taint

package
v0.0.0-...-b64b558 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 21, 2020 License: MIT Imports: 15 Imported by: 0

Documentation

Overview

taintatticePointer is a taint lattice which also holds the pointer for every ssa.Valuer

Index

Constants

This section is empty.

Variables

View Source 
var Sinks = make([]*Data, 0)

Sinks contains a slice of TaintData which are sinks.

View Source 
var Sources = make([]*Data, 0)

Sources contains a slice of TaintData which are sources.

Functions

func IsIndirectPtr 

func IsIndirectPtr(i ssa.Value) (canPoint bool, val ssa.Value)

IsIndirectPtr checks whether the value is an indirect pointer value In the positive case the function returns the ssa.Value.

func IsPointerVal 

func IsPointerVal(i ssa.Value) (canPoint bool, val ssa.Value)

IsPointerVal checks whether the value is a pointer value and in the positive case it returns the ssa.Value For some instructions like a *ssa.Call it is requuired to go deeper. TODO check whether it is also required for other cases

func NewErrInFlow 

func NewErrInFlow(c *ssa.CallCommon, a []ssa.Value, e error) error

NewErrInFlow returns a error of type ErrInFlow.

func Read 

func Read(fileName string) error

Read the file with the sources and sinks

Types

type Data 

type Data struct {
	// contains filtered or unexported fields
}

Data is holds the signature and the callee of a source or sink.

func (*Data) GetSig 

func (t *Data) GetSig() string

func (*Data) IsInterface 

func (t *Data) IsInterface() bool

IsInterface returns true if t contains the signature of an interface and not of an concrete type

func (*Data) String 

func (t *Data) String() string

type ErrLeak 

type ErrLeak struct {
	Call ssa.CallCommon
	Args []ssa.Value
	Err  error
}

ErrInFlow is an error type which holds an information flow. It can be used to report flows from sources to sinks to the user.

func (ErrLeak) Error 

func (e ErrLeak) Error() (s string)

type Lattice 

type Lattice map[ssa.Value]Value

Lattice is data structure (map) which maps a ssa.Value to the abstract value. ssa.Value is an interface -> no pointer needed because it's already a pointer.

func NewLattice 

func NewLattice(len int) Lattice

NewLattice returns a new lattice with length len.

func (Lattice) BottomLattice 

func (l1 Lattice) BottomLattice() lattice.Latticer

BottomLattice sets for all elements of the lattice the value to empty.

func (Lattice) DeepCopy 

func (l1 Lattice) DeepCopy() lattice.Latticer

DeepCopy copies l1 and returns a new lattice.

func (Lattice) Equal 

func (l1 Lattice) Equal(l2 lattice.Latticer) (equal bool, err error)

Equal compares l1 against l2 on equality. Throws an error if l2 is not of type taint.Lattice.

func (Lattice) GetVal 

func (l1 Lattice) GetVal(key ssa.Value) lattice.Valuer

GetVal returns the value of key from the lattice. Empty will be returned if the key is not in the lattice. In such a case we set manually the value of these element to Empty.

func (Lattice) Greater 

func (l1 Lattice) Greater(l2 lattice.Latticer) (bool, error)

Greater computes: l1 > l2. Throws an error if t2 is not of type taint.Lattice.

func (Lattice) GreaterEqual 

func (l1 Lattice) GreaterEqual(l2 lattice.Latticer) (greatereq bool, err error)

GreaterEqual computes: l1 >= l2

func (Lattice) GreatestLowerBound 

func (l1 Lattice) GreatestLowerBound(l2 lattice.Latticer) (lattice.Latticer, error)

GreatestLowerBound computes the greatest lower bound of two lattices. In the current implementation an error (ErrOnlyTaintLatAcc) will be returned if l2 is not of type taint.Lattice The function supports all intances of Latticer which returns a lattice when called with getTaintLattice. TODO optimized version is in lub -> merge into one function with higher order funcitons

func (Lattice) LeastElement 

func (l1 Lattice) LeastElement() (lattice.Latticer, error)

LeastElement returns a Lattice in which each element of l1 is set to the lowest abstract value of Valuer being Empty

func (Lattice) LeastUpperBound 

func (l1 Lattice) LeastUpperBound(l2 lattice.Latticer) (lattice.Latticer, error)

LeastUpperBound creates the leastUpperBound of two Lattices. In the current implementation an error (ErrOnlyTaintLatAcc) will be returned if l2 is not of type taint.Lattice The function supports all intances of Latticer which returns a lattice when called with getTaintLattice.

func (Lattice) Less 

func (l1 Lattice) Less(l2 lattice.Latticer) (bool, error)

Less computes whether l1 is less than l2. Throws an error if l2 is not of type taint.Lattice.

func (Lattice) LessEqual 

func (l1 Lattice) LessEqual(l2 lattice.Latticer) (lesseq bool, err error)

LessEqual computes: l1 <= l2. Throws an error if t2 is not of type taint.Lattice.

func (Lattice) SetVal 

func (l1 Lattice) SetVal(key ssa.Value, value lattice.Valuer) error

SetVal sets the lattice value of key to value.

func (Lattice) String 

func (l1 Lattice) String() string

String returns a string representation of l1.

func (Lattice) TransferFunction 

func (l Lattice) TransferFunction(node ssa.Instruction, ptr *pointer.Result) transferFunction.PlainFF

TransferFunction handels a normal transfer of an instruction. Returns nil if an error occurs.

