b/cloudpg/build.gradle.kts @@ -70,6 +70,11 @@ repositories { dependencies { implementation("org.junit.jupiter:junit-jupiter:5.7.0") + + // Move to JitPack dependency for newer versions + implementation("com.github.Fraunhofer-AISEC.cpg:cpg:a63fef15cb") + + /** val version = "7.1.2" implementation("de.fraunhofer.aisec:cpg-core:$version") @@ -79,6 +84,7 @@ dependencies { implementation("de.fraunhofer.aisec:cpg-language-typescript:$version") implementation("de.fraunhofer.aisec:cpg-language-java:$version") implementation("de.fraunhofer.aisec:cpg-language-cxx:$version") + */ implementation("com.fasterxml.jackson.module:jackson-module-kotlin:2.13.+") implementation ("org.xmlunit:xmlunit-core:2.9.0") diff --git a/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt b/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt index e5b160b..f2b11bd 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/ValueResolver.kt @@ -46,7 +46,7 @@ open class ValueResolver( when (expr) { is KeyValueExpression -> return resolve(expr.value) is Literal<*> -> return expr.value?.toString() ?: "" - is DeclaredReferenceExpression -> return resolveDeclaration(expr.refersTo) + is Reference -> return resolveDeclaration(expr.refersTo) is BinaryOperator -> { // resolve lhs val lhsValue = resolve(expr.lhs) @@ -119,10 +119,8 @@ open class ValueResolver( is CastExpression -> { return this.resolve(expr.expression) } - is ArraySubscriptionExpression -> { - val array = - (expr.arrayExpression as? DeclaredReferenceExpression)?.refersTo as? - VariableDeclaration + is SubscriptExpression -> { + val array = (expr.arrayExpression as? Reference)?.refersTo as? VariableDeclaration val ile = array?.initializer as? InitializerListExpression ile?.let { @@ -146,9 +144,9 @@ open class ValueResolver( val rhs = resolve((expr.condition as? BinaryOperator)?.rhs) return if (lhs == rhs) { - resolve(expr.thenExpr) + resolve(expr.thenExpression) } else { - resolve(expr.elseExpr) + resolve(expr.elseExpression) } } diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt index 4ecbb7e..ec509b6 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt @@ -3,7 +3,7 @@ package io.clouditor.graph.frontends.ruby import de.fraunhofer.aisec.cpg.frontends.Handler import de.fraunhofer.aisec.cpg.graph.declarations.Declaration import de.fraunhofer.aisec.cpg.graph.declarations.ProblemDeclaration -import de.fraunhofer.aisec.cpg.graph.newParamVariableDeclaration +import de.fraunhofer.aisec.cpg.graph.newParameterDeclaration import de.fraunhofer.aisec.cpg.graph.types.UnknownType import org.jruby.ast.* @@ -19,7 +19,7 @@ class DeclarationHandler(lang: RubyLanguageFrontend) : return null } - return newParamVariableDeclaration( + return newParameterDeclaration( node.name.idString(), UnknownType.getUnknownType(frontend.language), false, diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt index ab569f5..29114bd 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt @@ -3,8 +3,10 @@ package io.clouditor.graph.frontends.ruby import de.fraunhofer.aisec.cpg.frontends.Handler import de.fraunhofer.aisec.cpg.graph.* import de.fraunhofer.aisec.cpg.graph.statements.Statement +import de.fraunhofer.aisec.cpg.graph.statements.expressions.Block import de.fraunhofer.aisec.cpg.graph.statements.expressions.Expression import de.fraunhofer.aisec.cpg.graph.statements.expressions.ProblemExpression +import de.fraunhofer.aisec.cpg.graph.statements.expressions.Reference import de.fraunhofer.aisec.cpg.graph.types.UnknownType import org.jruby.ast.* import org.jruby.ast.Node @@ -60,7 +62,7 @@ class ExpressionHandler(lang: RubyLanguageFrontend) : return null } - return newDeclaredReferenceExpression( + return Reference( node.name.idString(), UnknownType.getUnknownType(language), frontend.getCodeFromRawNode(node) @@ -81,7 +83,7 @@ class ExpressionHandler(lang: RubyLanguageFrontend) : // either a binary operator or a variable declaration val lhs = - newDeclaredReferenceExpression( + Reference( name.idString(), UnknownType.getUnknownType(language), frontend.getCodeFromRawNode(node) @@ -160,7 +162,7 @@ class ExpressionHandler(lang: RubyLanguageFrontend) : val def = newDeclarationStatement(frontend.getCodeFromRawNode(node)) def.singleDeclaration = func - val cse = newCompoundStatementExpression(frontend.getCodeFromRawNode(node)) + val cse = Block(frontend.getCodeFromRawNode(node)) cse.statement = def return cse diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt index 4d43c98..274c0fe 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt @@ -3,9 +3,11 @@ package io.clouditor.graph.frontends.ruby import de.fraunhofer.aisec.cpg.TranslationContext import de.fraunhofer.aisec.cpg.frontends.Language import de.fraunhofer.aisec.cpg.frontends.LanguageFrontend +import de.fraunhofer.aisec.cpg.graph.Node import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration import de.fraunhofer.aisec.cpg.graph.newFunctionDeclaration import de.fraunhofer.aisec.cpg.graph.newTranslationUnitDeclaration +import de.fraunhofer.aisec.cpg.graph.types.Type import de.fraunhofer.aisec.cpg.sarif.PhysicalLocation import java.io.File import org.checkerframework.checker.nullness.qual.NonNull @@ -18,7 +20,7 @@ import org.jruby.parser.ParserConfiguration class RubyLanguageFrontend( language: Language, ctx: @NonNull TranslationContext -) : LanguageFrontend(language, ctx) { +) : LanguageFrontend(language, ctx) { val declarationHandler: DeclarationHandler = DeclarationHandler(this) val expressionHandler: ExpressionHandler = ExpressionHandler(this) val statementHandler: StatementHandler = StatementHandler(this) @@ -39,15 +41,29 @@ class RubyLanguageFrontend( return handleRootNode(node, file) } + override fun codeOf(astNode: Node): String { + return "" + } + + override fun locationOf(astNode: Node): PhysicalLocation? { + return null + } + + override fun typeOf(type: Type): Type { + TODO("Not yet implemented") + } + + override fun setComment(node: Node, astNode: Node) {} + private fun handleRootNode(node: RootNode, file: File): TranslationUnitDeclaration { - val tu = newTranslationUnitDeclaration(node.file, getCodeFromRawNode(node)) + val tu = newTranslationUnitDeclaration(node.file, codeOf(node)) scopeManager.resetToGlobal(tu) // wrap everything into a virtual global function because we only have declarations on the // top val func = - newFunctionDeclaration(file.nameWithoutExtension + "_global", getCodeFromRawNode(node)) + newFunctionDeclaration(file.nameWithoutExtension + "_global", codeOf(node)) scopeManager.enterScope(func) @@ -59,14 +75,4 @@ class RubyLanguageFrontend( return tu } - - override fun getCodeFromRawNode(astNode: T): String? { - return "" - } - - override fun getLocationFromRawNode(astNode: T): PhysicalLocation? { - return null - } - - override fun setComment(s: S, ctx: T) {} } diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt index c561ecd..925286a 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt @@ -1,11 +1,11 @@ package io.clouditor.graph.frontends.ruby import de.fraunhofer.aisec.cpg.frontends.Handler -import de.fraunhofer.aisec.cpg.graph.newCompoundStatement +import de.fraunhofer.aisec.cpg.graph.newBlock import de.fraunhofer.aisec.cpg.graph.newReturnStatement -import de.fraunhofer.aisec.cpg.graph.statements.CompoundStatement import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement import de.fraunhofer.aisec.cpg.graph.statements.Statement +import de.fraunhofer.aisec.cpg.graph.statements.expressions.Block import de.fraunhofer.aisec.cpg.graph.statements.expressions.ProblemExpression import org.jruby.ast.BlockNode import org.jruby.ast.Node @@ -17,13 +17,13 @@ class StatementHandler(lang: RubyLanguageFrontend) : map.put(BlockNode::class.java, ::handleBlockNode) } - private fun handleBlockNode(blockNode: Node): CompoundStatement? { + private fun handleBlockNode(blockNode: Node): Block? { if (blockNode !is BlockNode) { return null } blockNode.containsVariableAssignment() - val compoundStatement = newCompoundStatement(frontend.getCodeFromRawNode(blockNode)) + val compoundStatement = newBlock(frontend.getCodeFromRawNode(blockNode)) for (node in blockNode) { val statement = frontend.expressionHandler.handle(node) diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt index 61b6622..1c1c9de 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/Azure.kt @@ -20,10 +20,7 @@ import de.fraunhofer.aisec.cpg.TranslationContext import de.fraunhofer.aisec.cpg.TranslationResult import de.fraunhofer.aisec.cpg.graph.Name import de.fraunhofer.aisec.cpg.graph.Node -import de.fraunhofer.aisec.cpg.graph.declarations.ParamVariableDeclaration -import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration -import de.fraunhofer.aisec.cpg.graph.declarations.ValueDeclaration -import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration +import de.fraunhofer.aisec.cpg.graph.declarations.* import de.fraunhofer.aisec.cpg.graph.statements.expressions.* import de.fraunhofer.aisec.cpg.passes.TranslationResultPass import de.fraunhofer.aisec.cpg.processing.IVisitor @@ -120,7 +117,7 @@ class AzureClientSDKPass(ctx: TranslationContext) : TranslationResultPass(ctx) { if (next is ValueDeclaration) { next } else { - (next as DeclaredReferenceExpression).refersTo as ValueDeclaration? + (next as Reference).refersTo as ValueDeclaration? } } @@ -145,7 +142,7 @@ class AzureClientSDKPass(ctx: TranslationContext) : TranslationResultPass(ctx) { (it.end as MemberCallExpression).base?.name?.localName == "getBlobClient" && (((it.end as CallExpression).callee as MemberCallExpression).base as - DeclaredReferenceExpression) + Reference) .refersTo == client } @@ -154,7 +151,7 @@ class AzureClientSDKPass(ctx: TranslationContext) : TranslationResultPass(ctx) { if (next is ValueDeclaration) { next } else { - (next as DeclaredReferenceExpression).refersTo as ValueDeclaration? + (next as Reference).refersTo as ValueDeclaration? } append?.let { @@ -179,9 +176,8 @@ class AzureClientSDKPass(ctx: TranslationContext) : TranslationResultPass(ctx) { base.followEOG { it.end is MemberCallExpression && ((it.end as MemberCallExpression).base == base || - ((it.end as MemberCallExpression).base is DeclaredReferenceExpression && - ((it.end as MemberCallExpression).base as DeclaredReferenceExpression) - .refersTo == base)) + ((it.end as MemberCallExpression).base is Reference && + ((it.end as MemberCallExpression).base as Reference).refersTo == base)) } return path?.last()?.end as? MemberCallExpression @@ -222,16 +218,15 @@ class AzureClientSDKPass(ctx: TranslationContext) : TranslationResultPass(ctx) { // documented as a graph query in the paper // first parameter is always an input stream - val inputStreamRef = c.arguments[0] as DeclaredReferenceExpression + val inputStreamRef = c.arguments[0] as Reference val inputStream = inputStreamRef.refersTo as VariableDeclaration val newExpression = inputStream.initializer as NewExpression val construct = newExpression.initializer as ConstructExpression // this is very hacky, but we assume that it is always a new // ByteArrayInputStream(s.getBytes(StandardCharsets.UTF_8)) - val sRef = - (construct.arguments[0] as MemberCallExpression).base as DeclaredReferenceExpression - val s = sRef.refersTo as ParamVariableDeclaration + val sRef = (construct.arguments[0] as MemberCallExpression).base as Reference + val s = sRef.refersTo as ParameterDeclaration // follow val param = s.followDFGReverse { it.second.name.localName == "password" } diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt index 64524fd..032023d 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt @@ -7,6 +7,7 @@ import de.fraunhofer.aisec.cpg.graph.declarations.FieldDeclaration import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression import de.fraunhofer.aisec.cpg.graph.statements.expressions.KeyValueExpression import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberExpression +import de.fraunhofer.aisec.cpg.graph.types.HasType import de.fraunhofer.aisec.cpg.graph.types.ObjectType import de.fraunhofer.aisec.cpg.graph.types.Type import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt index f429917..6f29e8c 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DatabaseOperationPass.kt @@ -5,7 +5,7 @@ import de.fraunhofer.aisec.cpg.TranslationResult import de.fraunhofer.aisec.cpg.graph.Node import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression -import de.fraunhofer.aisec.cpg.graph.statements.expressions.DeclaredReferenceExpression +import de.fraunhofer.aisec.cpg.graph.statements.expressions.Reference import de.fraunhofer.aisec.cpg.passes.TranslationResultPass import io.clouditor.graph.