diff --git a/src/lib/ACLAnalyzer.py b/src/lib/ACLAnalyzer.py
index 99283faa884903996c8df073a871fd024dbc19b4..a4d6c35fdcb1c9db5dfc64149c3cfa4cace3f0b8 100644
--- a/src/lib/ACLAnalyzer.py
+++ b/src/lib/ACLAnalyzer.py
@@ -3,6 +3,7 @@ from lib.ACReader import ACLData
from lib.utils import format_log,flatten_node
from tree_sitter import Node
from .CFGGenerator import CFGGenerator,CFG
+from sys import platform
class ACLAnalyzer():
def __init__(self,project:ProjectInfo,acl_info:ACLData) -> None:
self.project_info:ProjectInfo = project
@@ -81,6 +82,7 @@ class ACLAnalyzer():
# Format: [attribute,argument_list] | [identifier,argument_list]
child_list = flatten_node(node.children)
fun_name = ""
+ var_name = ""
for i in range(len(child_list)):
if child_list[i] in [':',',',]:
#TODO handle buat variabel
@@ -90,6 +92,7 @@ class ACLAnalyzer():
elif child_list[i] == '=':
# Simpan nama variabel di left hand side
#TODO simpan line
+ var_name = fun_name
var_list.append({'name':fun_name,'type':child_list[i+1]})
fun_name = ""
elif child_list[i]=='==':
@@ -116,15 +119,18 @@ class ACLAnalyzer():
acl_result = None
if is_route:
acl_result = self.check_acl_list(route,function_name)
- else:
- var_name = ""
- acl_result = self.acl_info.acl_context[var_name]
if acl_result!=None:
# Ada pengecekan
principal_list = list(set(principal_list) & set(acl_result))
fun_name = ""
else:
fun_name += child_list[i]
+ if var_name:
+ try:
+ acl_result = self.acl_info.acl_context[var_name]
+ var_name = ""
+ except KeyError:
+ pass
elif node.type=='comparison_operator':
kinder = node.children
var_list = ""
@@ -471,7 +477,8 @@ class ACLAnalyzer():
if dependency[0 ]> route_position:
break
dependency_parts = dependency[1]['original'] # Module name
- if dependency_parts not in acl_class.location.replace("\\","."):
+ replacement = "\\" if platform.startswith("win") else "/"
+ if dependency_parts not in acl_class.location.replace(replacement,"."):
# Modul nya salah
continue
# Yang diimport class nya
diff --git a/src/lib/ACReader.py b/src/lib/ACReader.py
index 337473bcec21753d157d81dc09f72dacc14d8713..5cc45e7f79ffc15f20d73e9d66212862787ed3ae 100644
--- a/src/lib/ACReader.py
+++ b/src/lib/ACReader.py
@@ -48,7 +48,16 @@ class ACReader():
if len(route)!=2:
# Harus dalam format route:principal
raise ValueError("Invalid ACL Data")
- route_acl[route[0]] = route[1].split(",")
+ # kasus ada penanda seluruh principal boleh (*)
+ is_all = False
+ for p in route[1]:
+ if "*" in p:
+ is_all = True
+ break
+ if is_all:
+ route_acl[route[0]] = [principal for principal in principal_list]
+ else:
+ route_acl[route[0]] = route[1].split(",")
elif line_type=='detail':
# Parse detail
processed_line = line.strip().replace(" ","")
diff --git a/src/lib/CFGGenerator.py b/src/lib/CFGGenerator.py
index 1700bed48024419475fa9fc80f290fd30180e849..21f11b94725c295ac36de10ef4f753871d24807d 100644
--- a/src/lib/CFGGenerator.py
+++ b/src/lib/CFGGenerator.py
@@ -136,17 +136,27 @@ class CFG():
# Ada percabangan
# cari block node
self.cursor.goto_first_child()
- while self.cursor.node.type != 'block':
+ while self.cursor.node.type!='block':
self.cursor.goto_next_sibling()
node = self.cursor.node
# simpan branch berikutnya
+ # self.cursor.goto_parent()
+ # while has_sibling and self.cursor.node.type not in ['elif_clause','else_clause']:
+ # has_sibling = self.cursor.goto_next_sibling()
has_sibling = True
+ # while not has_sibling:
while has_sibling and self.cursor.node.type not in ['elif_clause','else_clause']:
has_sibling = self.cursor.goto_next_sibling()
if(not has_sibling):