type LatticePointer 

type LatticePointer struct {
	// contains filtered or unexported fields
}

LatticePointer is an instance of Pter and extends Lattice with pointer information

func NewLatticePointer 

func NewLatticePointer(len int, m map[ssa.Value]pointer.Pointer) *LatticePointer

func (*LatticePointer) BottomLattice 

func (l1 *LatticePointer) BottomLattice() lattice.Latticer

func (*LatticePointer) DeepCopy 

func (l1 *LatticePointer) DeepCopy() lattice.Latticer

func (*LatticePointer) Equal 

func (l1 *LatticePointer) Equal(l2 lattice.Latticer) (bool, error)

func (*LatticePointer) GetLat 

func (l1 *LatticePointer) GetLat() lattice.Latticer

func (*LatticePointer) GetPtr 

func (l1 *LatticePointer) GetPtr(key ssa.Value) pointer.Pointer

func (*LatticePointer) GetPtrs 

func (l1 *LatticePointer) GetPtrs() map[ssa.Value]pointer.Pointer

func (*LatticePointer) GetSSAValMayAlias 

func (l1 *LatticePointer) GetSSAValMayAlias(v ssa.Value) []ssa.Value

func (*LatticePointer) GetVal 

func (l1 *LatticePointer) GetVal(key ssa.Value) lattice.Valuer

func (*LatticePointer) Greater 

func (l1 *LatticePointer) Greater(l2 lattice.Latticer) (bool, error)

func (*LatticePointer) GreaterEqual 

func (l1 *LatticePointer) GreaterEqual(l2 lattice.Latticer) (bool, error)

func (*LatticePointer) GreatestLowerBound 

func (l1 *LatticePointer) GreatestLowerBound(l2 lattice.Latticer) (lattice.Latticer, error)

func (*LatticePointer) LeastElement 

func (l1 *LatticePointer) LeastElement() (lattice.Latticer, error)

func (*LatticePointer) LeastUpperBound 

func (l1 *LatticePointer) LeastUpperBound(l2 lattice.Latticer) (lattice.Latticer, error)

func (*LatticePointer) Less 

func (l1 *LatticePointer) Less(l2 lattice.Latticer) (bool, error)

func (*LatticePointer) LessEqual 

func (l1 *LatticePointer) LessEqual(l2 lattice.Latticer) (bool, error)

func (*LatticePointer) SetPtr 

func (l1 *LatticePointer) SetPtr(key ssa.Value, ptr pointer.Pointer)

func (*LatticePointer) SetPtrs 

func (l1 *LatticePointer) SetPtrs(m map[ssa.Value]pointer.Pointer)

func (*LatticePointer) SetVal 

func (l1 *LatticePointer) SetVal(key ssa.Value, value lattice.Valuer) error

func (*LatticePointer) String 

func (l1 *LatticePointer) String() string

func (*LatticePointer) TransferFunction 

func (l1 *LatticePointer) TransferFunction(node ssa.Instruction, ptr *pointer.Result) transferFunction.PlainFF

type Value 

type Value int

Value represents a taint Value 

const (
	// Unitialized represents the lowest abstract value.
	Uninitialized Value = iota
	// Tainted represents a tainted abstract value.
	Tainted
	// Untainted represents an untainted abstract value.
	Untainted
	// Both represents the highest abstract value.
	Both
)

func LUPOverLabels 

func LUPOverLabels(ptstoset pointer.PointsToSet, l Lattice) (val Value, e error)

LUPOverLabels iterates through all labels of a pointsToSet and returns the result of the LUP.

func (Value) BottomElement 

func (tlv Value) BottomElement() lattice.Valuer

BottomElement returns the lowest element of the lattice.

func (Value) Equal 

func (tlv Value) Equal(lv lattice.Valuer) (bool, error)

Equal returns tlv == lv. Returns an error (ErrOnlyTaintValueAcc) if lv is not a taint.Value.

func (Value) Greater 

func (tlv Value) Greater(lv lattice.Valuer) (bool, error)

Greater returns tlv > lv. Returns an error if lv is not type taint.Value.

func (Value) GreaterEqual 

func (tlv Value) GreaterEqual(lv lattice.Valuer) (greatereq bool, err error)

GreaterEqual returns tlv >= lv. Returns an error if lv is not of type taint.Value.

func (Value) GreatestLowerBound 

func (tlv Value) GreatestLowerBound(lv lattice.Valuer) (lattice.Valuer, error)

GreatestLowerBound build the greatest lower bound of tlv and lv. Returns an error (ErrOnlyTaintValueAcc) if lv is not a taint.Value.

func (Value) LeastUpperBound 

func (tlv Value) LeastUpperBound(lv lattice.Valuer) (lattice.Valuer, error)

LeastUpperBound build the least upper bound of tlv and lv. Returns an error (ErrOnlyTaintLatAcc) if lv is not a taint.Value.

func (Value) Less 

func (tlv Value) Less(lv lattice.Valuer) (bool, error)

Less returns tlv < lv. Returns an error (ErrOnlyTaintValueAcc) if lv is not a taint.Value.

func (Value) LessEqual 

func (tlv Value) LessEqual(lv lattice.Valuer) (lesseq bool, err error)

LessEqual returns tlv <= lv. Returns an error (ErrOnlyTaintValueAcc) if lv is not a taint.Value.

func (Value) String 

func (tlv Value) String() string

String returns a string representation of tlv.

func (Value) TopElement 

func (tlv Value) TopElement() lattice.Valuer

TopElement returns the highest element of the lattice.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.