* @@ -77,13 +77,13 @@ abstract class DatabaseOperationPass(ctx: TranslationContext) : TranslationResul // them as well if (target is VariableDeclaration) { target.nextDFG.forEach { - if (it is DeclaredReferenceExpression && it.refersTo == target) { + if (it is Reference && it.refersTo == target) { map[it] = obj } } // sometimes there is only an EOG edge but not a DFG target.nextEOG.forEach { - if (it is DeclaredReferenceExpression && it.refersTo == target) { + if (it is Reference && it.refersTo == target) { map[it] = obj } } diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt index ad41adb..d3d93f0 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/HttpStatusCodesPass.kt @@ -2,8 +2,8 @@ package io.clouditor.graph.passes import de.fraunhofer.aisec.cpg.TranslationContext import de.fraunhofer.aisec.cpg.TranslationResult -import de.fraunhofer.aisec.cpg.graph.statements.CompoundStatement import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement +import de.fraunhofer.aisec.cpg.graph.statements.expressions.Block import de.fraunhofer.aisec.cpg.passes.TranslationResultPass import io.clouditor.graph.HttpEndpoint @@ -14,7 +14,7 @@ class HttpStatusCodesPass(ctx: TranslationContext) : TranslationResultPass(ctx) override fun accept(result: TranslationResult) { result.additionalNodes.filterIsInstance(HttpEndpoint::class.java).forEach { - (it.handler?.body as CompoundStatement).statements.forEach { + (it.handler?.body as Block).statements.forEach { if (it is ReturnStatement) { // TODO } diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt index e841319..855d7d9 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt @@ -11,8 +11,8 @@ import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration import de.fraunhofer.aisec.cpg.graph.statements.DeclarationStatement import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement import de.fraunhofer.aisec.cpg.graph.statements.expressions.AssignExpression -import de.fraunhofer.aisec.cpg.graph.statements.expressions.DeclaredReferenceExpression import de.fraunhofer.aisec.cpg.graph.statements.expressions.Expression +import de.fraunhofer.aisec.cpg.graph.statements.expressions.Reference import de.fraunhofer.aisec.cpg.helpers.SubgraphWalker import de.fraunhofer.aisec.cpg.passes.GoExtraPass import de.fraunhofer.aisec.cpg.passes.TranslationResultPass @@ -305,7 +305,7 @@ class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx) } is AssignExpression -> { val variableDeclarations = - node.lhs.filterIsInstance().map { it.refersTo } + node.lhs.filterIsInstance().map { it.refersTo } variableDeclarations.forEach { addLabelToDFGBorderEdges(it as Node, label) } } else -> { diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt index 0f1bd2c..644ffca 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt @@ -112,10 +112,8 @@ class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) { tu: TranslationUnitDeclaration, m: MemberCallExpression ) { - if (m.base is DeclaredReferenceExpression && - clients.containsKey((m.base as DeclaredReferenceExpression).refersTo) - ) { - val client = clients[(m.base as DeclaredReferenceExpression).refersTo] + if (m.base is Reference && clients.containsKey((m.base as Reference).refersTo)) { + val client = clients[(m.base as Reference).refersTo] val app = result.findApplicationByTU(tu) if (m.name.localName == "GET" || m.name.localName == "POST" || m.name.localName == "PUT" @@ -124,8 +122,7 @@ class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) { // Any references to FunctionDeclarations seem to be null; // It does not matter whether we do it indirectly (f := post_data) val funcDeclaration = - (m.arguments.getOrNull(1) as? DeclaredReferenceExpression)?.refersTo as? - FunctionDeclaration + (m.arguments.getOrNull(1) as? Reference)?.refersTo as? FunctionDeclaration val endpoint = HttpEndpoint( NoAuthentication(), @@ -194,7 +191,7 @@ class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) { private fun handleBind(m: MemberCallExpression, e: HttpEndpoint) { if (m.name.localName == "BindJSON" || m.name.localName == "Bind") { val obj = (m.arguments.firstOrNull() as UnaryOperator).input - if (obj is DeclaredReferenceExpression) { + if (obj is Reference) { obj.refersTo?.let { e.addNextDFG(it) } } else { e.addNextDFG(obj) diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt index 287acf7..ab97138 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt @@ -46,7 +46,7 @@ class GoCryptoPass(ctx: TranslationContext) : TranslationResultPass(ctx) { ) { if (c.name.toString() == "ed25519.Sign") { // the text that is signed is the second argument - val textToBeSigned = c.arguments[1] as DeclaredReferenceExpression + val textToBeSigned = c.arguments[1] as Reference val plainText = textToBeSigned.refersTo as? VariableDeclaration val signature = Signature(plainText, c.nextDFG.firstOrNull() as? VariableDeclaration) t += signature diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt index fba981c..44ed25f 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt @@ -57,13 +57,10 @@ class GolangHttpPass(ctx: TranslationContext) : HttpClientPass(ctx) { tu: TranslationUnitDeclaration?, m: MemberCallExpression ) { - if (m.base is DeclaredReferenceExpression && - clients.containsKey((m.base as DeclaredReferenceExpression).refersTo) - ) { - val client = clients[(m.base as DeclaredReferenceExpression).refersTo] + if (m.base is Reference && clients.containsKey((m.base as Reference).refersTo)) { + val client = clients[(m.base as Reference).refersTo] - val funcDeclaration = - (m.arguments[1] as? DeclaredReferenceExpression)?.refersTo as? FunctionDeclaration + val funcDeclaration = (m.arguments[1] as? Reference)?.refersTo as? FunctionDeclaration val literal = m.arguments.first() as? Literal<*> literal.let { val endpoint = diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt index 2db620f..cac3523 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt @@ -46,9 +46,7 @@ class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) { val requestFunction = c.invokes.firstOrNull() // TODO (old) request body: the default value is not correctly set, so we use the // value that has a dfg edge to the request parameter - val body = - requestFunction?.prevDFG?.firstOrNull { it is DeclaredReferenceExpression } as - DeclaredReferenceExpression + val body = requestFunction?.prevDFG?.firstOrNull { it is Reference } as Reference if (c.name.toString() == "http.PostForm") { createHttpRequest( result, @@ -65,8 +63,7 @@ class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) { (c.arguments[0] as? Literal)?.value ?: "", c, "PUT", - requestFunction?.parameters?.get(1)?.prevDFG?.firstOrNull() as? - DeclaredReferenceExpression, + requestFunction?.parameters?.get(1)?.prevDFG?.firstOrNull() as? Reference, app ) } else if (c.toString() == "http.Get") { diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsClientPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsClientPass.kt index b792bd4..5c97391 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsClientPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/java/JaxRsClientPass.kt @@ -55,7 +55,7 @@ class JaxRsClientPass(ctx: TranslationContext) : HttpClientPass(ctx) { tu: TranslationUnitDeclaration ) { var builder: VariableDeclaration? = null - val builderRefs = mutableListOf() + val builderRefs = mutableListOf() // look for the builder itself, probably it is the DFG target val pair = followDFGTargetToDeclaration(r) @@ -81,7 +81,7 @@ class JaxRsClientPass(ctx: TranslationContext) : HttpClientPass(ctx) { creationCall: CallExpression, tu: TranslationUnitDeclaration ) { - val clientRefs = mutableListOf() + val clientRefs = mutableListOf() // look for the client itself, probably it is the DFG target val pair = followDFGTargetToDeclaration(creationCall) @@ -168,14 +168,12 @@ class JaxRsClientPass(ctx: TranslationContext) : HttpClientPass(ctx) { } } - private fun followDFGTargetToDeclaration( - n: Node - ): Pair? { + private fun followDFGTargetToDeclaration(n: Node): Pair? { // get the next dfg - val ref = n.nextDFG.filterIsInstance().firstOrNull() + val ref = n.nextDFG.filterIsInstance().firstOrNull() // it is probably a ref, so we need to follow it back to the declaration - if (ref is DeclaredReferenceExpression) { + if (ref is Reference) { return Pair(ref, ref.refersTo) } diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt index 44b4746..af96122 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/js/JSHttpPass.kt @@ -76,8 +76,7 @@ class JSHttpPass(ctx: TranslationContext) : TranslationResultPass(ctx) { return if ((mce.name.localName == "onPost" || mce.name.localName == "onGet" || mce.name.localName == "post" || - mce.name.localName == "get") && - (mce.base as? DeclaredReferenceExpression)?.refersTo == v + mce.name.localName == "get") && (mce.base as? Reference)?.refersTo == v ) { val path: String = unRegex((mce.arguments.first() as? Literal<*>)?.value as? String ?: "/") @@ -108,7 +107,7 @@ class JSHttpPass(ctx: TranslationContext) : TranslationResultPass(ctx) { e: HttpEndpoint ) { if (me.name.localName == "body" && - fd.parameters.first() == (me.base as? DeclaredReferenceExpression)?.refersTo + fd.parameters.first() == (me.base as? Reference)?.refersTo ) { // set the DFG target of this call to the DFG target of our http endpoints me.nextDFG.forEach { e.addNextDFG(it) } diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt index f884f7b..72c0354 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt @@ -35,7 +35,7 @@ class CryptographyPass(ctx: TranslationContext) : TranslationResultPass(ctx) { fun visit(t: MemberCallExpression) { // look for key.sign() if (t.name.localName == "sign") { - val privateKey = t.base as DeclaredReferenceExpression + val privateKey = t.base as Reference // FIXME: As with the other issues, the DeclaredReferenceExpression is // missing its target (refersTo) val generator = @@ -59,7 +59,7 @@ class CryptographyPass(ctx: TranslationContext) : TranslationResultPass(ctx) { mce: MemberCallExpression ) { // TODO check if it is always the first one - val textToBeSignedExpression = mce.arguments.first() as DeclaredReferenceExpression + val textToBeSignedExpression = mce.arguments.first() as Reference val plainText = textToBeSignedExpression.refersTo as VariableDeclaration val signature = Signature(plainText, mce.nextDFG.first() as VariableDeclaration) t += signature diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt index cb0368a..a895643 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt @@ -74,12 +74,10 @@ class WebBrickPass(ctx: TranslationContext) : TranslationResultPass(ctx) { if (init is MemberCallExpression && init.name.localName == "split") { if (init.base is MemberCallExpression && - (init.base as MemberCallExpression).base is - DeclaredReferenceExpression + (init.base as MemberCallExpression).base is Reference ) { - if (((init.base as MemberCallExpression).base as - DeclaredReferenceExpression) - .refersTo == req + if (((init.base as MemberCallExpression).base as Reference).refersTo == + req ) { path = path.appendPath("{fragment}") } From 5f174f9f5b301ed75089a57067cf249cb158d5c0 Mon Sep 17 00:00:00 2001 From: Robert Haimerl Date: Mon, 23 Oct 2023 10:08:25 +0200 Subject: [PATCH 2/8] Delete the Ruby Frontend and move it to the CPG --- .../frontends/ruby/DeclarationHandler.kt | 29 --- .../graph/frontends/ruby/ExpressionHandler.kt | 182 ------------------ .../graph/frontends/ruby/RubyLanguage.kt | 61 ------ .../frontends/ruby/RubyLanguageFrontend.kt | 78 -------- .../graph/frontends/ruby/StatementHandler.kt | 50 ----- 5 files changed, 400 deletions(-) delete mode 100644 cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt delete mode 100644 cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt delete mode 100644 cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguage.kt delete mode 100644 cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt delete mode 100644 cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt deleted file mode 100644 index ec509b6..0000000 --- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/DeclarationHandler.kt +++ /dev/null @@ -1,29 +0,0 @@ -package io.clouditor.graph.frontends.ruby - -import de.fraunhofer.aisec.cpg.frontends.Handler -import de.fraunhofer.aisec.cpg.graph.declarations.Declaration -import de.fraunhofer.aisec.cpg.graph.declarations.ProblemDeclaration -import de.fraunhofer.aisec.cpg.graph.newParameterDeclaration -import de.fraunhofer.aisec.cpg.graph.types.UnknownType -import org.jruby.ast.