Documentation
¶
Index ¶
- Constants
- Variables
- func AllProgramNames(db *gorm.DB) []string
- func AllSSAPrograms() []*schema.SSAProgram
- func CheckAndSwitchDB(name string) *schema.SSAProgram
- func DeleteProgram(db *gorm.DB, program string)
- func DeleteResultByID(resultID uint) error
- func DeleteResultByTaskID(taskId string) error
- func DeleteSSAProgram(name string) error
- func ExactSearchVariable(DB *gorm.DB, ctx context.Context, mod int, value string) chan *IrCode
- func GetDB() *gorm.DB
- func GetDBInProgram(program string) *gorm.DB
- func GetDependEdgeOnByFromNodeId(id uint) []uint
- func GetEditorByFileName(fileName string) (*memedit.MemEditor, error)
- func GetEffectOnEdgeByFromNodeId(id uint) []uint
- func GetIrSourceFromHash(hash string) (*memedit.MemEditor, error)
- func GetIrSourceFsSeparators() rune
- func GetProfileSSAProgram() []string
- func GetResultNodeByVariable(db *gorm.DB, resultID uint, resultVariable string) ([]uint, error)
- func GetResultValueByVariable(db *gorm.DB, resultID uint, resultVariable string) ([]int64, error)
- func GetSSAIndexCost() time.Duration
- func GetSSAProgram(name string) *schema.SSAProgram
- func GetSSASaveTypeCost() time.Duration
- func GetSSASourceCodeCost() time.Duration
- func GetType(id int) (int, string, string, error)
- func GetValueBeforeEndOffset(DB *gorm.DB, rng memedit.RangeIf, programName string) (int64, error)
- func GlobSearchVariable(DB *gorm.DB, ctx context.Context, mod int, value string) chan *IrCode
- func NewIrSourceFs() *irSourceFS
- func RegexpSearchVariable(DB *gorm.DB, ctx context.Context, mod int, value string) chan *IrCode
- func SaveFile(filename, content string, programName string, folderPaths []string) string
- func SaveFolder(folderName string, folderPaths []string) error
- func SaveIrIndex(idx *IrIndex)
- func SaveIrOffset(idx *IrOffset)
- func SaveResult(result *AuditResult) error
- func SaveSSAProgram(prog *schema.SSAProgram) error
- func SaveType(kind int, str string, extra string) int
- func SearchVariable(db *gorm.DB, ctx context.Context, compareMode, matchMod int, value string) chan *IrCode
- func UpdateProgram(prog *IrProgram)
- func YieldAuditNodeByResultId(DB *gorm.DB, resultId uint) chan *AuditNode
- func YieldAuditNodeByRuleName(DB *gorm.DB, ruleName string) chan *AuditNode
- func YieldAuditResults(DB *gorm.DB, ctx context.Context) chan *AuditResult
- func YieldIrCodesProgramName(rawDB *gorm.DB, ctx context.Context, program string) chan *IrCode
- type AuditEdge
- type AuditEdgeType
- type AuditNode
- type AuditNodeStatus
- type AuditResult
- type Int64Map
- type Int64Slice
- type IrCode
- func (r *IrCode) GetExtraInfo() map[string]any
- func (r *IrCode) GetIdInt() int
- func (r *IrCode) GetIdInt64() int64
- func (r *IrCode) GetSourceCode() string
- func (r *IrCode) GetSourceCodeContext(n int) string
- func (r *IrCode) GetStartAndEndPositions() (*memedit.MemEditor, memedit.PositionIf, memedit.PositionIf, error)
- func (r *IrCode) IsEmptySourceCodeHash() bool
- func (r *IrCode) SetExtraInfo(params map[string]any)
- func (i *IrCode) Show()
- func (i *IrCode) VerboseString() string
- type IrIndex
- type IrOffset
- type IrProgram
- type IrSource
- type IrType
- type IrVariable
- type ResultVariable
- type StringMap
- type StringSlice
Constants ¶
View Source
const ( NameMatch int = 1 KeyMatch = 1 << 1 BothMatch = NameMatch | KeyMatch ConstType = 1 << 2 )
type MatchMode int
View Source
const ( ExactCompare int = iota GlobCompare RegexpCompare )
View Source
const (
ServerPushType_SyntaxflowResult = "syntaxflow_result"
)
Variables ¶
View Source
var IrSourceFsSeparators = '/'
View Source
var Programs = omap.NewEmptyOrderedMap[string, *schema.SSAProgram]()
