Documentation
¶
Overview ¶
Package tracer provides variable tracing across codebases
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type CallSiteInfo ¶
type CallSiteInfo struct {
File string `json:"file"`
Line int `json:"line"`
Argument string `json:"argument"`
HasInput bool `json:"has_input"`
Sources []string `json:"sources,omitempty"`
}
CallSiteInfo represents a call site where a function is invoked
type ParameterTaintInfo ¶
type ParameterTaintInfo struct {
FunctionName string `json:"function_name"`
ParameterName string `json:"parameter_name"`
ParameterIndex int `json:"parameter_index"`
IsTainted bool `json:"is_tainted"`
Sources []string `json:"sources,omitempty"`
CallSites []CallSiteInfo `json:"call_sites,omitempty"`
}
ParameterTaintInfo tracks taint propagation through function parameters
type TraceReport ¶
type TraceReport struct {
Variable string `json:"variable"`
Codebase string `json:"codebase"`
TotalDefinitions int `json:"total_definitions"`
WithUserInput int `json:"with_user_input"`
WithoutUserInput int `json:"without_user_input"`
Definitions []VariableTraceResult `json:"definitions"`
}
TraceReport is the complete report for a variable
func (*TraceReport) Summary ¶
func (r *TraceReport) Summary() string
Summary returns a human-readable summary
type VarAssignment ¶
type VarAssignment struct {
Line int `json:"line"`
Expression string `json:"expression"`
HasInput bool `json:"has_input"`
Sources []string `json:"sources,omitempty"`
}
VarAssignment represents one assignment to the traced variable
type VariableDefinition ¶
type VariableDefinition struct {
File string `json:"file"`
Line int `json:"line"`
FunctionName string `json:"function_name,omitempty"`
ClassName string `json:"class_name,omitempty"`
InitialValue string `json:"initial_value"`
CodeSnippet string `json:"code_snippet"`
}
VariableDefinition represents one definition of a variable
type VariableTraceResult ¶
type VariableTraceResult struct {
File string `json:"file"`
Line int `json:"line"`
FunctionName string `json:"function_name,omitempty"`
ClassName string `json:"class_name,omitempty"`
HasUserInput bool `json:"has_user_input"`
InputSources []string `json:"input_sources,omitempty"`
FlowPath []string `json:"flow_path,omitempty"`
MatchedCarrier string `json:"matched_carrier,omitempty"`
Assignments []VarAssignment `json:"assignments,omitempty"`
ParameterInfo *ParameterTaintInfo `json:"parameter_info,omitempty"`
}
VariableTraceResult contains the complete trace for a variable in one file
type VariableTracer ¶
type VariableTracer struct {
// contains filtered or unexported fields
}
VariableTracer traces a variable across all definitions in a codebase
func NewVariableTracer ¶
func NewVariableTracer(codebase string, carrierMap *discovery.CarrierMap) *VariableTracer
NewVariableTracer creates a new variable tracer
func (*VariableTracer) TraceVariable ¶
func (t *VariableTracer) TraceVariable(varName string) (*TraceReport, error)
TraceVariable traces a variable across the entire codebase
Source Files
Click to show internal directories.
Click to hide internal directories.