* - -class DeclarationHandler(lang: RubyLanguageFrontend) : - Handler({ ProblemDeclaration() }, lang) { - - init { - map.put(ArgumentNode::class.java, ::handleArgumentNode) - } - - private fun handleArgumentNode(node: Node?): Declaration? { - if (node !is ArgumentNode) { - return null - } - - return newParameterDeclaration( - node.name.idString(), - UnknownType.getUnknownType(frontend.language), - false, - frontend.getCodeFromRawNode(node) - ) - } -} diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt deleted file mode 100644 index 29114bd..0000000 --- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/ExpressionHandler.kt +++ /dev/null @@ -1,182 +0,0 @@ -package io.clouditor.graph.frontends.ruby - -import de.fraunhofer.aisec.cpg.frontends.Handler -import de.fraunhofer.aisec.cpg.graph.* -import de.fraunhofer.aisec.cpg.graph.statements.Statement -import de.fraunhofer.aisec.cpg.graph.statements.expressions.Block -import de.fraunhofer.aisec.cpg.graph.statements.expressions.Expression -import de.fraunhofer.aisec.cpg.graph.statements.expressions.ProblemExpression -import de.fraunhofer.aisec.cpg.graph.statements.expressions.Reference -import de.fraunhofer.aisec.cpg.graph.types.UnknownType -import org.jruby.ast.* -import org.jruby.ast.Node - -class ExpressionHandler(lang: RubyLanguageFrontend) : - Handler({ ProblemExpression() }, lang) { - - init { - map.put(CallNode::class.java, ::handleCallNode) - map.put(FCallNode::class.java, ::handleFCallNode) - map.put(IterNode::class.java, ::handleIterNode) - map.put(StrNode::class.java, ::handleStrNode) - map.put(DVarNode::class.java, ::handleDVarNode) - map.put(AttrAssignNode::class.java, ::handleAttrAssignNode) - map.put(AssignableNode::class.java, ::handleAssignableNode) - } - - private fun handleFCallNode(node: Node?): Statement? { - if (node !is FCallNode) { - return null - } - // TODO - return null - } - - private fun handleAttrAssignNode(node: Node?): Statement? { - if (node !is AttrAssignNode) { - return null - } - - val binOp = newBinaryOperator("=", frontend.getCodeFromRawNode(node)) - - val base = - this.handle(node.receiverNode) as? Expression - ?: return ProblemExpression("could not parse base") - val expr = - newMemberExpression( - node.name.idString(), - base, - UnknownType.getUnknownType(frontend.language), - "=", - frontend.getCodeFromRawNode(base) - ) - - binOp.lhs = expr - (this.handle(node.argsNode) as? Expression)?.let { binOp.rhs = it } - - return expr - } - - private fun handleDVarNode(node: Node?): Statement? { - if (node !is DVarNode) { - return null - } - - return Reference( - node.name.idString(), - UnknownType.getUnknownType(language), - frontend.getCodeFromRawNode(node) - ) - } - - private fun handleAssignableNode(node: Node?): Statement? { - if (node !is DAsgnNode && node !is LocalAsgnNode) { - return null - } - - val name = - if (node is DAsgnNode) { - node.name - } else { - (node as LocalAsgnNode).name - } - - // either a binary operator or a variable declaration - val lhs = - Reference( - name.idString(), - UnknownType.getUnknownType(language), - frontend.getCodeFromRawNode(node) - ) - val rhs = this.handle((node as AssignableNode).valueNode) as? Expression - - // can we resolve it? - var decl = frontend.scopeManager.resolveReference(lhs) - - if (decl == null) { - val stmt = newDeclarationStatement(frontend.getCodeFromRawNode(node)) - decl = - newVariableDeclaration( - lhs.name, - UnknownType.getUnknownType(language), - frontend.getCodeFromRawNode(node), - false - ) - decl.initializer = rhs - - stmt.singleDeclaration = decl - - return stmt - } - - val binOp = newBinaryOperator("=", frontend.getCodeFromRawNode(node)) - binOp.lhs = lhs - rhs?.let { binOp.rhs = it } - - return binOp - } - - private fun handleCallNode(node: Node): Expression? { - if (node !is CallNode) { - return null - } - - val base = - handle(node.receiverNode) as? Expression - ?: return ProblemExpression("could not parse base") - val callee = newMemberExpression(node.name.asJavaString(), base) - - val mce = newMemberCallExpression(callee, false, frontend.getCodeFromRawNode(node)) - - for (arg in node.argsNode?.childNodes() ?: emptyList()) { - mce.addArgument(handle(arg) as Expression) - } - - // add the iterNode as last argument - node.iterNode?.let { mce.addArgument(handle(it) as Expression) } - - return mce - } - - private fun handleIterNode(node: Node): Expression? { - if (node !is IterNode) { - return null - } - - // a complete hack, to handle iter nodes, which is sort of a lambda expression - // so we create an anonymous function declaration out of the bodyNode and varNode - // and a declared reference expressions to that anonymous function - val func = newFunctionDeclaration("", frontend.getCodeFromRawNode(node)) - - frontend.scopeManager.enterScope(func) - - for (arg in node.argsNode.args) { - val param = frontend.declarationHandler.handle(arg) - frontend.scopeManager.addDeclaration(param) - } - - func.body = frontend.statementHandler.handle(node.bodyNode) - - frontend.scopeManager.leaveScope(func) - - val def = newDeclarationStatement(frontend.getCodeFromRawNode(node)) - def.singleDeclaration = func - - val cse = Block(frontend.getCodeFromRawNode(node)) - cse.statement = def - - return cse - } - - private fun handleStrNode(node: Node): Expression? { - if (node !is StrNode) { - return null - } - - return newLiteral( - String(node.value.bytes()), - parseType("string"), - frontend.getCodeFromRawNode(node) - ) - } -} diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguage.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguage.kt deleted file mode 100644 index 9d26683..0000000 --- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguage.kt +++ /dev/null @@ -1,61 +0,0 @@ -package io.clouditor.graph.frontends.ruby - -import de.fraunhofer.aisec.cpg.ScopeManager -import de.fraunhofer.aisec.cpg.frontends.* -import de.fraunhofer.aisec.cpg.graph.Name -import de.fraunhofer.aisec.cpg.graph.declarations.RecordDeclaration -import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberExpression -import de.fraunhofer.aisec.cpg.graph.types.* -import kotlin.reflect.KClass - -/** The Ruby Language */ -class RubyLanguage() : - Language(), - HasDefaultArguments, - HasClasses, - HasSuperClasses, - HasShortCircuitOperators { - override val fileExtensions = listOf("rb") - override val namespaceDelimiter = "::" - @Transient override val frontend: KClass = RubyLanguageFrontend::class - override val superClassKeyword = "super" - override val conjunctiveOperators = listOf("&&") - override val disjunctiveOperators = listOf("||") - - @Transient - /** See [The RubySpec](https://github.com/ruby/spec) */ - override val builtInTypes = - mapOf( - // The bit width of the Integer type in Ruby is only limited by your memory - "Integer" to IntegerType("Integer", null, this, NumericType.Modifier.SIGNED), - "Float" to FloatingPointType("Float", 64, this, NumericType.Modifier.SIGNED), - "String" to StringType("String", this), - // The bit width of Booleans is not defined in the specification and - // implementation-dependant - "Boolean" to BooleanType("Boolean", null, this, NumericType.Modifier.NOT_APPLICABLE) - ) - - override val compoundAssignmentOperators = - setOf( - "+=", // Addition assignment - "-=", // Subtraction assignment - "*=", // Multiplication assignment - "/=", // Division assignment - "%=", // Modulo assignment - "**=", // Exponentiation assignment - "<<=", // Left shift assignment - ">>=", // Right shift assignment - "&=", // Bitwise AND assignment - "|=", // Bitwise OR assignment - "^=" // Bitwise XOR assignment - ) - - override fun handleSuperCall( - callee: MemberExpression, - curClass: RecordDeclaration, - scopeManager: ScopeManager, - recordMap: Map - ): Boolean { - TODO("Not yet implemented") - } -} diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt deleted file mode 100644 index 274c0fe..0000000 --- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/RubyLanguageFrontend.kt +++ /dev/null @@ -1,78 +0,0 @@ -package io.clouditor.graph.frontends.ruby - -import de.fraunhofer.aisec.cpg.TranslationContext -import de.fraunhofer.aisec.cpg.frontends.Language -import de.fraunhofer.aisec.cpg.frontends.LanguageFrontend -import de.fraunhofer.aisec.cpg.graph.Node -import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration -import de.fraunhofer.aisec.cpg.graph.newFunctionDeclaration -import de.fraunhofer.aisec.cpg.graph.newTranslationUnitDeclaration -import de.fraunhofer.aisec.cpg.graph.types.Type -import de.fraunhofer.aisec.cpg.sarif.PhysicalLocation -import java.io.File -import org.checkerframework.checker.nullness.qual.NonNull -import org.jruby.Ruby -import org.jruby.ast.BlockNode -import org.jruby.ast.RootNode -import org.jruby.parser.Parser -import org.jruby.parser.ParserConfiguration - -class RubyLanguageFrontend( - language: Language, - ctx: @NonNull TranslationContext -) : LanguageFrontend(language, ctx) { - val declarationHandler: DeclarationHandler = DeclarationHandler(this) - val expressionHandler: ExpressionHandler = ExpressionHandler(this) - val statementHandler: StatementHandler = StatementHandler(this) - - override fun parse(file: File): TranslationUnitDeclaration { - val ruby = Ruby.getGlobalRuntime() - val parser = Parser(ruby) - - val node = - parser.parse( - file.path, - file.inputStream(), - null, - ParserConfiguration(ruby, 0, false, true, false) - ) as - RootNode - - return handleRootNode(node, file) - } - - override fun codeOf(astNode: Node): String { - return "" - } - - override fun locationOf(astNode: Node): PhysicalLocation? { - return null - } - - override fun typeOf(type: Type): Type { - TODO("Not yet implemented") - } - - override fun setComment(node: Node, astNode: Node) {} - - private fun handleRootNode(node: RootNode, file: File): TranslationUnitDeclaration { - val tu = newTranslationUnitDeclaration(node.file, codeOf(node)) - - scopeManager.resetToGlobal(tu) - - // wrap everything into a virtual global function because we only have declarations on the - // top - val func = - newFunctionDeclaration(file.nameWithoutExtension + "_global", codeOf(node)) - - scopeManager.enterScope(func) - - func.body = statementHandler.handle(node.bodyNode as BlockNode) - - scopeManager.leaveScope(func) - - scopeManager.addDeclaration(func) - - return tu - } -} diff --git a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt b/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt deleted file mode 100644 index 925286a..0000000 --- a/cloudpg/src/main/java/io/clouditor/graph/frontends/ruby/StatementHandler.kt +++ /dev/null @@ -1,50 +0,0 @@ -package io.clouditor.graph.frontends.ruby - -import de.fraunhofer.aisec.cpg.frontends.Handler -import de.fraunhofer.aisec.cpg.graph.newBlock -import de.fraunhofer.aisec.cpg.graph.newReturnStatement -import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement -import de.fraunhofer.aisec.cpg.graph.statements.Statement -import de.fraunhofer.aisec.cpg.graph.statements.expressions.Block -import de.fraunhofer.aisec.cpg.graph.statements.expressions.ProblemExpression -import org.jruby.ast.BlockNode -import org.jruby.ast.Node - -class StatementHandler(lang: RubyLanguageFrontend) : - Handler({ ProblemExpression() }, lang) { - - init { - map.put(BlockNode::class.java, ::handleBlockNode) - } - - private fun handleBlockNode(blockNode: Node): Block? { - if (blockNode !is BlockNode) { - return null - } - - blockNode.containsVariableAssignment() - val compoundStatement = newBlock(frontend.getCodeFromRawNode(blockNode)) - - for (node in blockNode) { - val statement = frontend.expressionHandler.handle(node) - statement?.let { compoundStatement.addStatement(it) } - } - - val statements = compoundStatement.statements - - // get the last statement - var lastStatement: Statement? = null - if (statements.isNotEmpty()) { - lastStatement = statements[statements.size - 1] - } - - // add an implicit return statement, if there is none - if (lastStatement !is ReturnStatement) { - val returnStatement = newReturnStatement("return") - returnStatement.isImplicit = true - compoundStatement.addStatement(returnStatement) - } - - return compoundStatement - } -} From dad483a35a61f42863c2c3e7a5a3ffee7bd82b48 Mon Sep 17 00:00:00 2001 From: Robert Haimerl Date: Mon, 23 Oct 2023 10:08:51 +0200 Subject: [PATCH 3/8] remove reference to RubyFrontend --- cloudpg/src/main/java/io/clouditor/graph/App.kt | 2 -- 1 file changed, 2 deletions(-) diff --git a/cloudpg/src/main/java/io/clouditor/graph/App.kt b/cloudpg/src/main/java/io/clouditor/graph/App.kt index 7d00549..b0dfbca 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/App.