View Source
var SSAProjectTables = []any{ &IrCode{}, &IrIndex{}, &IrSource{}, &IrType{}, &IrProgram{}, &IrOffset{}, &AuditResult{}, &AuditNode{}, &AuditEdge{}, &schema.SSARisk{}, &schema.SyntaxFlowScanTask{}, }
Functions ¶
func AllProgramNames ¶
func AllSSAPrograms ¶
func AllSSAPrograms() []*schema.SSAProgram
func CheckAndSwitchDB ¶
func CheckAndSwitchDB(name string) *schema.SSAProgram
func DeleteProgram ¶
func DeleteResultByID ¶
func DeleteResultByTaskID ¶
func DeleteSSAProgram ¶
func ExactSearchVariable ¶
func GetDBInProgram ¶
func GetIrSourceFromHash ¶
GetIrSourceFromHash fetch editor from cache by hash(md5)
func GetIrSourceFsSeparators ¶
func GetIrSourceFsSeparators() rune
func GetProfileSSAProgram ¶
func GetProfileSSAProgram() []string
func GetResultNodeByVariable ¶
func GetSSAIndexCost ¶
func GetSSAProgram ¶
func GetSSAProgram(name string) *schema.SSAProgram
func GetSSASaveTypeCost ¶
func GetSSASourceCodeCost ¶
func GetValueBeforeEndOffset ¶
func GlobSearchVariable ¶
func NewIrSourceFs ¶
func NewIrSourceFs() *irSourceFS
func RegexpSearchVariable ¶
func SaveFolder ¶
func SaveIrIndex ¶
func SaveIrIndex(idx *IrIndex)
func SaveIrOffset ¶
func SaveIrOffset(idx *IrOffset)
func SaveResult ¶
func SaveResult(result *AuditResult) error
func SaveSSAProgram ¶
func SaveSSAProgram(prog *schema.SSAProgram) error
func SearchVariable ¶
func UpdateProgram ¶
func UpdateProgram(prog *IrProgram)
func YieldAuditResults ¶
func YieldAuditResults(DB *gorm.DB, ctx context.Context) chan *AuditResult
Types ¶
type AuditEdge ¶
type AuditEdge struct {
gorm.Model
// edge
FromNode uint `json:"from_node" gorm:"index"`
ToNode uint `json:"to_node" gorm:"index"`
// program
ProgramName string `json:"program_name"`
// type
EdgeType AuditEdgeType `json:"edge_type" gorm:"index"`
// for predecessor
AnalysisStep int64
AnalysisLabel string
}
type AuditEdgeType ¶
type AuditEdgeType string
const ( EdgeType_DependsOn AuditEdgeType = "depends_on" EdgeType_EffectsOn AuditEdgeType = "effects_on" // EdgeType_Predecessor 记录审计过程 EdgeType_Predecessor AuditEdgeType = "predecessor" )
type AuditNode ¶
type AuditNode struct {
gorm.Model
AuditNodeStatus
// is entry node
IsEntryNode bool `json:"is_entry_node"`
// value
IRCodeID int64 `json:"ir_code_id"`
// if IrCodeId is -1, TmpCode will be used
TmpValue string `json:"tmp_code"`
TmpValueFileHash string `json:"tmp_value_file_hash"`
TmpStartOffset int `json:"tmp_start_offset"`
TmpEndOffset int `json:"tmp_end_offset"`
VerboseName string `json:"verbose_name"`
}
func GetAuditNodeById ¶
func (*AuditNode) CreateDependsOnEdge ¶
func (*AuditNode) CreateEffectsOnEdge ¶
type AuditNodeStatus ¶
type AuditNodeStatus struct {
// task
TaskId string `json:"task_id" gorm:"index"`
// syntaxflow result
ResultId uint `json:"result_id" gorm:"index"`
ResultVariable string `json:"result_variable"` // syntaxflow result variable name
ResultAlertMsg string `json:"result_alert_msg"`
// rule info
RuleName string `json:"rule_name" gorm:"index"`
RuleTitle string `json:"rule_title"`
// program info
ProgramName string `json:"program_name"`
}
type AuditResult ¶
type AuditResult struct {
gorm.Model
TaskID string `json:"task_id" gorm:"index"`
// rule
RuleName string `json:"rule_name"`
RuleTitle string `json:"rule_title"`
RuleTitleZh string `json:"rule_title_zh"`
RulePurpose string `json:"purpose"`
RuleSeverity string `json:"rule_severity"`
RuleDesc string `json:"rule_desc"`
RuleContent string `json:"rule_content" gorm:"type:text"`
AlertDesc schema.MapEx[string, *schema.SyntaxFlowDescInfo] `gorm:"type:text"`
// Program
ProgramName string `json:"program_name"`
Language string `json:"language"`
Kind schema.SyntaxflowResultKind `json:"kind"` // debug / scan / query
RiskCount uint64 `json:"risk_count"`
