Search in sources :

Example 26 with Parameter

use of org.wso2.transport.http.netty.config.Parameter in project ballerina by ballerina-lang.

the class TaintAnalyzer method analyzeInvocation.

// Private methods relevant to invocation analysis.
private void analyzeInvocation(BLangInvocation invocationExpr) {
    BInvokableSymbol invokableSymbol = (BInvokableSymbol) invocationExpr.symbol;
    Map<Integer, TaintRecord> taintTable = invokableSymbol.taintTable;
    List<Boolean> returnTaintedStatus = new ArrayList<>();
    TaintRecord allParamsUntaintedRecord = taintTable.get(ALL_UNTAINTED_TABLE_ENTRY_INDEX);
    if (allParamsUntaintedRecord.taintError != null && allParamsUntaintedRecord.taintError.size() > 0) {
        // This can occur when there is a error regardless of tainted status of parameters.
        // Example: Tainted value returned by function is passed to another functions's sensitive parameter.
        addTaintError(allParamsUntaintedRecord.taintError);
    } else {
        returnTaintedStatus = new ArrayList<>(taintTable.get(ALL_UNTAINTED_TABLE_ENTRY_INDEX).retParamTaintedStatus);
    }
    if (invocationExpr.argExprs != null) {
        for (int argIndex = 0; argIndex < invocationExpr.argExprs.size(); argIndex++) {
            BLangExpression argExpr = invocationExpr.argExprs.get(argIndex);
            argExpr.accept(this);
            // return-tainted-status when the given argument is in tainted state.
            if (getObservedTaintedStatus()) {
                TaintRecord taintRecord = taintTable.get(argIndex);
                if (taintRecord == null) {
                    // This is when current parameter is "sensitive". Therefore, providing a tainted
                    // value to a sensitive parameter is invalid and should return a compiler error.
                    int requiredParamCount = invokableSymbol.params.size();
                    int defaultableParamCount = invokableSymbol.defaultableParams.size();
                    int totalParamCount = requiredParamCount + defaultableParamCount + (invokableSymbol.restParam == null ? 0 : 1);
                    BVarSymbol paramSymbol = getParamSymbol(invokableSymbol, argIndex, requiredParamCount, defaultableParamCount);
                    addTaintError(argExpr.pos, paramSymbol.name.value, DiagnosticCode.TAINTED_VALUE_PASSED_TO_SENSITIVE_PARAMETER);
                } else if (taintRecord.taintError != null && taintRecord.taintError.size() > 0) {
                    // This is when current parameter is derived to be sensitive. The error already generated
                    // during taint-table generation will be used.
                    addTaintError(taintRecord.taintError);
                } else {
                    // status of all returns to get accumulated tainted status of all returns for the invocation.
                    for (int returnIndex = 0; returnIndex < returnTaintedStatus.size(); returnIndex++) {
                        if (taintRecord.retParamTaintedStatus.get(returnIndex)) {
                            returnTaintedStatus.set(returnIndex, true);
                        }
                    }
                }
                if (stopAnalysis) {
                    break;
                }
            }
        }
    }
    if (invocationExpr.expr != null) {
        // When an invocation like stringValue.trim() happens, if stringValue is tainted, the result will
        // also be tainted.
        // TODO: TaintedIf annotation, so that it's possible to define what can taint or untaint the return.
        invocationExpr.expr.accept(this);
        for (int i = 0; i < returnTaintedStatus.size(); i++) {
            if (getObservedTaintedStatus()) {
                returnTaintedStatus.set(i, getObservedTaintedStatus());
            }
        }
    }
    taintedStatusList = returnTaintedStatus;
}
Also used : ArrayList(java.util.ArrayList) BInvokableSymbol(org.wso2.ballerinalang.compiler.semantics.model.symbols.BInvokableSymbol) TaintRecord(org.wso2.ballerinalang.compiler.semantics.model.symbols.TaintRecord) BLangExpression(org.wso2.ballerinalang.compiler.tree.expressions.BLangExpression) BLangEndpoint(org.wso2.ballerinalang.compiler.tree.BLangEndpoint) BVarSymbol(org.wso2.ballerinalang.compiler.semantics.model.symbols.BVarSymbol)

Example 27 with Parameter

use of org.wso2.transport.http.netty.config.Parameter in project ballerina by ballerina-lang.

the class TaintAnalyzer method visitInvokable.