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/App.kt @@ -14,7 +14,6 @@ import de.fraunhofer.aisec.cpg.graph.Node import de.fraunhofer.aisec.cpg.graph.allChildren import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration import de.fraunhofer.aisec.cpg.helpers.Benchmark -import io.clouditor.graph.frontends.ruby.RubyLanguage import io.clouditor.graph.nodes.Builder import io.clouditor.graph.passes.* import io.clouditor.graph.passes.golang.* @@ -121,7 +120,6 @@ object App : Callable { TranslationConfiguration.builder() .topLevel(rootPath.toFile()) .sourceLocations(paths.map { rootPath.resolve(it).toFile() }) - .registerLanguage(RubyLanguage()) .registerLanguage(JavaLanguage()) .registerLanguage(CPPLanguage()) .registerLanguage(CLanguage()) From 7a1ef067f4cf09e7606d4353f39fce07368c1ada Mon Sep 17 00:00:00 2001 From: Robert Haimerl Date: Mon, 23 Oct 2023 10:18:38 +0200 Subject: [PATCH 4/8] adapt to v8 --- .../java/io/clouditor/graph/passes/DFGExtensionPass.kt | 3 +-- .../java/io/clouditor/graph/passes/ruby/WebBrickPass.kt | 8 +++----- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt index 032023d..67ac061 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/DFGExtensionPass.kt @@ -2,7 +2,6 @@ package io.clouditor.graph.passes import de.fraunhofer.aisec.cpg.TranslationContext import de.fraunhofer.aisec.cpg.TranslationResult -import de.fraunhofer.aisec.cpg.graph.HasType import de.fraunhofer.aisec.cpg.graph.declarations.FieldDeclaration import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression import de.fraunhofer.aisec.cpg.graph.statements.expressions.KeyValueExpression @@ -91,7 +90,7 @@ class DFGExtensionPass(ctx: TranslationContext) : TranslationResultPass(ctx) { visitedfields: MutableSet = mutableSetOf() ): MutableSet { var fields: MutableSet = mutableSetOf() - node.possibleSubTypes.map { it -> + node.assignedTypes.map { it -> val oType: ObjectType? = dereferenceToObjectType(it) oType?.let { fields = it.recordDeclaration!!.fields.toMutableSet() diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt index a895643..c7a287b 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt @@ -7,7 +7,6 @@ import de.fraunhofer.aisec.cpg.graph.Node import de.fraunhofer.aisec.cpg.graph.declarations.FunctionDeclaration import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration -import de.fraunhofer.aisec.cpg.graph.statements.CompoundStatement import de.fraunhofer.aisec.cpg.graph.statements.DeclarationStatement import de.fraunhofer.aisec.cpg.graph.statements.expressions.* import de.fraunhofer.aisec.cpg.passes.TranslationResultPass @@ -56,16 +55,15 @@ class WebBrickPass(ctx: TranslationContext) : TranslationResultPass(ctx) { var path: String = (mce.arguments.first() as? Literal<*>)?.value as? String ?: "/" val func = - ((mce.arguments[mce.arguments.size - 1] as? CompoundStatementExpression) - ?.statement as? - DeclarationStatement) + ((mce.arguments[mce.arguments.size - 1] as? Block) + ?.statements?.map { it as? DeclarationStatement })?.filterNotNull()?.first() ?.singleDeclaration as? FunctionDeclaration val req = func?.parameters?.get(0) // check, if path is further split - (func?.body as? CompoundStatement)?.statements?.forEach { statement -> + (func?.body as? Block)?.statements?.forEach { statement -> // just look for the pattern for now if (statement is DeclarationStatement && statement.singleDeclaration is VariableDeclaration From 1f1f45042dccd19a2c9265ec691e3e4461b7b11e Mon Sep 17 00:00:00 2001 From: Robert Haimerl Date: Mon, 23 Oct 2023 11:11:04 +0200 Subject: [PATCH 5/8] upgrade CPG to v8.0.0-alpha2 --- cloudpg/build.gradle.kts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cloudpg/build.gradle.kts b/cloudpg/build.gradle.kts index 0e760aa..43750ca 100644 --- a/cloudpg/build.gradle.kts +++ b/cloudpg/build.gradle.kts @@ -72,7 +72,7 @@ dependencies { implementation("org.junit.jupiter:junit-jupiter:5.7.0") // Move to JitPack dependency for newer versions - implementation("com.github.Fraunhofer-AISEC.cpg:cpg:a63fef15cb") + implementation("com.github.Fraunhofer-AISEC.cpg:cpg:v8.0.0-alpha.2") /** val version = "7.1.2" From 89cdcfcd76b6d62ae15c3a968ac6bd3599a28ada Mon Sep 17 00:00:00 2001 From: Robert Haimerl Date: Mon, 23 Oct 2023 11:11:22 +0200 Subject: [PATCH 6/8] update Pass dependencies --- .../java/io/clouditor/graph/passes/golang/GinGonicPass.kt | 4 ---- .../java/io/clouditor/graph/passes/golang/GoCryptoPass.kt | 4 ---- .../io/clouditor/graph/passes/python/CryptographyPass.kt | 6 ++---- .../java/io/clouditor/graph/passes/python/FlaskPass.kt | 6 ++---- .../java/io/clouditor/graph/passes/python/PyMongoPass.kt | 6 ++---- .../java/io/clouditor/graph/passes/python/RequestsPass.kt | 6 ++---- .../java/io/clouditor/graph/passes/ruby/WebBrickPass.kt | 7 +++++-- 7 files changed, 13 insertions(+), 26 deletions(-) diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt index 644ffca..de6e5df 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt @@ -10,10 +10,8 @@ import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration import de.fraunhofer.aisec.cpg.graph.parseName import de.fraunhofer.aisec.cpg.graph.statements.expressions.* import de.fraunhofer.aisec.cpg.graph.types.PointerType -import de.fraunhofer.aisec.cpg.passes.CallResolver import de.fraunhofer.aisec.cpg.passes.GoExtraPass import de.fraunhofer.aisec.cpg.passes.TranslationResultPass -import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver import de.fraunhofer.aisec.cpg.passes.order.DependsOn import de.fraunhofer.aisec.cpg.passes.order.ExecuteBefore import de.fraunhofer.aisec.cpg.processing.IVisitor @@ -23,8 +21,6 @@ import io.clouditor.graph.passes.KubernetesPass import io.clouditor.graph.testing.LocalTestingPass @DependsOn(GoExtraPass::class) -@DependsOn(CallResolver::class) -@DependsOn(VariableUsageResolver::class) @ExecuteBefore(LocalTestingPass::class) @ExecuteBefore(KubernetesPass::class) class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) { diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt index ab97138..f56a2a8 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt @@ -6,10 +6,8 @@ import de.fraunhofer.aisec.cpg.graph.Node import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration import de.fraunhofer.aisec.cpg.graph.statements.expressions.* -import de.fraunhofer.aisec.cpg.passes.CallResolver import de.fraunhofer.aisec.cpg.passes.GoExtraPass import de.fraunhofer.aisec.cpg.passes.TranslationResultPass -import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver import de.fraunhofer.aisec.cpg.passes.order.DependsOn import de.fraunhofer.aisec.cpg.processing.IVisitor import de.fraunhofer.aisec.cpg.processing.strategy.Strategy @@ -18,8 +16,6 @@ import io.clouditor.graph.nodes.Signature @Suppress("UNUSED_PARAMETER") @DependsOn(GoExtraPass::class) -@DependsOn(CallResolver::class) -@DependsOn(VariableUsageResolver::class) class GoCryptoPass(ctx: TranslationContext) : TranslationResultPass(ctx) { override fun cleanup() {} diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt index 72c0354..96d6f12 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/CryptographyPass.kt @@ -6,9 +6,8 @@ import de.fraunhofer.aisec.cpg.graph.Node import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration import de.fraunhofer.aisec.cpg.graph.statements.expressions.* -import de.fraunhofer.aisec.cpg.passes.CallResolver +import de.fraunhofer.aisec.cpg.passes.SymbolResolver import de.fraunhofer.aisec.cpg.passes.TranslationResultPass -import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver import de.fraunhofer.aisec.cpg.passes.order.DependsOn import de.fraunhofer.aisec.cpg.processing.IVisitor import de.fraunhofer.aisec.cpg.processing.strategy.Strategy @@ -16,8 +15,7 @@ import io.clouditor.graph.* import io.clouditor.graph.nodes.Signature @Suppress("UNUSED_PARAMETER") -@DependsOn(CallResolver::class) -@DependsOn(VariableUsageResolver::class) +@DependsOn(SymbolResolver::class) class CryptographyPass(ctx: TranslationContext) : TranslationResultPass(ctx) { override fun cleanup() { diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt index 2c56c7a..1afdf58 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/FlaskPass.kt @@ -10,17 +10,15 @@ import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration import de.fraunhofer.aisec.cpg.graph.statements.ReturnStatement import de.fraunhofer.aisec.cpg.graph.statements.expressions.* -import de.fraunhofer.aisec.cpg.passes.CallResolver +import de.fraunhofer.aisec.cpg.passes.SymbolResolver import de.fraunhofer.aisec.cpg.passes.TranslationResultPass -import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver import de.fraunhofer.aisec.cpg.passes.order.DependsOn import de.fraunhofer.aisec.cpg.processing.IVisitor import de.fraunhofer.aisec.cpg.processing.strategy.Strategy import io.clouditor.graph.* @Suppress("UNUSED_PARAMETER") -@DependsOn(CallResolver::class) -@DependsOn(VariableUsageResolver::class) +@DependsOn(SymbolResolver::class) class FlaskPass(ctx: TranslationContext) : TranslationResultPass(ctx) { // for now, assume, that we have one Flask application per analysis // this might not be the case everytime diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt index 499d114..2658abf 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/PyMongoPass.kt @@ -6,8 +6,7 @@ import de.fraunhofer.aisec.cpg.graph.Node import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberExpression -import de.fraunhofer.aisec.cpg.passes.CallResolver -import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver +import de.fraunhofer.aisec.cpg.passes.SymbolResolver import de.fraunhofer.aisec.cpg.passes.order.DependsOn import de.fraunhofer.aisec.cpg.processing.IVisitor import de.fraunhofer.aisec.cpg.processing.strategy.Strategy @@ -17,8 +16,7 @@ import io.clouditor.graph.passes.DatabaseOperationPass import java.net.URI @Suppress("UNUSED_PARAMETER") -@DependsOn(CallResolver::class) -@DependsOn(VariableUsageResolver::class) +@DependsOn(SymbolResolver::class) class PyMongoPass(ctx: TranslationContext) : DatabaseOperationPass(ctx) { val clients: MutableMap = mutableMapOf() diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt index 3bda002..9012a96 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/python/RequestsPass.kt @@ -5,16 +5,14 @@ import de.fraunhofer.aisec.cpg.TranslationResult import de.fraunhofer.aisec.cpg.graph.Node import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration import de.fraunhofer.aisec.cpg.graph.statements.expressions.