RiskHashs schema.MapEx[string, string] `json:"risk_hashs" gorm:"type:text"`
CheckMsg StringSlice `json:"check_msg" gorm:"type:text"`
Errors StringSlice `json:"errors" gorm:"type:text"`
UnValueVariable StringSlice `json:"un_value_variable" gorm:"type:text"`
}
func CreateResult ¶
func CreateResult(TaskIDs ...string) *AuditResult
func GetResultByID ¶
func GetResultByID(resultID uint) (*AuditResult, error)
func (*AuditResult) AfterDelete ¶
func (r *AuditResult) AfterDelete(tx *gorm.DB) (err error)
func (*AuditResult) AfterUpdate ¶
func (r *AuditResult) AfterUpdate(tx *gorm.DB) (err error)
func (*AuditResult) ToGRPCModel ¶
func (r *AuditResult) ToGRPCModel() *ypb.SyntaxFlowResult
type Int64Slice ¶
type Int64Slice []int64
Int64Slice 是一个自定义类型,用于处理 []int64 的序列化和反序列化
func (*Int64Slice) Scan ¶
func (us *Int64Slice) Scan(value interface{}) error
Scan 实现了 sql.Scanner 接口,允许从数据库读取值时将其转换回 Int64Slice 类型
type IrCode ¶
type IrCode struct {
gorm.Model
ProgramName string `json:"program_name" gorm:"index"`
Version string `json:"package_version" gorm:"index"`
// source code
SourceCodeStartOffset int64 `json:"source_code_start_offset"`
SourceCodeEndOffset int64 `json:"source_code_end_offset"`
SourceCodeHash string `json:"source_code_hash"` // default md5
// opcode
Opcode int64 `json:"opcode"`
OpcodeName string `json:"opcode_name"`
// just for binary and unary operator
OpcodeOperator string `json:"opcode_operator"`
// basic info
Name string `json:"name"`
VerboseName string `json:"verbose_name"`
ShortVerboseName string `json:"short_verbose_name"`
String string `json:"string" gorm:"type:text"`
ReadableName string `json:"readable_name"`
ReadableNameShort string `json:"readable_name_short"`
// any IrCode in one block inner one function
CurrentBlock int64 `json:"current_block"`
CurrentFunction int64 `json:"current_function"`
// FunctionDefs
IsFunction bool `json:"is_function"`
FormalArgs Int64Slice `json:"formal_args" gorm:"type:text"`
FreeValues Int64Slice `json:"free_values" gorm:"type:text"`
MemberCallArgs Int64Slice `json:"formal_member_call_args" gorm:"type:text"`
SideEffects Int64Slice `json:"side_effects" gorm:"type:text"`
IsVariadic bool `json:"is_variadic"`
ReturnCodes Int64Slice `json:"return_codes" gorm:"type:text"`
IsExternal bool `json:"is_external"`
CodeBlocks Int64Slice `json:"code_blocks" gorm:"type:text"`
EnterBlock int64 `json:"enter_block"`
ExitBlock int64 `json:"exit_block"`
DeferBlock int64 `json:"defer_block"`
ChildrenFunction Int64Slice `json:"children_function" gorm:"type:text"`
ParentFunction int64 `json:"parent_function"`
// block
IsBlock bool `json:"is_block"`
PredBlock Int64Slice `json:"pred_block" gorm:"type:text"`
SuccBlock Int64Slice `json:"succ_block" gorm:"type:text"`
Phis Int64Slice `json:"phis_in_block" gorm:"type:text"`
// Use-Def Chains Relation
Defs Int64Slice `json:"defs" gorm:"type:text"`
Users Int64Slice `json:"users" gorm:"type:text"`
// Phi Chains Relation
Occulatation Int64Slice `json:"phis" gorm:"type:text"`
// this is user is call and method is this IR self
CalledBy Int64Slice `json:"is_called_by" gorm:"type:text"`
// OOP Supporting
IsObject bool
ObjectMembers Int64Map `json:"object_members" gorm:"type:text"`
IsObjectMember bool
ObjectParent int64 `json:"object_parent"`
ObjectKey int64 `json:"object_key"`
// Maskable
MaskedCodes Int64Slice `json:"masked_codes" gorm:"type:text"`
IsMasked bool `json:"is_masked"`
// Variable
Variable StringSlice `json:"variable" gorm:"type:text"`
// compile hash means: hash[ (file-content)+(program-name)+(package-name)+(program-index) ]
ProgramCompileHash string `json:"program_compile_hash" gorm:"index"`
// type
TypeID int `json:"type_id"`
// reference
Point int64 `json:"point" gorm:"type:text"`
