Example 46 with Function
use of org.wso2.carbon.apimgt.core.models.Function in project ballerina by ballerina-lang.
the class SymbolEnter method validateFunctionsAttachedToObject.
private void validateFunctionsAttachedToObject(BLangFunction funcNode, BInvokableSymbol funcSymbol, SymbolEnv invokableEnv) {
BInvokableType funcType = (BInvokableType) funcSymbol.type;
BStructSymbol objectSymbol = (BStructSymbol) funcNode.receiver.type.tsymbol;
BSymbol symbol = symResolver.lookupMemberSymbol(funcNode.receiver.pos, objectSymbol.scope, invokableEnv, names.fromIdNode(funcNode.name), SymTag.VARIABLE);
if (symbol != symTable.notFoundSymbol) {
dlog.error(funcNode.pos, DiagnosticCode.STRUCT_FIELD_AND_FUNC_WITH_SAME_NAME, funcNode.name.value, funcNode.receiver.type.toString());
return;
}
BAttachedFunction attachedFunc = new BAttachedFunction(names.fromIdNode(funcNode.name), funcSymbol, funcType);
objectSymbol.attachedFuncs.add(attachedFunc);
// Check whether this attached function is a object initializer.
if (!Names.OBJECT_INIT_SUFFIX.value.equals(funcNode.name.value)) {
// Not a object initializer.
return;
}
if (!funcNode.retParams.isEmpty()) {
// TODO change message
dlog.error(funcNode.pos, DiagnosticCode.INVALID_STRUCT_INITIALIZER_FUNCTION, funcNode.name.value, funcNode.receiver.type.toString());
}
objectSymbol.initializerFunc = attachedFunc;
}
Also used :
BAttachedFunction(org.wso2.ballerinalang.compiler.semantics.model.symbols.BStructSymbol.BAttachedFunction)
BSymbol(org.wso2.ballerinalang.compiler.semantics.model.symbols.BSymbol)
BInvokableType(org.wso2.ballerinalang.compiler.semantics.model.types.BInvokableType)
BStructSymbol(org.wso2.ballerinalang.compiler.semantics.model.symbols.BStructSymbol)
Example 47 with Function
use of org.wso2.carbon.apimgt.core.models.Function in project ballerina by ballerina-lang.
the class TaintAnalyzer method analyzeInvocation.
// Private methods relevant to invocation analysis.
private void analyzeInvocation(BLangInvocation invocationExpr) {
BInvokableSymbol invokableSymbol = (BInvokableSymbol) invocationExpr.symbol;
Map<Integer, TaintRecord> taintTable = invokableSymbol.taintTable;
List<Boolean> returnTaintedStatus = new ArrayList<>();
TaintRecord allParamsUntaintedRecord = taintTable.get(ALL_UNTAINTED_TABLE_ENTRY_INDEX);
if (allParamsUntaintedRecord.taintError != null && allParamsUntaintedRecord.taintError.size() > 0) {
// This can occur when there is a error regardless of tainted status of parameters.
// Example: Tainted value returned by function is passed to another functions's sensitive parameter.
addTaintError(allParamsUntaintedRecord.taintError);
} else {
returnTaintedStatus = new ArrayList<>(taintTable.get(ALL_UNTAINTED_TABLE_ENTRY_INDEX).retParamTaintedStatus);
}
if (invocationExpr.argExprs != null) {
for (int argIndex = 0; argIndex < invocationExpr.argExprs.size(); argIndex++) {
BLangExpression argExpr = invocationExpr.argExprs.get(argIndex);
argExpr.accept(this);
// return-tainted-status when the given argument is in tainted state.
if (getObservedTaintedStatus()) {
TaintRecord taintRecord = taintTable.get(argIndex);
if (taintRecord == null) {
// This is when current parameter is "sensitive". Therefore, providing a tainted
// value to a sensitive parameter is invalid and should return a compiler error.
int requiredParamCount = invokableSymbol.params.size();
int defaultableParamCount = invokableSymbol.defaultableParams.size();
int totalParamCount = requiredParamCount + defaultableParamCount + (invokableSymbol.restParam == null ? 0 : 1);
BVarSymbol paramSymbol = getParamSymbol(invokableSymbol, argIndex, requiredParamCount, defaultableParamCount);
addTaintError(argExpr.pos, paramSymbol.name.value, DiagnosticCode.TAINTED_VALUE_PASSED_TO_SENSITIVE_PARAMETER);
} else if (taintRecord.taintError != null && taintRecord.taintError.size() > 0) {
// This is when current parameter is derived to be sensitive. The error already generated
// during taint-table generation will be used.
addTaintError(taintRecord.taintError);
} else {
// status of all returns to get accumulated tainted status of all returns for the invocation.
for (int returnIndex = 0; returnIndex < returnTaintedStatus.size(); returnIndex++) {
if (taintRecord.retParamTaintedStatus.get(returnIndex)) {
returnTaintedStatus.set(returnIndex, true);
}
}
}
if (stopAnalysis) {
break;
}
}
}
}
if (invocationExpr.expr != null) {
// When an invocation like stringValue.trim() happens, if stringValue is tainted, the result will
// also be tainted.