* -import de.fraunhofer.aisec.cpg.passes.CallResolver -import de.fraunhofer.aisec.cpg.passes.VariableUsageResolver +import de.fraunhofer.aisec.cpg.passes.SymbolResolver import de.fraunhofer.aisec.cpg.passes.order.DependsOn import de.fraunhofer.aisec.cpg.processing.IVisitor import de.fraunhofer.aisec.cpg.processing.strategy.Strategy import io.clouditor.graph.* import io.clouditor.graph.passes.HttpClientPass -@DependsOn(CallResolver::class) -@DependsOn(VariableUsageResolver::class) +@DependsOn(SymbolResolver::class) class RequestsPass(ctx: TranslationContext) : HttpClientPass(ctx) { override fun cleanup() { diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt index c7a287b..e1545a3 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/ruby/WebBrickPass.kt @@ -55,8 +55,11 @@ class WebBrickPass(ctx: TranslationContext) : TranslationResultPass(ctx) { var path: String = (mce.arguments.first() as? Literal<*>)?.value as? String ?: "/" val func = - ((mce.arguments[mce.arguments.size - 1] as? Block) - ?.statements?.map { it as? DeclarationStatement })?.filterNotNull()?.first() + ((mce.arguments[mce.arguments.size - 1] as? Block)?.statements?.map { + it as? DeclarationStatement + }) + ?.filterNotNull() + ?.first() ?.singleDeclaration as? FunctionDeclaration From f364ae998f86e9e753a899c29f8d19b628ea405d Mon Sep 17 00:00:00 2001 From: Robert Haimerl Date: Mon, 30 Oct 2023 10:31:20 +0100 Subject: [PATCH 7/8] specify target file names to fix missing translationUnits --- .../io/clouditor/graph/DetectabilityTest.kt | 24 +++++++------- .../java/io/clouditor/graph/DisclosureTest.kt | 8 ++--- .../io/clouditor/graph/IdentifiabilityTest.kt | 32 +++++++++---------- .../io/clouditor/graph/LinkabilityTest.kt | 32 +++++++++---------- .../io/clouditor/graph/NonRepudiationTest.kt | 32 +++++++++---------- .../graph/PolicyNonComplianceTest.kt | 24 +++++++------- .../io/clouditor/graph/UnawarenessTest.kt | 16 +++++----- .../{client.go => client1.go} | 0 .../{client.py => client1.py} | 0 .../Go-validation/{client.go => client1.go} | 0 .../{client.py => client1.py} | 0 .../Go-validation/{client.go => client1.go} | 0 .../{client.py => client1.py} | 0 13 files changed, 84 insertions(+), 84 deletions(-) rename ppg-testing-library/Non-Repudiation/NR5-non-repudiation-of-retrieved-data/Go-DigitalSignature/{client.go => client1.go} (100%) rename ppg-testing-library/Non-Repudiation/NR5-non-repudiation-of-retrieved-data/Python-DigitalSignature/{client.py => client1.py} (100%) rename ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Go-validation/{client.go => client1.go} (100%) rename ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Python-validation/{client.py => client1.py} (100%) rename ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-retrieval/Go-validation/{client.go => client1.go} (100%) rename ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-retrieval/Python-validation/{client.py => client1.py} (100%) diff --git a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt index 3f1afbf..00b433d 100644 --- a/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt +++ b/cloudpg/src/test/java/io/clouditor/graph/DetectabilityTest.kt @@ -19,7 +19,7 @@ open class DetectabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Detectability/D2-detectable-communication/Python" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(i:PseudoIdentifier)--()-[:DFG*]->(:HttpRequest) RETURN p" ) assertEquals(1, result.count()) @@ -43,7 +43,7 @@ open class DetectabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Detectability/D2-detectable-communication/Python-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(i:PseudoIdentifier)--()-[:DFG*]->(:HttpRequest) RETURN p" ) // we expect exactly one threat path @@ -58,7 +58,7 @@ open class DetectabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Detectability/D2-detectable-communication/Go" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(i:PseudoIdentifier)--()-[:DFG*]->(:HttpRequest) RETURN p" ) assertEquals(2, result.count()) @@ -85,7 +85,7 @@ open class DetectabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Detectability/D2-detectable-communication/Go-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(i:PseudoIdentifier)--()-[:DFG*]->(:HttpRequest) RETURN p" ) // we expect exactly one threat path @@ -102,7 +102,7 @@ open class DetectabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Detectability/D4-detectable-at-storage/Go" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(he:HttpEndpoint)-[:DFG*]->(ds:DatabaseStorage) WHERE (he)--(:FunctionDeclaration)-[:EOG*]->({name:\"HttpStatus.CONFLICT\"}) RETURN p" ) assertEquals(2, result.count()) @@ -116,7 +116,7 @@ open class DetectabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Detectability/D4-detectable-at-storage/Go-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(he:HttpEndpoint)-[:DFG*]->(ds:DatabaseStorage) WHERE (he)--(:FunctionDeclaration)-[:EOG*]->({name:\"HttpStatus.CONFLICT\"}) RETURN p" ) assertEquals(0, result.count()) @@ -130,7 +130,7 @@ open class DetectabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Detectability/D4-detectable-at-storage/Python" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(he:HttpEndpoint)-[:DFG*]->(ds:DatabaseStorage) WHERE (he)--(:FunctionDeclaration)-[:EOG*]->({name:\"HttpStatus.CONFLICT\"}) RETURN p" ) assertEquals(2, result.count()) @@ -144,7 +144,7 @@ open class DetectabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Detectability/D4-detectable-at-storage/Python-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(he:HttpEndpoint)-[:DFG*]->(ds:DatabaseStorage) WHERE (he)--(:FunctionDeclaration)-[:EOG*]->({name:\"HttpStatus.CONFLICT\"}) RETURN p" ) assertEquals(0, result.count()) @@ -158,7 +158,7 @@ open class DetectabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Detectability/D5-detectable-at-retrieval/Go" ), - listOf(Path(".")), + listOf(Path("client1.go"), Path("client2.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:HttpEndpoint)-[:DFG*]->(ds:DatabaseStorage) WHERE (:HttpRequest)-[:DFG*]->()<-[:DFG]-(ds) AND (:HttpEndpoint)--(:FunctionDeclaration)-[:EOG*]->({name:\"HttpStatus.NOT_FOUND\"}) RETURN p" ) assertEquals(2, result.count()) @@ -172,7 +172,7 @@ open class DetectabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Detectability/D5-detectable-at-retrieval/Go-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:HttpEndpoint)-[:DFG*]->(ds:DatabaseStorage) WHERE (:HttpRequest)-[:DFG*]->()<-[:DFG]-(ds) AND (:HttpEndpoint)--(:FunctionDeclaration)-[:EOG*]->({name:\"HttpStatus.NOT_FOUND\"}) RETURN p" ) assertEquals(0, result.count()) @@ -186,7 +186,7 @@ open class DetectabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Detectability/D5-detectable-at-retrieval/Python" ), - listOf(Path(".")), + listOf(Path("client1.py"), Path("client2.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:HttpEndpoint)-[:DFG*]->(ds:DatabaseStorage) WHERE (:HttpRequest)-[:DFG*]->()<-[:DFG]-(ds) AND (:HttpEndpoint)--(:FunctionDeclaration)-[:EOG*]->({name:\"HttpStatus.NOT_FOUND\"}) RETURN p" ) assertEquals(2, result.count()) @@ -200,7 +200,7 @@ open class DetectabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Detectability/D5-detectable-at-retrieval/Python-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:HttpEndpoint)-[:DFG*]->(ds:DatabaseStorage) WHERE (:HttpRequest)-[:DFG*]->()<-[:DFG]-(ds) AND (:HttpEndpoint)--(:FunctionDeclaration)-[:EOG*]->({name:\"HttpStatus.NOT_FOUND\"}) RETURN p" ) assertEquals(0, result.count()) diff --git a/cloudpg/src/test/java/io/clouditor/graph/DisclosureTest.kt b/cloudpg/src/test/java/io/clouditor/graph/DisclosureTest.kt index 1eaebc9..31f3491 100644 --- a/cloudpg/src/test/java/io/clouditor/graph/DisclosureTest.kt +++ b/cloudpg/src/test/java/io/clouditor/graph/DisclosureTest.kt @@ -18,7 +18,7 @@ open class DisclosureTest { System.getProperty("user.dir") + "/../ppg-testing-library/Disclosure/unencrypted-transmission/Go" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:ProxiedEndpoint) WHERE NOT EXISTS ((h)--(:TransportEncryption)) RETURN p" ) assertEquals(2, result.count()) @@ -43,7 +43,7 @@ open class DisclosureTest { System.getProperty("user.dir") + "/../ppg-testing-library/Disclosure/unencrypted-transmission/Go-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:ProxiedEndpoint) WHERE NOT EXISTS ((h)--(:TransportEncryption)) RETURN p" ) assertEquals(0, result.count()) @@ -57,7 +57,7 @@ open class DisclosureTest { System.getProperty("user.dir") + "/../ppg-testing-library/Disclosure/unencrypted-transmission/Python" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:ProxiedEndpoint) WHERE NOT EXISTS ((h)--(:TransportEncryption)) RETURN p" ) assertEquals(1, result.count()) @@ -82,7 +82,7 @@ open class DisclosureTest { System.getProperty("user.dir") + "/../ppg-testing-library/Disclosure/unencrypted-transmission/Python-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:ProxiedEndpoint) WHERE NOT EXISTS ((h)--(:TransportEncryption)) RETURN p" ) assertEquals(0, result.count()) diff --git a/cloudpg/src/test/java/io/clouditor/graph/IdentifiabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/IdentifiabilityTest.kt index 3e8e95c..b61f54c 100644 --- a/cloudpg/src/test/java/io/clouditor/graph/IdentifiabilityTest.kt +++ b/cloudpg/src/test/java/io/clouditor/graph/IdentifiabilityTest.kt @@ -20,7 +20,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I3-identifying-inbound-data/Go" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:Identifier)--()-[:DFG*]->(h:HttpEndpoint) RETURN p" ) assertEquals(4, result.count()) @@ -42,7 +42,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I3-identifying-inbound-data/Go-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:Identifier)--()-[:DFG*]->(h:HttpEndpoint) RETURN p" ) assertEquals(0, result.count()) @@ -56,7 +56,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I3-identifying-inbound-data/Python" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:Identifier)--()-[:DFG*]->(h:HttpEndpoint) RETURN p" ) assertEquals(2, result.count()) @@ -78,7 +78,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I3-identifying-inbound-data/Python-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:Identifier)--()-[:DFG*]->(h:HttpEndpoint) RETURN p" ) assertEquals(0, result.count()) @@ -94,7 +94,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I5-identifying-shared-data/Go" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go"), Path("third-party.go")), "MATCH p=(:Identifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(1, result.count()) @@ -116,7 +116,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I5-identifying-shared-data/Go-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go"), Path("third-party.go")), "MATCH p=(:Identifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(0, result.count()) @@ -130,7 +130,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I5-identifying-shared-data/Python" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py"), Path("third-party.py")), "MATCH p=(:Identifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(1, result.count()) @@ -152,7 +152,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I5-identifying-shared-data/Python-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py"), Path("third-party.py")), "MATCH p=(:Identifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(0, result.count()) @@ -166,7 +166,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I6-identifying-stored-data/Python" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:Identifier)--()-[:DFG*]->(h:HttpRequest)-[:DFG*]->(:DatabaseStorage) RETURN p" ) assertEquals(1, result.count()) @@ -188,7 +188,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I6-identifying-stored-data/Python-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:Identifier)--()-[:DFG*]->(h:HttpRequest)-[:DFG*]->(:DatabaseStorage) RETURN p" ) assertEquals(0, result.count()) @@ -202,7 +202,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I6-identifying-stored-data/Go" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:Identifier)--()-[:DFG*]->(h:HttpRequest)-[:DFG*]->(:DatabaseStorage) RETURN p" ) assertEquals(1, result.count()) @@ -224,7 +224,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I6-identifying-stored-data/Go-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:Identifier)--()-[:DFG*]->(h:HttpRequest)-[:DFG*]->(:DatabaseStorage) RETURN p" ) assertEquals(0, result.count()) @@ -238,7 +238,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I7-identifying-retrieved-data/Python" ), - listOf(Path(".")), + listOf(Path("client1.py"), Path("client2.py"), Path("server.py")), "MATCH p=(:Identifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(ds:DatabaseStorage), (h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h2)-[:DFG*]->()<--(ds) AND (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(1, result.count()) @@ -260,7 +260,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I7-identifying-retrieved-data/Python-validation" ), - listOf(Path(".")), + listOf(Path("client1.py"), Path("client2.py"), Path("server.py")), "MATCH p=(:Identifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(ds:DatabaseStorage), (h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h2)-[:DFG*]->()<--(ds) AND (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(0, result.count()) @@ -274,7 +274,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I7-identifying-retrieved-data/Go" ), - listOf(Path(".")), + listOf(Path("client1.go"), Path("client2.go"), Path("server.go")), "MATCH p=(:Identifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(ds:DatabaseStorage), (h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h2)-[:DFG*]->()<--(ds) AND (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(1, result.count()) @@ -296,7 +296,7 @@ open class IdentifiabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Identifiability/I7-identifying-retrieved-data/Go-validation" ), - listOf(Path(".")), + listOf(Path("client1.go"), Path("client2.go"), Path("server.go")), "MATCH p=(:Identifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(ds:DatabaseStorage), (h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h2)-[:DFG*]->()<--(ds) AND (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(0, result.count()) diff --git a/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt b/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt index 5dcd45e..0964015 100644 --- a/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt +++ b/cloudpg/src/test/java/io/clouditor/graph/LinkabilityTest.kt @@ -20,7 +20,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L3-linkability-of-inbound-data/Go" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) RETURN p" ) assertEquals(4, result.count()) @@ -42,7 +42,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L3-linkability-of-inbound-data/Go-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) RETURN p" ) assertEquals(0, result.count()) @@ -56,7 +56,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L3-linkability-of-inbound-data/Python" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) RETURN p" ) assertEquals(2, result.count()) @@ -78,7 +78,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L3-linkability-of-inbound-data/Python-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) RETURN p" ) assertEquals(0, result.count()) @@ -94,7 +94,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L5-linkability-of-shared-data/Python" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py"), Path("third-party.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(1, result.count()) @@ -116,7 +116,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L5-linkability-of-shared-data/Python-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py"), Path("third-party.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(0, result.count()) @@ -130,7 +130,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L5-linkability-of-shared-data/Go" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go"), Path("third-party.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(1, result.count()) @@ -152,7 +152,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L5-linkability-of-shared-data/Go-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go"), Path("third-party.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(0, result.count()) @@ -166,7 +166,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L6-linkability-of-stored-data/Python" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpRequest)-[:DFG*]->(:DatabaseStorage) RETURN p" ) @@ -189,7 +189,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L6-linkability-of-stored-data/Python-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpRequest)-[:DFG*]->(:DatabaseStorage) RETURN p" ) assertEquals(0, result.count()) @@ -203,7 +203,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L6-linkability-of-stored-data/Go" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpRequest)-[:DFG*]->(:DatabaseStorage) RETURN p" ) assertEquals(1, result.count()) @@ -225,7 +225,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L6-linkability-of-stored-data/Go-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpRequest)-[:DFG*]->(:DatabaseStorage) RETURN p" ) assertEquals(0, result.count()) @@ -239,7 +239,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L7-linkability-of-retrieved-data/Python" ), - listOf(Path(".")), + listOf(Path("client1.py"), Path("client2.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(ds:DatabaseStorage), (h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h2)-[:DFG*]->()<--(ds) AND (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(1, result.count()) @@ -261,7 +261,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L7-linkability-of-retrieved-data/Python-validation" ), - listOf(Path(".")), + listOf(Path("client1.py"), Path("client2.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(ds:DatabaseStorage), (h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h2)-[:DFG*]->()<--(ds) AND (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(0, result.count()) @@ -275,7 +275,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L7-linkability-of-retrieved-data/Go" ), - listOf(Path(".")), + listOf(Path("client1.go"), Path("client2.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(ds:DatabaseStorage), (h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h2)-[:DFG*]->()<--(ds) AND (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(1, result.count()) @@ -297,7 +297,7 @@ open class LinkabilityTest { System.getProperty("user.dir") + "/../ppg-testing-library/Linkability/L7-linkability-of-retrieved-data/Go-validation" ), - listOf(Path(".")), + listOf(Path("client1.go"), Path("client2.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(ds:DatabaseStorage), (h2:HttpRequest), (a1:Application), (a2:Application) WHERE (h2)-[:DFG*]->()<--(ds) AND (h1)--(a1) AND (h2)--(a2) RETURN p" ) assertEquals(0, result.count()) diff --git a/cloudpg/src/test/java/io/clouditor/graph/NonRepudiationTest.kt b/cloudpg/src/test/java/io/clouditor/graph/NonRepudiationTest.kt index 3d161d8..a70534e 100644 --- a/cloudpg/src/test/java/io/clouditor/graph/NonRepudiationTest.kt +++ b/cloudpg/src/test/java/io/clouditor/graph/NonRepudiationTest.kt @@ -17,7 +17,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR2-non-repudiation-of-sending/Python-DigitalSignature" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--(n)-[:DFG*]->(hr:HttpRequest)-[:DFG*]->(:HttpEndpoint) WHERE (:Signature)--(n)-[:DFG*]->(hr) AND (:Signature)-[:SIGNATURE]->()-[:DFG*]->(hr) RETURN p" ) assertEquals(4, result.count()) @@ -39,7 +39,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR2-non-repudiation-of-sending/Python-DigitalSignature-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--(n)-[:DFG*]->(hr:HttpRequest)-[:DFG*]->(:HttpEndpoint) WHERE (:Signature)--(n)-[:DFG*]->(hr) AND (:Signature)-[:SIGNATURE]->()-[:DFG*]->(hr) RETURN p" ) assertEquals(0, result.count()) @@ -53,7 +53,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR2-non-repudiation-of-sending/Python-Logging" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:Identifier)--()-[:DFG*]->()-[:ARGUMENTS]-()-[:CALL]-(:LogOperation) RETURN p" ) @@ -76,7 +76,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR2-non-repudiation-of-sending/Python-Logging-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:Identifier)--()-[:DFG*]->()-[:ARGUMENTS]-()-[:CALL]-(:LogOperation) RETURN p" ) assertEquals(0, result.count()) @@ -90,7 +90,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR2-non-repudiation-of-sending/Go-DigitalSignature" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--(n)-[:DFG*]->(hr:HttpRequest)-[:DFG*]->(:HttpEndpoint) WHERE (:Signature)--(n)-[:DFG*]->(hr) AND (:Signature)-[:SIGNATURE]->()-[:DFG*]->(hr) RETURN p" ) // in this case, 2 paths are expected because there are two HttpEndpoints that the @@ -114,7 +114,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR2-non-repudiation-of-sending/Go-DigitalSignature-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--(n)-[:DFG*]->(hr:HttpRequest)-[:DFG*]->(:DatabaseStorage) WHERE (:Signature)--(n)-[:DFG*]->(hr) AND (:Signature)-[:SIGNATURE]->()-[:DFG*]->(hr) RETURN p" ) assertEquals(0, result.count()) @@ -128,7 +128,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR2-non-repudiation-of-sending/Go-Logging" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:Identifier)-[:LABELEDNODE]-()-[:DFG*]->()-[:ARGUMENTS]-()-[:CALL]-(g:LogOperation) RETURN p" ) assertEquals(1, result.count()) @@ -150,7 +150,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR2-non-repudiation-of-sending/Go-Logging-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:Identifier)-[:LABELEDNODE]-()-[:DFG*]->()-[:ARGUMENTS]-()-[:CALL]-(g:LogOperation) RETURN p" ) assertEquals(0, result.count()) @@ -168,7 +168,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR4-non-reputable-storage/Go-DigitalSignature" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--(n)-[:DFG*]->(hr:HttpRequest)-[:DFG*]->(:DatabaseStorage) WHERE (:Signature)--(n)-[:DFG*]->(hr) AND (:Signature)-[:SIGNATURE]->()-[:DFG*]->(hr) RETURN p" ) assertEquals(1, result.count()) @@ -190,7 +190,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR4-non-reputable-storage/Go-DigitalSignature-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--(n)-[:DFG*]->(hr:HttpRequest)-[:DFG*]->(:DatabaseStorage) WHERE (:Signature)--(n)-[:DFG*]->(hr) AND (:Signature)-[:SIGNATURE]->()-[:DFG*]->(hr) RETURN p" ) assertEquals(0, result.count()) @@ -206,7 +206,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR4-non-reputable-storage/Python-DigitalSignature" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--(n)-[:DFG*]->(hr:HttpRequest)-[:DFG*]->(:DatabaseStorage) WHERE (:Signature)--(n)-[:DFG*]->(hr) AND (:Signature)-[:SIGNATURE]->()-[:DFG*]->(hr) RETURN p" ) assertEquals(1, result.count()) @@ -228,7 +228,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR4-non-reputable-storage/Python-DigitalSignature-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--(n)-[:DFG*]->(hr:HttpRequest)-[:DFG*]-(:DatabaseStorage) WHERE (:Signature)--(n)-[:DFG*]->(hr) AND (:Signature)-[:SIGNATURE]->()-[:DFG*]->(hr) RETURN p" ) assertEquals(0, result.count()) @@ -244,7 +244,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR5-non-repudiation-of-retrieved-data/Python-DigitalSignature" ), - listOf(Path(".")), + listOf(Path("client1.py"), Path("client2.