private void visitInvokable(BLangInvokableNode invNode, SymbolEnv symbolEnv) {
    if (invNode.symbol.taintTable == null) {
        if (Symbols.isNative(invNode.symbol)) {
            attachTaintTableBasedOnAnnotations(invNode);
            return;
        }
        Map<Integer, TaintRecord> taintTable = new HashMap<>();
        returnTaintedStatusList = null;
        // Check the tainted status of return values when no parameter is tainted.
        analyzeAllParamsUntaintedReturnTaintedStatus(taintTable, invNode, symbolEnv);
        boolean isBlocked = processBlockedNode(invNode);
        if (isBlocked) {
            return;
        }
        int requiredParamCount = invNode.requiredParams.size();
        int defaultableParamCount = invNode.defaultableParams.size();
        int totalParamCount = requiredParamCount + defaultableParamCount + (invNode.restParam == null ? 0 : 1);
        for (int paramIndex = 0; paramIndex < totalParamCount; paramIndex++) {
            BLangVariable param = getParam(invNode, paramIndex, requiredParamCount, defaultableParamCount);
            // If parameter is sensitive, it is invalid to have a case where tainted status of parameter is true.
            if (hasAnnotation(param, ANNOTATION_SENSITIVE)) {
                continue;
            }
            returnTaintedStatusList = null;
            // Set each parameter "tainted", then analyze the body to observe the outcome of the function.
            analyzeReturnTaintedStatus(taintTable, invNode, symbolEnv, paramIndex, requiredParamCount, defaultableParamCount);
        }
        invNode.symbol.taintTable = taintTable;
    }
}
Also used : LinkedHashMap(java.util.LinkedHashMap) HashMap(java.util.HashMap) TaintRecord(org.wso2.ballerinalang.compiler.semantics.model.symbols.TaintRecord) BLangEndpoint(org.wso2.ballerinalang.compiler.tree.BLangEndpoint) BLangVariable(org.wso2.ballerinalang.compiler.tree.BLangVariable)

Example 28 with Parameter

use of org.wso2.transport.http.netty.config.Parameter in project ballerina by ballerina-lang.

the class TaintAnalyzer method analyzeReturnTaintedStatus.

private void analyzeReturnTaintedStatus(Map<Integer, TaintRecord> taintTable, BLangInvokableNode invokableNode, SymbolEnv symbolEnv, int paramIndex, int requiredParamCount, int defaultableParamCount) {
    resetTaintedStatusOfVariables(invokableNode.requiredParams);
    resetTaintedStatusOfVariableDef(invokableNode.defaultableParams);
    if (invokableNode.restParam != null) {
        resetTaintedStatusOfVariables(Arrays.asList(new BLangVariable[] { invokableNode.restParam }));
    }
    // Mark the given parameter "tainted".
    if (paramIndex != ALL_UNTAINTED_TABLE_ENTRY_INDEX) {
        if (paramIndex < requiredParamCount) {
            invokableNode.requiredParams.get(paramIndex).symbol.tainted = true;
        } else if (paramIndex < requiredParamCount + defaultableParamCount) {
            invokableNode.defaultableParams.get(paramIndex - requiredParamCount).var.symbol.tainted = true;
        } else {
            invokableNode.restParam.symbol.tainted = true;
        }
    }
    analyzeReturnTaintedStatus(invokableNode, symbolEnv);
    if (taintErrorSet.size() > 0) {
        // When invocation returns an error (due to passing a tainted argument to a sensitive parameter) add current
        // error to the table for future reference.
        taintTable.put(paramIndex, new TaintRecord(null, new ArrayList<>(taintErrorSet)));
        taintErrorSet.clear();
    } else if (this.blockedNode == null) {
        if (invokableNode.retParams.size() == 0) {
            returnTaintedStatusList = new ArrayList<>();
        } else {
            updatedReturnTaintedStatusBasedOnAnnotations(invokableNode.retParams);
        }
        taintTable.put(paramIndex, new TaintRecord(returnTaintedStatusList, null));
    }
}
Also used : ArrayList(java.util.ArrayList) TaintRecord(org.wso2.ballerinalang.compiler.semantics.model.symbols.TaintRecord) BLangVariable(org.wso2.ballerinalang.compiler.tree.BLangVariable)

Example 29 with Parameter

use of org.wso2.transport.http.netty.config.Parameter in project ballerina by ballerina-lang.

the class TaintAnalyzer method attachTaintTableBasedOnAnnotations.