// TODO: TaintedIf annotation, so that it's possible to define what can taint or untaint the return.
invocationExpr.expr.accept(this);
for (int i = 0; i < returnTaintedStatus.size(); i++) {
if (getObservedTaintedStatus()) {
returnTaintedStatus.set(i, getObservedTaintedStatus());
}
}
}
taintedStatusList = returnTaintedStatus;
}
Also used :
ArrayList(java.util.ArrayList)
BInvokableSymbol(org.wso2.ballerinalang.compiler.semantics.model.symbols.BInvokableSymbol)
TaintRecord(org.wso2.ballerinalang.compiler.semantics.model.symbols.TaintRecord)
BLangExpression(org.wso2.ballerinalang.compiler.tree.expressions.BLangExpression)
BLangEndpoint(org.wso2.ballerinalang.compiler.tree.BLangEndpoint)
BVarSymbol(org.wso2.ballerinalang.compiler.semantics.model.symbols.BVarSymbol)
Example 48 with Function
use of org.wso2.carbon.apimgt.core.models.Function in project ballerina by ballerina-lang.
the class TaintAnalyzer method visitInvokable.
private void visitInvokable(BLangInvokableNode invNode, SymbolEnv symbolEnv) {
if (invNode.symbol.taintTable == null) {
if (Symbols.isNative(invNode.symbol)) {
attachTaintTableBasedOnAnnotations(invNode);
return;
}
Map<Integer, TaintRecord> taintTable = new HashMap<>();
returnTaintedStatusList = null;
// Check the tainted status of return values when no parameter is tainted.
analyzeAllParamsUntaintedReturnTaintedStatus(taintTable, invNode, symbolEnv);
boolean isBlocked = processBlockedNode(invNode);
if (isBlocked) {
return;
}
int requiredParamCount = invNode.requiredParams.size();
int defaultableParamCount = invNode.defaultableParams.size();
int totalParamCount = requiredParamCount + defaultableParamCount + (invNode.restParam == null ? 0 : 1);
for (int paramIndex = 0; paramIndex < totalParamCount; paramIndex++) {
BLangVariable param = getParam(invNode, paramIndex, requiredParamCount, defaultableParamCount);
// If parameter is sensitive, it is invalid to have a case where tainted status of parameter is true.
if (hasAnnotation(param, ANNOTATION_SENSITIVE)) {
continue;
}
returnTaintedStatusList = null;
// Set each parameter "tainted", then analyze the body to observe the outcome of the function.
analyzeReturnTaintedStatus(taintTable, invNode, symbolEnv, paramIndex, requiredParamCount, defaultableParamCount);
}
invNode.symbol.taintTable = taintTable;
}
}
Also used :
LinkedHashMap(java.util.LinkedHashMap)
HashMap(java.util.HashMap)
TaintRecord(org.wso2.ballerinalang.compiler.semantics.model.symbols.TaintRecord)
BLangEndpoint(org.wso2.ballerinalang.compiler.tree.BLangEndpoint)
BLangVariable(org.wso2.ballerinalang.compiler.tree.BLangVariable)
Example 49 with Function
use of org.wso2.carbon.apimgt.core.models.Function in project ballerina by ballerina-lang.
the class TaintAnalyzer method analyzeLambdaExpressions.
private void analyzeLambdaExpressions(BLangInvocation invocationExpr, BLangExpression argExpr) {
BLangFunction function = ((BLangLambdaFunction) argExpr).function;
if (function.symbol.taintTable == null) {
addToBlockedList(invocationExpr);
} else {
int requiredParamCount = function.requiredParams.size();
int defaultableParamCount = function.defaultableParams.size();
int totalParamCount = requiredParamCount + defaultableParamCount + (function.restParam == null ? 0 : 1);
Map<Integer, TaintRecord> taintTable = function.symbol.taintTable;
for (int paramIndex = 0; paramIndex < totalParamCount; paramIndex++) {
TaintRecord taintRecord = taintTable.get(paramIndex);
BLangVariable param = getParam(function, paramIndex, requiredParamCount, defaultableParamCount);
if (taintRecord == null) {
addTaintError(argExpr.pos, param.name.value, DiagnosticCode.TAINTED_VALUE_PASSED_TO_SENSITIVE_PARAMETER);
} else if (taintRecord.taintError != null && taintRecord.taintError.size() > 0) {
addTaintError(taintRecord.taintError);
}
if (stopAnalysis) {
break;
}
}
}
}
Also used :
BLangFunction(org.wso2.ballerinalang.compiler.tree.BLangFunction)
BLangLambdaFunction(org.wso2.ballerinalang.compiler.tree.expressions.BLangLambdaFunction)
TaintRecord(org.wso2.ballerinalang.compiler.semantics.model.symbols.TaintRecord)
BLangEndpoint(org.wso2.ballerinalang.compiler.tree.BLangEndpoint)
BLangVariable(org.wso2.ballerinalang.compiler.tree.BLangVariable)
Example 50 with Function
use of org.wso2.carbon.apimgt.core.models.Function in project ballerina by ballerina-lang.