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpRequest)-[:DFG*]->(d:DatabaseStorage), (a:Application), (a2:Application), (h2:HttpRequest), (n) WHERE (n)--(:Signature) AND (h)--(a) AND (a2:Application)--(h2:HttpRequest)-[:DFG*]->()<--(:DatabaseStorage) RETURN p" ) // in this case, 2 paths are expected because there are two HttpEndpoints that the @@ -270,7 +270,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR5-non-repudiation-of-retrieved-data/Go-DigitalSignature" ), - listOf(Path(".")), + listOf(Path("client1.go"), Path("client2.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpRequest)-[:DFG*]->(d:DatabaseStorage), (a:Application), (a2:Application), (h2:HttpRequest), (n) WHERE (n)--(:Signature) AND (h)--(a) AND (a2:Application)--(h2:HttpRequest)-[:DFG*]->()<--(:DatabaseStorage) RETURN p" ) assertEquals(1, result.count()) @@ -292,7 +292,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR5-non-repudiation-of-retrieved-data/Go-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--(n)-[:DFG*]->(h:HttpRequest)-[:DFG*]->(d:DatabaseStorage), (a:Application), (a2:Application), (h2:HttpRequest) WHERE (n)--(:Signature) AND (a)--(h) AND (a2:Application)--(h2:HttpRequest)-[:DFG*]->()<--(:DatabaseStorage) AND a<>a2 RETURN p" ) assertEquals(0, result.count()) @@ -306,7 +306,7 @@ open class NonRepudiationTest { System.getProperty("user.dir") + "/../ppg-testing-library/Non-Repudiation/NR5-non-repudiation-of-retrieved-data/Python-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--(n)-[:DFG*]->(h:HttpRequest)-[:DFG*]->(d:DatabaseStorage), (a:Application), (a2:Application), (h2:HttpRequest) WHERE (n)--(:Signature) AND (a)--(h) AND (a2:Application)--(h2:HttpRequest)-[:DFG*]->()<--(:DatabaseStorage) AND a<>a2 RETURN p" ) assertEquals(0, result.count()) diff --git a/cloudpg/src/test/java/io/clouditor/graph/PolicyNonComplianceTest.kt b/cloudpg/src/test/java/io/clouditor/graph/PolicyNonComplianceTest.kt index 0f1da65..aef0abe 100644 --- a/cloudpg/src/test/java/io/clouditor/graph/PolicyNonComplianceTest.kt +++ b/cloudpg/src/test/java/io/clouditor/graph/PolicyNonComplianceTest.kt @@ -17,7 +17,7 @@ open class PolicyNonComplianceTest { System.getProperty("user.dir") + "/../ppg-testing-library/Policy-Non-Compliance/NC1-disproportionate-collection/Python" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) WHERE NOT EXISTS{ MATCH(h)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") AND NOT (i:IfStatement) AND NOT (i:WhileStatment) AND NOT (i)<-[:ARGUMENTS]-()} RETURN p" ) // in this case, 2 paths are expected because there are two HttpEndpoints that the @@ -41,7 +41,7 @@ open class PolicyNonComplianceTest { System.getProperty("user.dir") + "/../ppg-testing-library/Policy-Non-Compliance/NC1-disproportionate-collection/Python-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) WHERE NOT EXISTS{ MATCH(h)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") AND NOT (i:IfStatement) AND NOT (i:WhileStatment) AND NOT (i)<-[:ARGUMENTS]-()} RETURN p" ) assertEquals(0, result.count()) @@ -55,7 +55,7 @@ open class PolicyNonComplianceTest { System.getProperty("user.dir") + "/../ppg-testing-library/Policy-Non-Compliance/NC1-disproportionate-collection/Go" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) WHERE NOT EXISTS{ MATCH(h)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") AND NOT (i:IfStatement) AND NOT (i:WhileStatment) AND NOT (i)<-[:ARGUMENTS]-()} RETURN p" ) // in this case, 2 paths are expected because there are two HttpEndpoints that the @@ -79,7 +79,7 @@ open class PolicyNonComplianceTest { System.getProperty("user.dir") + "/../ppg-testing-library/Policy-Non-Compliance/NC1-disproportionate-collection/Go-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h:HttpEndpoint) WHERE NOT EXISTS{ MATCH(h)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") AND NOT (i:IfStatement) AND NOT (i:WhileStatment) AND NOT (i)<-[:ARGUMENTS]-()} RETURN p" ) assertEquals(0, result.count()) @@ -99,7 +99,7 @@ open class PolicyNonComplianceTest { System.getProperty("user.dir") + "/../ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-retrieval/Go" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-[:DFG]->(s:DatabaseStorage) WHERE NOT EXISTS((:DatabaseOperation)<-[:DFG]-(s)) RETURN p" ) assertEquals(1, result.count()) @@ -121,7 +121,7 @@ open class PolicyNonComplianceTest { System.getProperty("user.dir") + "/../ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-retrieval/Go-validation" ), - listOf(Path(".")), + listOf(Path("client1.go"), Path("client2.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-[:DFG]->(s:DatabaseStorage) WHERE NOT EXISTS((:DatabaseOperation)<-[:DFG]-(s)) RETURN p" ) assertEquals(0, result.count()) @@ -137,7 +137,7 @@ open class PolicyNonComplianceTest { System.getProperty("user.dir") + "/../ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-retrieval/Python" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-[:DFG]->(s:DatabaseStorage) WHERE NOT EXISTS((:DatabaseOperation)<-[:DFG]-(s)) RETURN p" ) assertEquals(1, result.count()) @@ -159,7 +159,7 @@ open class PolicyNonComplianceTest { System.getProperty("user.dir") + "/../ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-retrieval/Python-validation" ), - listOf(Path(".")), + listOf(Path("client1.py"), Path("client2.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-->(s:DatabaseStorage) WHERE NOT EXISTS((:DatabaseOperation)<-[:DFG]-(s)) RETURN p, s" ) assertEquals(0, result.count()) @@ -175,7 +175,7 @@ open class PolicyNonComplianceTest { System.getProperty("user.dir") + "/../ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Go" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-[:DFG]->(s:DatabaseStorage) WHERE NOT EXISTS{ MATCH (s)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") OR (i:IfStatement) OR (i:WhileStatment) OR (i)<-[:ARGUMENTS]-()} RETURN p" ) assertEquals(1, result.count()) @@ -197,7 +197,7 @@ open class PolicyNonComplianceTest { System.getProperty("user.dir") + "/../ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Go-validation" ), - listOf(Path(".")), + listOf(Path("client1.go"), Path("client2.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-[:DFG]->(s:DatabaseStorage) WHERE NOT EXISTS{ MATCH (s)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") OR (i:IfStatement) OR (i:WhileStatment) OR (i)<-[:ARGUMENTS]-()} RETURN p" ) assertEquals(0, result.count()) @@ -213,7 +213,7 @@ open class PolicyNonComplianceTest { System.getProperty("user.dir") + "/../ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Python" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-[:DFG]->(s:DatabaseStorage) WHERE NOT EXISTS{ MATCH (s)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") OR (i:IfStatement) OR (i:WhileStatment) OR (i)<-[:ARGUMENTS]-()} RETURN p" ) assertEquals(1, result.count()) @@ -235,7 +235,7 @@ open class PolicyNonComplianceTest { System.getProperty("user.dir") + "/../ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Python-validation" ), - listOf(Path(".")), + listOf(Path("client1.py"), Path("client2.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(:DatabaseOperation)-[:DFG]->(s:DatabaseStorage) WHERE NOT EXISTS{ MATCH (s)-[:DFG*]->(i) WHERE (i:Expression) AND NOT (i:DeclaredReferenceExpression) AND (NOT (i:BinaryOperator) OR i.operatorCode <> \"=\") OR (i:IfStatement) OR (i:WhileStatment) OR (i)<-[:ARGUMENTS]-()} RETURN p" ) assertEquals(0, result.count()) diff --git a/cloudpg/src/test/java/io/clouditor/graph/UnawarenessTest.kt b/cloudpg/src/test/java/io/clouditor/graph/UnawarenessTest.kt index ac7a19c..953c366 100644 --- a/cloudpg/src/test/java/io/clouditor/graph/UnawarenessTest.kt +++ b/cloudpg/src/test/java/io/clouditor/graph/UnawarenessTest.kt @@ -20,7 +20,7 @@ open class UnawarenessTest { System.getProperty("user.dir") + "/../ppg-testing-library/Unawareness/U3-no-access-or-portability/Go" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(ds:DatabaseStorage), (a:Application), (h2:HttpRequest) WHERE NOT EXISTS ((:HttpRequest)-[:DFG*]->()-[:CALLS]-()<-[:DFG]-(ds:DatabaseStorage)) AND ((h1)--(a)) AND ((h2)--(a)) RETURN p" ) assertEquals(1, result.count()) @@ -43,7 +43,7 @@ open class UnawarenessTest { System.getProperty("user.dir") + "/../ppg-testing-library/Unawareness/U3-no-access-or-portability/Go-validation" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(ds:DatabaseStorage), (a:Application), (h2:HttpRequest) WHERE NOT EXISTS ((:HttpRequest)-[:DFG*]->()-[:CALLS]-()<-[:DFG]-(ds:DatabaseStorage)) AND ((h1)--(a)) AND ((h2)--(a)) RETURN p" ) assertEquals(0, result.count()) @@ -57,7 +57,7 @@ open class UnawarenessTest { System.getProperty("user.dir") + "/../ppg-testing-library/Unawareness/U3-no-access-or-portability/Python" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]->(ds:DatabaseStorage), (a:Application), (h2:HttpRequest) WHERE NOT EXISTS ((:HttpRequest)-[:DFG*]->()-[:CALLS]-()<-[:DFG]-(ds:DatabaseStorage)) AND ((h1)--(a)) AND ((h2)--(a)) RETURN p" ) assertEquals(1, result.count()) @@ -79,7 +79,7 @@ open class UnawarenessTest { System.getProperty("user.dir") + "/../ppg-testing-library/Unawareness/U3-no-access-or-portability/Python-validation" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(h1:HttpRequest)-[:DFG*]-(do1:DatabaseOperation)-[:DFG]->(ds:DatabaseStorage), (a:Application), (h2:HttpRequest) WHERE NOT EXISTS ((:HttpRequest)-[:DFG*]->()-[:CALLS]-()<-[:DFG]-(ds:DatabaseStorage)) AND ((h1)--(a)) AND ((h2)--(a)) RETURN p" ) assertEquals(0, result.count()) @@ -94,7 +94,7 @@ open class UnawarenessTest { System.getProperty("user.dir") + "/../ppg-testing-library/Unawareness/U4-no-erasure-or-rectification/Go-missing-DELETE" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(hr1:HttpRequest)-[:DFG*]-(do1:DatabaseOperation)-[:DFG]->(ds:DatabaseStorage), (a:Application), (hr2:HttpRequest) WHERE NOT EXISTS ((hr2)-[:DFG*]->()<-[:DFG]-(ds)) AND ((hr1)--(a)--(hr2)) RETURN p" ) assertEquals(1, result.count()) @@ -118,7 +118,7 @@ open class UnawarenessTest { System.getProperty("user.dir") + "/../ppg-testing-library/Unawareness/U4-no-erasure-or-rectification/Go-missing-PUT" ), - listOf(Path(".")), + listOf(Path("client.go"), Path("server.go")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(hr1:HttpRequest)-[:DFG*]-(do1:DatabaseOperation)-[:DFG]->(ds:DatabaseStorage), (a:Application), (hr2:HttpRequest) WHERE NOT EXISTS ((hr2)-[:DFG*]->()<-[:DFG]-(ds)) AND ((hr1)--(a)--(hr2)) RETURN p" ) assertEquals(1, result.count()) @@ -144,7 +144,7 @@ open class UnawarenessTest { System.getProperty("user.dir") + "/../ppg-testing-library/Unawareness/U4-no-erasure-or-rectification/Go-missing-DELETE" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(hr1:HttpRequest)-[:DFG*]-(do1:DatabaseOperation)-[:DFG]->(ds:DatabaseStorage), (a:Application), (hr2:HttpRequest) WHERE NOT EXISTS ((hr2)-[:DFG*]->()<-[:DFG]-(ds)) AND ((hr1)--(a)--(hr2)) RETURN p" ) assertEquals(1, result.count()) @@ -168,7 +168,7 @@ open class UnawarenessTest { System.getProperty("user.dir") + "/../ppg-testing-library/Unawareness/U4-no-erasure-or-rectification/Go-missing-PUT" ), - listOf(Path(".")), + listOf(Path("client.py"), Path("server.py")), "MATCH p=(:PseudoIdentifier)--()-[:DFG*]->(hr1:HttpRequest)-[:DFG*]-(do1:DatabaseOperation)-[:DFG]->(ds:DatabaseStorage), (a:Application), (hr2:HttpRequest) WHERE NOT EXISTS ((hr2)-[:DFG*]->()<-[:DFG]-(ds)) AND ((hr1)--(a)--(hr2)) RETURN p" ) assertEquals(1, result.count()) diff --git a/ppg-testing-library/Non-Repudiation/NR5-non-repudiation-of-retrieved-data/Go-DigitalSignature/client.go b/ppg-testing-library/Non-Repudiation/NR5-non-repudiation-of-retrieved-data/Go-DigitalSignature/client1.go similarity index 100% rename from ppg-testing-library/Non-Repudiation/NR5-non-repudiation-of-retrieved-data/Go-DigitalSignature/client.go rename to ppg-testing-library/Non-Repudiation/NR5-non-repudiation-of-retrieved-data/Go-DigitalSignature/client1.go diff --git a/ppg-testing-library/Non-Repudiation/NR5-non-repudiation-of-retrieved-data/Python-DigitalSignature/client.py b/ppg-testing-library/Non-Repudiation/NR5-non-repudiation-of-retrieved-data/Python-DigitalSignature/client1.py similarity index 100% rename from