package proto
Get desktop application:
View/edit binary Protocol Buffers messages
message
ast.proto:212Used in:
repeated apis = 1
List the APIs as a list of pre-defined ast nodes
bool save_feature = 2
Save generic feature result
string smt_formula = 3
SMT formula of node ids, interpretable by Z3, allow flexible constraints on the ast nodes https://rise4fun.com/z3/tutorialcontent/sequences
bool smt_satisfied = 4
The satisfiability evaluation result, filled after evaluation. True means we will investigate further on this package.
bool func_only = 5
Allow any base_type and match only function name. This is a temporary to dynamic types in scripting languages.
message
ast.proto:114Used in: ,
AstNode.NodeType type = 1
string name = 2
string full_name = 3
string base_type = 4
string module = 5
The module name used to include the base class/type
string value = 6
The right value if current ast node is an assign expression
string definition = 7
The definition if current ast node is class/function definition
repeated arg_nodes = 8
* The arg nodes used for matching APIs, id indicates their index, name/value can be set. (1) If value is specified, the parent node should be kept only if the value matches. (2) If only value/index is specified, the specified args are sinks in taint analysis.
repeated string arguments = 9
The value of arguments if current ast node is function calls
string source = 10
All the statements related to current ast node
optional range = 11
Collect the range/locations of the node
int32 id = 12
Map each AstNode to a unique number, and allow flexible constraints expressed in SMT.
Functionality functionality = 13
Each API should either be source, sink or danger. Note: danger APIs are mostly sinks, e.g. rmdir.
oneof accurate_functionality
Record the accurate functionality for APIs.
SourceType source_type = 14
SinkType sink_type = 15
DangerType danger_type = 16
PropagateType propagate_type = 17
repeated child_nodes = 18
Record children of the current node
bool instantiatable = 19
Whether the base_type can be instantiated or not. This can be used in func_only mode to improve API matching.
Used in:
UNKNOWN = 0
common types
FUNCTION_DECL = 1
declarations
VARIABLE_DECL = 2
CLASS_DECL = 3
FUNCTION_DECL_REF_EXPR = 11
references
VARIABLE_DECL_REF_EXPR = 12
CLASS_DECL_REF_EXPR = 13
PY_FUNCTION_DEF = 101
* Python node types https://docs.python.org/2/library/ast.html https://docs.python.org/3/library/ast.html https://github.com/python-security/pyt/blob/master/pyt/core/node_types.py
JS_ASSIGNMENT_EXPRESSION = 201
* JavaScript node types https://github.com/Kronuz/esprima-python/blob/master/esprima/syntax.py
RB_REGULAR_NODE = 301
* Ruby node types https://github.com/whitequark/parser/blob/master/lib/parser/ruby26.y https://github.com/whitequark/parser/blob/master/lib/parser/ast/processor.rb
RB_VARIABLE_NODE = 302
JAVA_IDENTITY_STMT = 401
* Java node types https://github.com/Sable/soot/blob/develop/src/main/generated/jastadd/soot/JastAddJ/ASTNode.java
PHP_EXPR_VARIABLE = 501
* Php node types https://github.com/nikic/PHP-Parser/blob/master/grammar/php5.y https://github.com/nikic/PHP-Parser/blob/master/grammar/php7.y
Used in:
DANGER_UNCLASSIFIED_DANGER = 0
message
info.proto:16Used in:
string target = 1
string command = 2
message
ast.proto:4Used in:
string filename = 1
the verbose file name and the relative path with regard to repo root
string relpath = 2
string file = 3
the file and directory specified in compile_commands
string directory = 4
Used in:
UNCLASSIFIED = 0
SOURCE = 1
SINK = 2
DANGER = 3
PROPAGATE = 4
enum Language
ast.proto:24Used in:
UNKNOWN = 0
PYTHON = 1
JAVASCRIPT = 2
RUBY = 3
JAVA = 4
PHP = 5
CSHARP = 6
CPP = 7
GO = 8
message
info.proto:21optional info = 1
repeated dependencies = 2
Runtime dependencies
repeated dev_dependencies = 3
Development dependencies
message
info.proto:22Used in:
string package_name = 1
basic info
string package_version = 2
string email = 3
string homepage = 4
string license = 5
optional repository = 6
host info
repeated exec_jobs = 7
execute info
repeated string authors = 8
author info
repeated string contributors = 9
repeated string maintainers = 10
repeated releases = 11
release info
message
ast.proto:227Used in:
string pkg_name = 1
Package information
string pkg_version = 2
Language language = 3
string input_path = 4
optional config = 5
repeated api_results = 6
Ast lookup results
repeated root_nodes = 7
Abstract syntax tree for files
message
ast.proto:241repeated pkgs = 1
uint64 timestamp = 2
Used in:
PROPAGATE_UNCLASSIFIED = 0
PROPAGATE_ASSIGN = 1
PROPAGATE_CALL = 2
Calls can affect the results by return value or reference argument
PROPAGATE_SYSCALL = 3
PROPAGATE_LIBCALL = 4
message
info.proto:4Used in:
string name = 1
string timestamp = 2
message
info.proto:9Used in:
string url = 1
link to the repository
string type = 2
type can be git/svn/hg etc.
enum SinkType
ast.proto:73Used in:
SINK_UNCLASSIFIED = 0
SINK_ACCOUNT = 1
Sinks from Susi
SINK_AUDIO = 2
SINK_BROWSER = 3
SINK_CALENDAR = 4
SINK_CONTACT = 5
SINK_FILE = 6
SINK_LOG = 7
SINK_NETWORK = 8
SINK_NFC = 9
SINK_PHONE_CONNECTION = 10
SINK_PHONE_STATE = 11
SINK_SMS_MMS = 12
SINK_SYNC = 13
SINK_SYSTEM = 14
SINK_VOIP = 15
SINK_CODE_GENERATION = 51
Sinks from other sources
SINK_PROCESS_OPERATION = 52
SINK_DATABASE = 53
message
ast.proto:13Used in:
int32 row = 1
int32 column = 2
optional file_info = 3
message
ast.proto:19Used in:
optional start = 1
optional end = 2
* Types of taint sources and sinks http://blogs.grammatech.com/what-is-taint-checking http://web.cs.iastate.edu/~weile/cs513x/2018spring/taintanalysis.pdf https://www.bodden.de/pubs/rab14classifying.pdf
Used in:
SOURCE_UNCLASSIFIED = 0
SOURCE_ACCOUNT = 1
Sources from Susi
SOURCE_BLUETOOTH = 2
SOURCE_BROWSER = 3
SOURCE_CALENDAR = 4
SOURCE_CONTACT = 5
SOURCE_DATABASE = 6
SOURCE_FILE = 7
SOURCE_NETWORK = 8
SOURCE_NFC = 9
SOURCE_SETTINGS = 10
SOURCE_SYNC = 11
SOURCE_UNIQUE_IDENTIFIER = 12
SOURCE_ENVIRONMENT = 51
Sources from other sources
SOURCE_USER_INPUT = 52
SOURCE_OBFUSCATION = 53