private void attachTaintTableBasedOnAnnotations(BLangInvokableNode invokableNode) {
    if (invokableNode.symbol.taintTable == null) {
        // Extract tainted status of the function by lookint at annotations added to returns.
        List<Boolean> retParamsTaintedStatus = new ArrayList<>();
        for (BLangVariable retParam : invokableNode.retParams) {
            retParamsTaintedStatus.add(hasAnnotation(retParam, ANNOTATION_TAINTED));
        }
        // Append taint table with tainted status when no parameter is tainted.
        Map<Integer, TaintRecord> taintTable = new HashMap<>();
        taintTable.put(ALL_UNTAINTED_TABLE_ENTRY_INDEX, new TaintRecord(retParamsTaintedStatus, null));
        int requiredParamCount = invokableNode.requiredParams.size();
        int defaultableParamCount = invokableNode.defaultableParams.size();
        int totalParamCount = requiredParamCount + defaultableParamCount + (invokableNode.restParam == null ? 0 : 1);
        if (totalParamCount > 0) {
            // Append taint table with tainted status when each parameter is tainted.
            for (int paramIndex = 0; paramIndex < totalParamCount; paramIndex++) {
                BLangVariable param = getParam(invokableNode, paramIndex, requiredParamCount, defaultableParamCount);
                // If parameter is sensitive, test for this parameter being tainted is invalid.
                if (hasAnnotation(param, ANNOTATION_SENSITIVE)) {
                    continue;
                }
                taintTable.put(paramIndex, new TaintRecord(retParamsTaintedStatus, null));
            }
        }
        invokableNode.symbol.taintTable = taintTable;
    }
}
Also used : LinkedHashMap(java.util.LinkedHashMap) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) TaintRecord(org.wso2.ballerinalang.compiler.semantics.model.symbols.TaintRecord) BLangVariable(org.wso2.ballerinalang.compiler.tree.BLangVariable) BLangEndpoint(org.wso2.ballerinalang.compiler.tree.BLangEndpoint)

Example 30 with Parameter

use of org.wso2.transport.http.netty.config.Parameter in project ballerina by ballerina-lang.

the class CodeGenerator method createActionInfoEntry.

private void createActionInfoEntry(BLangAction actionNode, ConnectorInfo connectorInfo) {
    BInvokableSymbol actionSymbol = actionNode.symbol;
    BInvokableType actionType = (BInvokableType) actionSymbol.type;
    // Add action name as an UTFCPEntry to the constant pool
    int actionNameCPIndex = addUTF8CPEntry(currentPkgInfo, actionNode.name.value);
    ActionInfo actionInfo = new ActionInfo(currentPackageRefCPIndex, actionNameCPIndex);
    actionInfo.paramTypes = actionType.paramTypes.toArray(new BType[0]);
    actionInfo.retParamTypes = actionType.retTypes.toArray(new BType[0]);
    actionInfo.flags = actionSymbol.flags;
    // setParameterNames(actionNode, actionInfo);
    actionInfo.signatureCPIndex = addUTF8CPEntry(currentPkgInfo, generateFunctionSig(actionInfo.paramTypes, actionInfo.retParamTypes));
    // Add worker info
    this.addWorkerInfoEntries(actionInfo, actionNode.getWorkers());
    // Add parameter default value info
    addParameterDefaultValues(actionNode, actionInfo);
    // Add action info to the connector info
    connectorInfo.actionInfoMap.put(actionNode.name.getValue(), actionInfo);
}
Also used : BType(org.wso2.ballerinalang.compiler.semantics.model.types.BType) BInvokableSymbol(org.wso2.ballerinalang.compiler.semantics.model.symbols.BInvokableSymbol) ActionInfo(org.wso2.ballerinalang.programfile.ActionInfo) BInvokableType(org.wso2.ballerinalang.compiler.semantics.model.types.BInvokableType) BLangEndpoint(org.wso2.ballerinalang.compiler.tree.BLangEndpoint)

Aggregations

HashMap (java.util.HashMap)26 ArrayList (java.util.ArrayList)19 BLangEndpoint (org.wso2.ballerinalang.compiler.tree.BLangEndpoint)14 JSONDecoder (org.wso2.charon3.core.encoder.JSONDecoder)11 BadRequestException (org.wso2.charon3.core.exceptions.BadRequestException)11 CharonException (org.wso2.charon3.core.exceptions.CharonException)11 InternalErrorException (org.wso2.charon3.core.exceptions.InternalErrorException)11 NotFoundException (org.wso2.charon3.core.exceptions.NotFoundException)11 SCIMResponse (org.wso2.charon3.core.protocol.SCIMResponse)11 SCIMResourceTypeSchema (org.wso2.charon3.core.schema.SCIMResourceTypeSchema)11 Test (org.testng.annotations.Test)8 BInvokableSymbol (org.wso2.ballerinalang.compiler.semantics.model.symbols.BInvokableSymbol)8 BLangVariable (org.wso2.ballerinalang.compiler.tree.BLangVariable)8 JSONEncoder (org.wso2.charon3.core.encoder.JSONEncoder)8 List (java.util.List)7 BLangFunction (org.wso2.ballerinalang.compiler.tree.BLangFunction)7 ConstantExpressionExecutor (org.wso2.siddhi.core.executor.ConstantExpressionExecutor)7 SiddhiAppValidationException (org.wso2.siddhi.query.api.exception.SiddhiAppValidationException)7 Parameter (org.apache.axis2.description.Parameter)6 BInvokableType (org.wso2.ballerinalang.compiler.semantics.model.types.BInvokableType)6