ppg-testing-library/Non-Repudiation/NR5-non-repudiation-of-retrieved-data/Python-DigitalSignature/client.py rename to ppg-testing-library/Non-Repudiation/NR5-non-repudiation-of-retrieved-data/Python-DigitalSignature/client1.py diff --git a/ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Go-validation/client.go b/ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Go-validation/client1.go similarity index 100% rename from ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Go-validation/client.go rename to ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Go-validation/client1.go diff --git a/ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Python-validation/client.py b/ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Python-validation/client1.py similarity index 100% rename from ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Python-validation/client.py rename to ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-processing/Python-validation/client1.py diff --git a/ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-retrieval/Go-validation/client.go b/ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-retrieval/Go-validation/client1.go similarity index 100% rename from ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-retrieval/Go-validation/client.go rename to ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-retrieval/Go-validation/client1.go diff --git a/ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-retrieval/Python-validation/client.py b/ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-retrieval/Python-validation/client1.py similarity index 100% rename from ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-retrieval/Python-validation/client.py rename to ppg-testing-library/Policy-Non-Compliance/NC5-disproportionate-storage-wo-retrieval/Python-validation/client1.py From 2bf42755b89ccf413acf94750258cc85a5166a77 Mon Sep 17 00:00:00 2001 From: "Kunz, Immanuel" Date: Fri, 19 Apr 2024 07:58:12 +0200 Subject: [PATCH 8/8] add pass dependencies, add null checks --- cloudpg/build.gradle.kts | 9 +++------ .../io/clouditor/graph/passes/LabelExtractionPass.kt | 10 +++++----- .../io/clouditor/graph/passes/golang/GinGonicPass.kt | 12 +++++++----- .../io/clouditor/graph/passes/golang/GoCryptoPass.kt | 4 ++-- .../clouditor/graph/passes/golang/GolangHttpPass.kt | 11 +++++------ .../graph/passes/golang/GolangHttpRequestPass.kt | 4 ++-- .../clouditor/graph/passes/golang/GolangLogPass.kt | 4 ++-- .../io/clouditor/graph/testing/LocalTestingPass.kt | 3 +-- 8 files changed, 27 insertions(+), 30 deletions(-) diff --git a/cloudpg/build.gradle.kts b/cloudpg/build.gradle.kts index 43750ca..8844f55 100644 --- a/cloudpg/build.gradle.kts +++ b/cloudpg/build.gradle.kts @@ -58,7 +58,7 @@ repositories { } ivy { - setUrl("https://download.eclipse.org/tools/cdt/releases/11.0/cdt-11.0.0/plugins") + setUrl("https://download.eclipse.org/tools/cdt/releases/11.3/cdt-11.3.1/plugins") metadataSources { artifact() } @@ -72,10 +72,8 @@ dependencies { implementation("org.junit.jupiter:junit-jupiter:5.7.0") // Move to JitPack dependency for newer versions - implementation("com.github.Fraunhofer-AISEC.cpg:cpg:v8.0.0-alpha.2") - - /** - val version = "7.1.2" + // implementation("com.github.Fraunhofer-AISEC.cpg:cpg:v8.1.2") + val version = "8.1.2" implementation("de.fraunhofer.aisec:cpg-core:$version") implementation("de.fraunhofer.aisec:cpg-analysis:$version") @@ -84,7 +82,6 @@ dependencies { implementation("de.fraunhofer.aisec:cpg-language-typescript:$version") implementation("de.fraunhofer.aisec:cpg-language-java:$version") implementation("de.fraunhofer.aisec:cpg-language-cxx:$version") - */ implementation("com.fasterxml.jackson.module:jackson-module-kotlin:2.13.+") implementation ("org.xmlunit:xmlunit-core:2.9.0") diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt index 855d7d9..01c367e 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/LabelExtractionPass.kt @@ -160,10 +160,10 @@ class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx) ) regexes.entries.forEach { it -> - val matches = it.key.findAll(nodeWComment.comment!!) - if (matches.toList().isNotEmpty()) { - val labels = it.value(nodeWComment, matches) - labels.forEach { + val matches = nodeWComment.comment?.let { it1 -> it.key.findAll(it1) } + if (matches?.toList()?.isNotEmpty() == true) { + val labels = matches?.let { it1 -> it.value(nodeWComment, it1) } + labels?.forEach { t += it // Adding Labels to the supplementary nodes of a translation unit } } @@ -305,7 +305,7 @@ class LabelExtractionPass(ctx: TranslationContext) : TranslationResultPass(ctx) } is AssignExpression -> { val variableDeclarations = - node.lhs.filterIsInstance().map { it.refersTo } + node.lhs.filterIsInstance().mapNotNull { it.refersTo } variableDeclarations.forEach { addLabelToDFGBorderEdges(it as Node, label) } } else -> { diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt index de6e5df..754c13e 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GinGonicPass.kt @@ -7,10 +7,11 @@ import de.fraunhofer.aisec.cpg.graph.Node import de.fraunhofer.aisec.cpg.graph.declarations.FunctionDeclaration import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration +import de.fraunhofer.aisec.cpg.graph.firstAssignment import de.fraunhofer.aisec.cpg.graph.parseName import de.fraunhofer.aisec.cpg.graph.statements.expressions.* import de.fraunhofer.aisec.cpg.graph.types.PointerType -import de.fraunhofer.aisec.cpg.passes.GoExtraPass +import de.fraunhofer.aisec.cpg.passes.SymbolResolver import de.fraunhofer.aisec.cpg.passes.TranslationResultPass import de.fraunhofer.aisec.cpg.passes.order.DependsOn import de.fraunhofer.aisec.cpg.passes.order.ExecuteBefore @@ -20,7 +21,7 @@ import io.clouditor.graph.* import io.clouditor.graph.passes.KubernetesPass import io.clouditor.graph.testing.LocalTestingPass -@DependsOn(GoExtraPass::class) +@DependsOn(SymbolResolver::class) @ExecuteBefore(LocalTestingPass::class) @ExecuteBefore(KubernetesPass::class) class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) { @@ -257,9 +258,10 @@ class GinGonicPass(ctx: TranslationContext) : TranslationResultPass(ctx) { tu: TranslationUnitDeclaration, r: VariableDeclaration ) { - if (r.initializer is CallExpression && - ((r.initializer as CallExpression).name.toString() == "gin.Default" || - (r.initializer as CallExpression).name.toString() == "gin.New") + var initializer = r.firstAssignment + if (initializer is CallExpression && + (initializer.name.toString() == "gin.Default" || + initializer.name.toString() == "gin.New") ) { val app = result.findApplicationByTU(tu) diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt index f56a2a8..9ac3b88 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GoCryptoPass.kt @@ -6,7 +6,7 @@ import de.fraunhofer.aisec.cpg.graph.Node import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration import de.fraunhofer.aisec.cpg.graph.statements.expressions.* -import de.fraunhofer.aisec.cpg.passes.GoExtraPass +import de.fraunhofer.aisec.cpg.passes.SymbolResolver import de.fraunhofer.aisec.cpg.passes.TranslationResultPass import de.fraunhofer.aisec.cpg.passes.order.DependsOn import de.fraunhofer.aisec.cpg.processing.IVisitor @@ -15,7 +15,7 @@ import io.clouditor.graph.* import io.clouditor.graph.nodes.Signature @Suppress("UNUSED_PARAMETER") -@DependsOn(GoExtraPass::class) +@DependsOn(SymbolResolver::class) class GoCryptoPass(ctx: TranslationContext) : TranslationResultPass(ctx) { override fun cleanup() {} diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt index 44ed25f..7404766 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpPass.kt @@ -7,9 +7,10 @@ import de.fraunhofer.aisec.cpg.graph.Node import de.fraunhofer.aisec.cpg.graph.declarations.FunctionDeclaration import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration import de.fraunhofer.aisec.cpg.graph.declarations.VariableDeclaration +import de.fraunhofer.aisec.cpg.graph.firstAssignment import de.fraunhofer.aisec.cpg.graph.statements.expressions.* import de.fraunhofer.aisec.cpg.graph.types.PointerType -import de.fraunhofer.aisec.cpg.passes.GoExtraPass +import de.fraunhofer.aisec.cpg.passes.SymbolResolver import de.fraunhofer.aisec.cpg.passes.order.DependsOn import de.fraunhofer.aisec.cpg.processing.IVisitor import de.fraunhofer.aisec.cpg.processing.strategy.Strategy @@ -17,7 +18,7 @@ import io.clouditor.graph.* import io.clouditor.graph.passes.HttpClientPass @Suppress("UNUSED_PARAMETER") -@DependsOn(GoExtraPass::class) +@DependsOn(SymbolResolver::class) class GolangHttpPass(ctx: TranslationContext) : HttpClientPass(ctx) { private val clients = mutableMapOf() @@ -92,10 +93,8 @@ class GolangHttpPass(ctx: TranslationContext) : HttpClientPass(ctx) { ) { // check initializers for http.NewServeMux() // actually check for return types - but that does not work (yet) with the standard library - - if (r.initializer is CallExpression && - (r.initializer as CallExpression).name.toString() == "http.NewServeMux" - ) { + var initializer = r.firstAssignment + if (initializer is CallExpression && initializer.name.toString() == "http.NewServeMux") { val app = result.findApplicationByTU(tu) val requestHandler = HttpRequestHandler(app, mutableListOf(), "/") diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt index cac3523..68b4bb6 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangHttpRequestPass.kt @@ -5,7 +5,7 @@ import de.fraunhofer.aisec.cpg.TranslationResult import de.fraunhofer.aisec.cpg.graph.Node import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration import de.fraunhofer.aisec.cpg.graph.statements.expressions.* -import de.fraunhofer.aisec.cpg.passes.GoExtraPass +import de.fraunhofer.aisec.cpg.passes.SymbolResolver import de.fraunhofer.aisec.cpg.passes.order.DependsOn import de.fraunhofer.aisec.cpg.processing.IVisitor import de.fraunhofer.aisec.cpg.processing.strategy.Strategy @@ -15,7 +15,7 @@ import io.clouditor.graph.testing.LocalTestingPass // This pass is needed only for the local testing mode, since in the testing pass we create the // endpoints and only after that we can create the respective requests -@DependsOn(GoExtraPass::class) +@DependsOn(SymbolResolver::class) @DependsOn(LocalTestingPass::class) class GolangHttpRequestPass(ctx: TranslationContext) : HttpClientPass(ctx) { diff --git a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt index e392dc5..9b39282 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/passes/golang/GolangLogPass.kt @@ -6,14 +6,14 @@ import de.fraunhofer.aisec.cpg.graph.Node import de.fraunhofer.aisec.cpg.graph.declarations.TranslationUnitDeclaration import de.fraunhofer.aisec.cpg.graph.statements.expressions.CallExpression import de.fraunhofer.aisec.cpg.graph.statements.expressions.MemberCallExpression -import de.fraunhofer.aisec.cpg.passes.GoExtraPass +import de.fraunhofer.aisec.cpg.passes.SymbolResolver import de.fraunhofer.aisec.cpg.passes.order.DependsOn import de.fraunhofer.aisec.cpg.processing.IVisitor import de.fraunhofer.aisec.cpg.processing.strategy.Strategy import io.clouditor.graph.passes.LogPass import kotlin.streams.toList -@DependsOn(GoExtraPass::class) +@DependsOn(SymbolResolver::class) class GolangLogPass(ctx: TranslationContext) : LogPass(ctx) { override fun accept(result: TranslationResult) { val translationUnits = diff --git a/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt b/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt index 189d224..51b635d 100644 --- a/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt +++ b/cloudpg/src/main/java/io/clouditor/graph/testing/LocalTestingPass.kt @@ -52,8 +52,7 @@ class LocalTestingPass(ctx: TranslationContext) : TranslationResultPass(ctx) { } private fun handleConf(conf: TestConfig, t: TranslationResult) { - val controllers = - t.additionalNodes.filter { it is HttpRequestHandler }.map { it as HttpRequestHandler } + val controllers = t.additionalNodes.filterIsInstance() for (service in conf.services) { if (service.type == "server" || service.type == "third-party") {