the class TaintAnalyzer method attachTaintTableBasedOnAnnotations.
private void attachTaintTableBasedOnAnnotations(BLangInvokableNode invokableNode) {
if (invokableNode.symbol.taintTable == null) {
// Extract tainted status of the function by lookint at annotations added to returns.
List<Boolean> retParamsTaintedStatus = new ArrayList<>();
for (BLangVariable retParam : invokableNode.retParams) {
retParamsTaintedStatus.add(hasAnnotation(retParam, ANNOTATION_TAINTED));
}
// Append taint table with tainted status when no parameter is tainted.
Map<Integer, TaintRecord> taintTable = new HashMap<>();
taintTable.put(ALL_UNTAINTED_TABLE_ENTRY_INDEX, new TaintRecord(retParamsTaintedStatus, null));
int requiredParamCount = invokableNode.requiredParams.size();
int defaultableParamCount = invokableNode.defaultableParams.size();
int totalParamCount = requiredParamCount + defaultableParamCount + (invokableNode.restParam == null ? 0 : 1);
if (totalParamCount > 0) {
// Append taint table with tainted status when each parameter is tainted.
for (int paramIndex = 0; paramIndex < totalParamCount; paramIndex++) {
BLangVariable param = getParam(invokableNode, paramIndex, requiredParamCount, defaultableParamCount);
// If parameter is sensitive, test for this parameter being tainted is invalid.
if (hasAnnotation(param, ANNOTATION_SENSITIVE)) {
continue;
}
taintTable.put(paramIndex, new TaintRecord(retParamsTaintedStatus, null));
}
}
invokableNode.symbol.taintTable = taintTable;
}
}
Also used :
LinkedHashMap(java.util.LinkedHashMap)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
TaintRecord(org.wso2.ballerinalang.compiler.semantics.model.symbols.TaintRecord)
BLangVariable(org.wso2.ballerinalang.compiler.tree.BLangVariable)
BLangEndpoint(org.wso2.ballerinalang.compiler.tree.BLangEndpoint)
Aggregations
Test (org.testng.annotations.Test)94
HTTPCarbonMessage (org.wso2.transport.http.netty.message.HTTPCarbonMessage)49
HTTPTestRequest (org.ballerinalang.test.services.testutils.HTTPTestRequest)44
HttpMessageDataStreamer (org.wso2.transport.http.netty.message.HttpMessageDataStreamer)39
ArrayList (java.util.ArrayList)37
BLangFunction (org.wso2.ballerinalang.compiler.tree.BLangFunction)35
BString (org.ballerinalang.model.values.BString)30
BLangPackage (org.wso2.ballerinalang.compiler.tree.BLangPackage)29
BLangEndpoint (org.wso2.ballerinalang.compiler.tree.BLangEndpoint)26
BLangVariable (org.wso2.ballerinalang.compiler.tree.BLangVariable)25
BInvokableSymbol (org.wso2.ballerinalang.compiler.semantics.model.symbols.BInvokableSymbol)20
BSymbol (org.wso2.ballerinalang.compiler.semantics.model.symbols.BSymbol)20
BJSON (org.ballerinalang.model.values.BJSON)19
BLangExpression (org.wso2.ballerinalang.compiler.tree.expressions.BLangExpression)19
List (java.util.List)18
BType (org.wso2.ballerinalang.compiler.semantics.model.types.BType)18
BLangStruct (org.wso2.ballerinalang.compiler.tree.BLangStruct)16
BStructSymbol (org.wso2.ballerinalang.compiler.semantics.model.symbols.BStructSymbol)15
BPackageSymbol (org.wso2.ballerinalang.compiler.semantics.model.symbols.BPackageSymbol)14
BLangSimpleVarRef (org.wso2.ballerinalang.compiler.tree.expressions.BLangSimpleVarRef)14
