diff --git a/src/lib/ACLAnalyzer.py b/src/lib/ACLAnalyzer.py
index 45a7b47551bc1145d87d7683f06204d873c677d1..2b80e14f981c4d9436c45b6b7ff53c2d11697895 100644
--- a/src/lib/ACLAnalyzer.py
+++ b/src/lib/ACLAnalyzer.py
@@ -3,6 +3,7 @@ from lib.ACReader import ACLData
from lib.utils import format_log,flatten_node
from tree_sitter import Node
from .CFGGenerator import CFGGenerator,CFG
+from sys import platform
class ACLAnalyzer():
def __init__(self,project:ProjectInfo,acl_info:ACLData) -> None:
self.project_info:ProjectInfo = project
@@ -75,12 +76,15 @@ class ACLAnalyzer():
# Gak ada dekorator/dekorator gak cocok
# Traverse fungsinya
while node:
+ print(node)
# Cek detail untuk beberapa tipe node
if node.type in ['call','assignment']:
# Cek call method
# Format: [attribute,argument_list] | [identifier,argument_list]
child_list = flatten_node(node.children)
fun_name = ""
+ print(child_list)
+ var_name = ""
for i in range(len(child_list)):
if child_list[i] in [':',',',]:
#TODO handle buat variabel
@@ -90,6 +94,7 @@ class ACLAnalyzer():
elif child_list[i] == '=':
# Simpan nama variabel di left hand side
#TODO simpan line
+ var_name = fun_name
var_list.append({'name':fun_name,'type':child_list[i+1]})
fun_name = ""
elif child_list[i]=='==':
@@ -115,16 +120,21 @@ class ACLAnalyzer():
# Cek
acl_result = None
if is_route:
+ print("masuk")
acl_result = self.check_acl_list(route,function_name)
- else:
- var_name = ""
- acl_result = self.acl_info.acl_context[var_name]
if acl_result!=None:
# Ada pengecekan
principal_list = list(set(principal_list) & set(acl_result))
fun_name = ""
else:
fun_name += child_list[i]
+ if var_name:
+ print("as")
+ try:
+ acl_result = self.acl_info.acl_context[var_name]
+ var_name = ""
+ except KeyError:
+ pass
elif node.type=='comparison_operator':
kinder = node.children
var_list = ""
@@ -405,6 +415,7 @@ class ACLAnalyzer():
def check_acl_list(self,route:ElementContext,name:str,ctx:list[str]=[])->list[str]|None:
#TODO handle variabel dan kelas dan import
# Format name: fun atau self.fun
+ print("kesini")
acl_list = (role for role in self.acl_info.principal_list)
for acl_class in self.project_info.acl_class:
acl_class.cfg.reset()
@@ -471,7 +482,8 @@ class ACLAnalyzer():
if dependency[0 ]> route_position:
break
dependency_parts = dependency[1]['original'] # Module name
- if dependency_parts not in acl_class.location.replace("\\","."):
+ replacement = "\\" if platform.startswith("win") else "/"
+ if dependency_parts not in acl_class.location.replace(replacement,"."):
# Modul nya salah
continue
# Yang diimport class nya
diff --git a/src/lib/CFGGenerator.py b/src/lib/CFGGenerator.py
index fab1397435f81d704f6e8a040fc94e1d8c23fe39..5fe85a347086407937dacc0d0057d62a4ae78314 100644
--- a/src/lib/CFGGenerator.py
+++ b/src/lib/CFGGenerator.py
@@ -172,21 +172,39 @@ class CFG():
# Ada percabangan
# cari block node
self.cursor.goto_first_child()
- while self.cursor.node.type != 'block':
+ while self.cursor.node.type!='block':
self.cursor.goto_next_sibling()
node = self.cursor.node
# simpan branch berikutnya
+ # self.cursor.goto_parent()
+ # print(self.cursor.node,self.cursor.node.children)
+ # print("ASS",self.cursor.node.parent.children)
+ # while has_sibling and self.cursor.node.type not in ['elif_clause','else_clause']:
+ # has_sibling = self.cursor.goto_next_sibling()
has_sibling = True
+ # while not has_sibling:
while has_sibling and self.cursor.node.type not in ['elif_clause','else_clause']:
has_sibling = self.cursor.goto_next_sibling()
if(not has_sibling):
tmp_ptr = self.cursor.copy()
+ # print("original",self.cursor.node)
self.cursor.goto_parent()
+ # print("next",self.cursor.node)
self.cursor.goto_next_sibling()
+ # print("nexr2",self.cursor.node)
+ # print(starting_node)
+ # while not has_sibling:
+ # prev_node = self.cursor.node
+ # self.cursor.goto_parent()
+ # has_sibling = self.cursor.goto_next_sibling()
+ # if CFG.is_node_equal(prev_node,self.cursor.node):
+ # break
self.next_branch = self.cursor.copy()
self.cursor.reset_to(tmp_ptr)
else:
self.next_branch = self.cursor.copy()
+ print("A",node,node.text)
+ print("B",self.next_branch.node)
return node
elif(self.cursor.node.type=='elif_clause'):
# Ada percabangan
diff --git a/src/lib/FileReader.py b/src/lib/FileReader.py
index a216f1c52cd76f21201232f1e90416f89066c984..cbd8445b646f9ae0f625485b8c55b9fa53c45c80 100644
--- a/src/lib/FileReader.py
+++ b/src/lib/FileReader.py
@@ -129,7 +129,8 @@ class FileReader:
project_info.route_class.append(ElementContext(lines[i].strip().split(" ")[1],'function',file,additional_context))
else:
# Dapatkan konteks berupa cfg setiap kelas
- project_info.route_class.append(ElementContext(".".join(file.split("\\")[-1].split(".")[:-1]),'module',file,additional_context))
+ replacement = "\\" if platform.startswith("win") else "/"
+ project_info.route_class.append(ElementContext(".".join(file.split(replacement)[-1].split(".")[:-1]),'module',file,additional_context))
# Generate CFG jika ini rute
project_info.route_class[-1].set_cfg(self.cfg_generator.generate(project_info.route_class[-1]))
# Cek jika ini fungsi dalam kelas
@@ -153,11 +154,8 @@ class FileReader:
for root, dirs, files in os.walk(self.project_path):
for file in files:
if(self.is_source_code_supported(file)):
- if platform.startswith("win"):
- # Windows use \ to separate
- file_list.append(f"{root}\\{file}")
- else:
- file_list.append(f"{root}/{file}")
+ separator = "\\" if platform.startswith("win") else "/"
+ file_list.append(f"{root}{separator}{file}")
return file_list
def is_source_code_supported(self,filename:str)->bool:
diff --git a/src/lib/MainMenu.py b/src/lib/MainMenu.py
index ebc991c3114420f7239c85c713c83efd1f121e58..d64ff759175009de96976e2b50a8398560c4e507 100644
--- a/src/lib/MainMenu.py
+++ b/src/lib/MainMenu.py
@@ -34,9 +34,11 @@ class MainMenu():
# Baca file ACL
try:
self.acl_data = ACReader(self.acl_path).read()
+ print(self.acl_data)
format_log("ACL data acquired.")
self.project_ctx = FileReader(self.project_path).analyze_project()
format_log("ACL and routes context gathered...")
+ print(self.project_ctx)
except FileNotFoundError:
format_log("File not found. Exiting...",status='error')
else:
diff --git a/src/lib/RouteSanitizationAnalyzer.py b/src/lib/RouteSanitizationAnalyzer.py
index 6271a4ba7d94ab687fd229b5dd890c73770a1df0..cab5b5191b461f5eec5623f4aa57a849b00ba764 100644
--- a/src/lib/RouteSanitizationAnalyzer.py
+++ b/src/lib/RouteSanitizationAnalyzer.py
@@ -3,7 +3,7 @@ from lib.custom_class import ElementContext
from lib.utils import format_log,flatten_node
from .CFGGenerator import CFG
from tree_sitter import Node
-import copy
+from sys import platform
class RouteSanitizationAnalyzer():
def set_project(self,project_info:ProjectInfo):
self.project_info = project_info
@@ -71,6 +71,7 @@ class RouteSanitizationAnalyzer():
# Gak ada dekorator/dekorator gak cocok
# Traverse fungsinya
while node:
+ print(node)
# Cek detail untuk beberapa tipe node
if node.type in ['call','assignment']:
# Cek call method
@@ -237,6 +238,7 @@ class RouteSanitizationAnalyzer():
components += flatten_node(child.children)
# Cek tiap componentnya
fun_name = ""
+ print("COMP",components)
for i in range(len(components)):
if components[i] in ['and','or','not']:
continue
@@ -262,6 +264,7 @@ class RouteSanitizationAnalyzer():
else:
function_name = ".".join(parts)
# Cek
+ print(function_name)
if function_name and self.is_in_acl_list(route,function_name,components[i+1:]):
return True
fun_name = ""
@@ -272,6 +275,7 @@ class RouteSanitizationAnalyzer():
# Tambahkan nama fungsinya
fun_name += components[i]
node = route.cfg.traverse()
+ print("noda",node)
return False
def analyze_module(self,route:ElementContext)->list[str]:
@@ -299,7 +303,7 @@ class RouteSanitizationAnalyzer():
return unsanitized_methods
def is_in_acl_list(self,route:ElementContext,name:str,ctx:list[str]=[]):
- # Format name: fun atau self.fun
+ # Format name: fun atau self.fun
for acl_class in self.project_info.acl_class:
acl_class.cfg.reset()
if(acl_class.type=='library' and acl_class.location==route.location):
@@ -361,7 +365,8 @@ class RouteSanitizationAnalyzer():
if dependency[0 ]> route_position:
break
dependency_parts = dependency[1]['original'] # Module name
- if dependency_parts not in acl_class.location.replace("\\","."):
+ replacement = "\\" if platform.startswith("win") else "/"
+ if dependency_parts not in acl_class.location.replace(replacement,"."):
# Modul nya salah
continue
# Yang diimport class nya
diff --git a/todo.txt b/todo.txt
index 6597ed1b6bed45946024728a807731fd3f8281fc..c0463346f54785693a21139c14ce8defccb5b164 100644
--- a/todo.txt
+++ b/todo.txt
@@ -36,4 +36,6 @@ routes -> routes
nocheck -> nocheck
acl -> acl
- routes dalam routes (module -> function)
-- handle remaining duplicate annotation
\ No newline at end of file
+- handle remaining duplicate annotation
+
+TODO: handle path berspasi