Skip to content

Taint analysis vizualization (adding additional locations to TaintAnalyzer) #276

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
dbalikhin wants to merge 8 commits into
base: vs2019
Choose a base branch
from
Draft

Taint analysis vizualization (adding additional locations to TaintAnalyzer) #276

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
4adddbe
adding initial logic
dbalikhin Nov 5, 2022
a610aa1
sorting tainted results + fixing conditional rule tests
dbalikhin Nov 9, 2022
21c0b8b
exclude irrelevant tainted data from visualization
dbalikhin Dec 2, 2022
6708b3e
Add a new flag for taint analysis visualization
dbalikhin Dec 3, 2022
9ecb17d
Preparation to include taint visualization tests
dbalikhin Dec 3, 2022
203b89d
Added initial taint viz test + supporting code, need to validate addi…
dbalikhin Dec 7, 2022
566e602
Added 2 basic test to get addtional locations
dbalikhin Dec 9, 2022
27c3930
enable test + remove condition for getting tainted ops
dbalikhin Dec 9, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
29 changes: 29 additions & 0 deletions Roslyn/FlowAnalysis/FlowAnalysis/Framework/DataFlow/DataFlowAnalysisResult.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,9 @@
using System.Collections.Generic;
using System.Collections.Immutable;
using System.Diagnostics;
using System.Linq;
using Analyzer.Utilities.Extensions;
using Analyzer.Utilities.FlowAnalysis.Analysis.TaintedDataAnalysis;
using Microsoft.CodeAnalysis.FlowAnalysis.DataFlow.PointsToAnalysis;
using Microsoft.CodeAnalysis.Operations;

Expand Down Expand Up @@ -141,6 +143,33 @@ public TAbstractAnalysisValue this[IOperation operation]
}
}

internal int InterproceduralResultCount()
{
return _interproceduralResultsMap.Count;
}

internal List<IOperation> GetTaintedOperations(SymbolAccess sourceOrigin)
{

List<IOperation> list = new();
foreach (var kvp in _operationStateMap)
{
if ((kvp.Value as TaintedDataAbstractValue).Kind == TaintedDataAbstractValueKind.Tainted && (kvp.Value as TaintedDataAbstractValue).SourceOrigins.Contains(sourceOrigin))
{
list.Add(kvp.Key);
}
}

return list;
}

internal DataFlowAnalysisResult<TBlockAnalysisResult, TAbstractAnalysisValue>? GetInterproceduralResultByIndex(int index)
{
var element = _interproceduralResultsMap.ElementAt(index);

return (DataFlowAnalysisResult<TBlockAnalysisResult, TAbstractAnalysisValue>)element.Value;
}

internal DataFlowAnalysisResult<TBlockAnalysisResult, TAbstractAnalysisValue>? TryGetInterproceduralResult(IOperation operation)
{
if (_interproceduralResultsMap.TryGetValue(operation, out var result))
Expand Down
51 changes: 44 additions & 7 deletions SecurityCodeScan.Test/Helpers/DiagnosticResult.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
using System;
using System.Collections.Generic;
using System.Linq;
using Microsoft.CodeAnalysis;

namespace SecurityCodeScan.Test.Helpers
Expand All @@ -9,6 +10,13 @@ namespace SecurityCodeScan.Test.Helpers
/// </summary>
public struct DiagnosticResultLocation
{
public DiagnosticResultLocation()
{
Line = -1;
Column = -1;
Path = $"{DiagnosticVerifier.DefaultFilePathPrefix}0";
}

public DiagnosticResultLocation(string path, int line, int column)
{
if (line < -1)
Expand Down Expand Up @@ -36,19 +44,25 @@ public DiagnosticResultLocation(string path, int line, int column)
/// </summary>
public struct DiagnosticResult
{
private List<DiagnosticResultLocation> LocationsField;
public DiagnosticResult()
{
}

public DiagnosticResultLocation Location { get; private set; } = new DiagnosticResultLocation();

public IReadOnlyList<DiagnosticResultLocation> Locations => LocationsField;
private List<DiagnosticResultLocation> AdditionalLocationsField;

public IReadOnlyList<DiagnosticResultLocation> AdditionalLocations => AdditionalLocationsField;

public DiagnosticSeverity? Severity { get; set; }

public string Id { get; set; }

public string Message { get; set; }

public int Line => LocationsField != null ? Locations[0].Line : -1;
public int Line => Location.Line;

public int Column => LocationsField != null ? Locations[0].Column : -1;
public int Column => Location.Column;

public DiagnosticResult WithMessage(string message)
{
Expand All @@ -70,11 +84,34 @@ public DiagnosticResult WithLocation(int line, int column)
private DiagnosticResult WithLocation(string path, int line, int column)
{
DiagnosticResult result = this;
if (result.LocationsField == null)
result.LocationsField = new List<DiagnosticResultLocation>(1);
result.Location = new DiagnosticResultLocation(path, line, column);

result.LocationsField.Add(new DiagnosticResultLocation(path, line, column));
return result;
}

public DiagnosticResult WithAdditionalLocations(List<ResultAdditionalLocation> resultLocations)
{
DiagnosticResult result = this;
var path = $"{DiagnosticVerifier.DefaultFilePathPrefix}0";
if (result.AdditionalLocationsField == null)
result.AdditionalLocationsField = new List<DiagnosticResultLocation>();

result.AdditionalLocationsField.AddRange(resultLocations.Select(l => new DiagnosticResultLocation(path, l.Line, l.Column)));

return result;
}

}

public struct ResultAdditionalLocation
{
public ResultAdditionalLocation(int line, int column)
{
Line = line;
Column = column;
}

public int Line { get; }
public int Column { get; }
}
}
1 change: 1 addition & 0 deletions SecurityCodeScan.Test/SecurityCodeScan.Test.csproj
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -634,6 +634,7 @@
<Compile Include="Tests\Taint\EntryPointsTaintAnalyzerTest.cs" />
<Compile Include="Tests\Taint\OpenRedirectAnalyzerTest.cs" />
<Compile Include="Tests\Taint\LdapInjectionAnalyzerTest.cs" />
<Compile Include="Tests\Taint\TaintFlowVisualizationTests.cs" />
<Compile Include="Tests\Taint\SqlInjectionAnalyzerTest.cs" />
<Compile Include="Tests\Taint\TaintAnalyzerSanitizerTest.cs" />
<Compile Include="Tests\Taint\TaintTransferTest.cs" />
Expand Down
Loading