tmp_ptr = self.cursor.copy()
- self.cursor.goto_parent()
- self.cursor.goto_next_sibling()
+ # self.cursor.goto_parent()
+ # self.cursor.goto_next_sibling()
+ while not has_sibling:
+ prev_node = self.cursor.node
+ self.cursor.goto_parent()
+ has_sibling = self.cursor.goto_next_sibling()
+ if CFG.is_node_equal(prev_node,self.cursor.node):
+ break
self.next_branch = self.cursor.copy()
self.cursor.reset_to(tmp_ptr)
else:
diff --git a/src/lib/FileReader.py b/src/lib/FileReader.py
index a216f1c52cd76f21201232f1e90416f89066c984..cbd8445b646f9ae0f625485b8c55b9fa53c45c80 100644
--- a/src/lib/FileReader.py
+++ b/src/lib/FileReader.py
@@ -129,7 +129,8 @@ class FileReader:
project_info.route_class.append(ElementContext(lines[i].strip().split(" ")[1],'function',file,additional_context))
else:
# Dapatkan konteks berupa cfg setiap kelas
- project_info.route_class.append(ElementContext(".".join(file.split("\\")[-1].split(".")[:-1]),'module',file,additional_context))
+ replacement = "\\" if platform.startswith("win") else "/"
+ project_info.route_class.append(ElementContext(".".join(file.split(replacement)[-1].split(".")[:-1]),'module',file,additional_context))
# Generate CFG jika ini rute
project_info.route_class[-1].set_cfg(self.cfg_generator.generate(project_info.route_class[-1]))
# Cek jika ini fungsi dalam kelas
@@ -153,11 +154,8 @@ class FileReader:
for root, dirs, files in os.walk(self.project_path):
for file in files:
if(self.is_source_code_supported(file)):
- if platform.startswith("win"):
- # Windows use \ to separate
- file_list.append(f"{root}\\{file}")
- else:
- file_list.append(f"{root}/{file}")
+ separator = "\\" if platform.startswith("win") else "/"
+ file_list.append(f"{root}{separator}{file}")
return file_list
def is_source_code_supported(self,filename:str)->bool:
diff --git a/src/lib/RouteSanitizationAnalyzer.py b/src/lib/RouteSanitizationAnalyzer.py
index 7ed809b6e9edd8bd4bc789b361bd1bcb20395eff..ff7abf2cb40b631b9c33b62b43ea3224ce9a8f7d 100644
--- a/src/lib/RouteSanitizationAnalyzer.py
+++ b/src/lib/RouteSanitizationAnalyzer.py
@@ -3,7 +3,7 @@ from lib.custom_class import ElementContext
from lib.utils import format_log,flatten_node
from .CFGGenerator import CFG
from tree_sitter import Node
-import copy
+from sys import platform
class RouteSanitizationAnalyzer():
def set_project(self,project_info:ProjectInfo):
self.project_info = project_info
@@ -299,7 +299,7 @@ class RouteSanitizationAnalyzer():
return unsanitized_methods
def is_in_acl_list(self,route:ElementContext,name:str,ctx:list[str]=[]):
- # Format name: fun atau self.fun
+ # Format name: fun atau self.fun
for acl_class in self.project_info.acl_class:
acl_class.cfg.reset()
if(acl_class.type=='library' and acl_class.location==route.location):
@@ -361,7 +361,8 @@ class RouteSanitizationAnalyzer():
if dependency[0 ]> route_position:
break
dependency_parts = dependency[1]['original'] # Module name
- if dependency_parts not in acl_class.location.replace("\\","."):
+ replacement = "\\" if platform.startswith("win") else "/"
+ if dependency_parts not in acl_class.location.replace(replacement,"."):
# Modul nya salah
continue
# Yang diimport class nya
diff --git a/todo.txt b/todo.txt
index 6597ed1b6bed45946024728a807731fd3f8281fc..c0463346f54785693a21139c14ce8defccb5b164 100644
--- a/todo.txt
+++ b/todo.txt
@@ -36,4 +36,6 @@ routes -> routes
nocheck -> nocheck
acl -> acl
- routes dalam routes (module -> function)
-- handle remaining duplicate annotation
\ No newline at end of file
+- handle remaining duplicate annotation
+
+TODO: handle path berspasi