Pointer Int64Slice `json:"pointer" gorm:"type:text"`
// not important information
ExtraInformation string `json:"extra_information" gorm:"type:text"`
}
func (*IrCode) GetExtraInfo ¶
func (*IrCode) GetIdInt64 ¶
func (*IrCode) GetSourceCode ¶
func (*IrCode) GetSourceCodeContext ¶
func (*IrCode) GetStartAndEndPositions ¶
func (r *IrCode) GetStartAndEndPositions() (*memedit.MemEditor, memedit.PositionIf, memedit.PositionIf, error)
func (*IrCode) IsEmptySourceCodeHash ¶
func (*IrCode) SetExtraInfo ¶
func (*IrCode) VerboseString ¶
type IrIndex ¶
type IrIndex struct {
gorm.Model
ProgramName string `json:"program_name" gorm:"index"`
// class
ClassName string `json:"class_name" gorm:"index"`
// variable
VariableName string `json:"variable_name" gorm:"index"`
VersionID int64 `json:"version_id" gorm:"index"`
// member call
FieldName string `json:"field_name" gorm:"index"`
// scope
ScopeName string `json:"scope_name" gorm:"index"`
// value
ValueID int64 `json:"value_id" gorm:"index"`
}
func CreateIndex ¶
func CreateIndex() *IrIndex
func GetVariableByValue ¶
type IrOffset ¶
type IrOffset struct {
gorm.Model
ProgramName string `json:"program_name" gorm:"index"`
// offset
FileHash string `json:"file_hash" gorm:"index"`
StartOffset int64 `json:"start_offset" gorm:"index"`
EndOffset int64 `json:"end_offset" gorm:"index"`
//variable
VariableName string `json:"variable_name"` // this id set when have variable
// value
ValueID int64 `json:"value_id"` // this id will set
}
func GetOffsetByVariable ¶
func (*IrOffset) GetStartAndEndPositions ¶
func (r *IrOffset) GetStartAndEndPositions() (*memedit.MemEditor, memedit.PositionIf, memedit.PositionIf, error)
type IrProgram ¶
type IrProgram struct {
gorm.Model
ProgramName string `json:"program_name" gorm:"unique_index"`
Version string `json:"package_version" gorm:"index"`
// Language: yak, java, php, js, etc
// if the program contains many language,
// use comma to separate them.
// e.g. "yak,java,php"
Language string `json:"language" gorm:"index"`
// application / library
ProgramKind string `json:"program_kind" gorm:"index"`
// up-stream program is the program that this program depends on
UpStream StringSlice `json:"up_stream_programs" gorm:"type:text"`
// down-stream program is the program that depends on this program
DownStream StringSlice `json:"down_stream_programs" gorm:"type:text"`
// this program contain this file
FileList StringMap `json:"file_list" gorm:"type:text"`
// program extra file: *.properties, *.xml, *.json, etc
ExtraFile StringMap `json:"extra_file" gorm:"type:text"`
}
func AllPrograms ¶
func CreateProgram ¶
func GetLibrary ¶
func GetProgram ¶
type IrSource ¶
type IrSource struct {
ProgramName string `json:"program_name" gorm:"index"`
SourceCodeHash string `json:"source_code_hash" gorm:"index"` // default md5
// file path
FolderPath string `json:"folder_path"`
FileName string `json:"file_name"`
// file content
QuotedCode string `json:"quoted_code" gorm:"type:text"`
IsBigFile bool `json:"is_big_file"` // if set this flag, the source code is too big, QuotedCode contain this file path
}
func GetIrSourceByPath ¶
type IrType ¶
type IrVariable ¶
func GetScope ¶
func GetScope(programName, scopeName string) ([]IrVariable, error)
type ResultVariable ¶
type ResultVariable struct {
Name string `json:"result_variable"`
Alert string `json:"alert"`
ValueNum int `json:"num"`
}
func GetResultVariableByID ¶
func GetResultVariableByID(db *gorm.DB, resultID uint) ([]*ResultVariable, error)
type StringSlice ¶
type StringSlice []string
func (*StringSlice) Scan ¶
func (ss *StringSlice) Scan(value interface{}) error
Source Files
Click to show internal directories.
Click to hide internal directories.