sources

package
v0.1.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 27, 2026 License: GPL-3.0 Imports: 15 Imported by: 0

Documentation

Overview

Package sources - defaults.go provides centralized default configuration values All default values should be defined here and referenced from other packages

Package sources - input_methods.go provides centralized input method definitions All framework input methods and patterns should be defined here

Package sources - labels.go provides centralized SourceType definitions Re-exports from common package for backwards compatibility

Package sources - mappings.go provides centralized language mappings Consolidated from pkg/semantic/mappings/ - that package should be deleted

Package sources - special_files.go provides centralized special file handling All special filename patterns should be defined here

Package sources - superglobals.go provides centralized PHP superglobal mappings This is the ONLY place PHP superglobal definitions should exist

Index

Constants

View Source 
const (
	InitialCallStackCapacity = 32
	InitialFlowsCapacity     = 64
	InitialSourcesCapacity   = 16
	InitialVariablesCapacity = 32
)

Pre-allocation hints for slices

View Source 
const (
	SourceHTTPGet     = common.SourceHTTPGet     // Query string parameters
	SourceHTTPPost    = common.SourceHTTPPost    // POST form data
	SourceHTTPBody    = common.SourceHTTPBody    // Raw request body
	SourceHTTPJSON    = common.SourceHTTPJSON    // JSON request body
	SourceHTTPHeader  = common.SourceHTTPHeader  // HTTP headers
	SourceHTTPCookie  = common.SourceHTTPCookie  // Cookies
	SourceHTTPPath    = common.SourceHTTPPath    // URL path parameters
	SourceHTTPFile    = common.SourceHTTPFile    // Uploaded files ($_FILES)
	SourceHTTPRequest = common.SourceHTTPRequest // Combined GET/POST ($_REQUEST)
	SourceSession     = common.SourceSession     // Session data ($_SESSION)
	SourceCLIArg      = common.SourceCLIArg      // Command line arguments
	SourceEnvVar      = common.SourceEnvVar      // Environment variables
	SourceStdin       = common.SourceStdin       // Standard input
	SourceFile        = common.SourceFile        // File reads
	SourceDatabase    = common.SourceDatabase    // Database query results
	SourceNetwork     = common.SourceNetwork     // Network/socket reads
	SourceUserInput   = common.SourceUserInput   // Generic user input
	SourceUnknown     = common.SourceUnknown     // Unknown source type
)
View Source 
const (
	LabelHTTPGet     = common.LabelHTTPGet
	LabelHTTPPost    = common.LabelHTTPPost
	LabelHTTPCookie  = common.LabelHTTPCookie
	LabelHTTPHeader  = common.LabelHTTPHeader
	LabelHTTPBody    = common.LabelHTTPBody
	LabelCLI         = common.LabelCLI
	LabelEnvironment = common.LabelEnvironment
	LabelFile        = common.LabelFile
	LabelDatabase    = common.LabelDatabase
	LabelNetwork     = common.LabelNetwork
	LabelUserInput   = common.LabelUserInput
)
View Source 
const DefaultCacheMemoryLimit = 32 * 1024 * 1024

DefaultCacheMemoryLimit is the memory ceiling for LRU caches. 32 MB prevents RSS spikes when analysing large repos.

View Source 
const DefaultCacheSize = 1000

DefaultCacheSize is the default parser cache size (number of AST entries).

View Source 
const DefaultFileCacheSize = 100

DefaultFileCacheSize is the number of parsed files kept in the symbolic executor cache.

View Source 
const DefaultMaxDepth = 5

DefaultMaxDepth is the default inter-procedural analysis depth. 5 hops covers most real-world call chains without exponential blowup.

View Source 
const DefaultMaxFlowEdges = 20000

DefaultMaxFlowEdges caps graph size to prevent unbounded memory growth.

View Source 
const DefaultMaxFlowNodes = 10000

DefaultMaxFlowNodes caps graph size to prevent unbounded memory growth.

View Source 
const DefaultPathMaxDepth = 50

DefaultPathMaxDepth limits path expansion to prevent combinatorial explosion.

View Source 
const DefaultSnippetLength = 100

DefaultSnippetLength is the default maximum length for code snippets

View Source 
const DefaultSymbolicMaxDepth = 10

DefaultSymbolicMaxDepth is used for symbolic execution tracing. Higher than MaxDepth because property-chain resolution needs more hops.

View Source 
const DefaultTopFilesCount = 10

DefaultTopFilesCount is the default number of "most tainted files" to return

Variables

View Source 
var AllSourceTypes = common.AllSourceTypes

AllSourceTypes returns all valid source types for iteration/validation

View Source 
var BinaryExtensions = map[string]bool{
	".exe":    true,
	".dll":    true,
	".so":     true,
	".dylib":  true,
	".a":      true,
	".lib":    true,
	".obj":    true,
	".o":      true,
	".bin":    true,
	".dat":    true,
	".db":     true,
	".sqlite": true,
	".jpg":    true,
	".jpeg":   true,
	".png":    true,
	".gif":    true,
	".bmp":    true,
	".ico":    true,
	".svg":    true,
	".webp":   true,
	".pdf":    true,
	".doc":    true,
	".docx":   true,
	".xls":    true,
	".xlsx":   true,
	".zip":    true,
	".tar":    true,
	".gz":     true,
	".rar":    true,
	".7z":     true,
	".woff":   true,
	".woff2":  true,
	".ttf":    true,
	".otf":    true,
	".eot":    true,
	".mp3":    true,
	".mp4":    true,
	".wav":    true,
	".avi":    true,
	".mov":    true,
}

BinaryExtensions contains file extensions that are binary/non-parseable

View Source 
var CGIEnvVars = map[string]SourceType{
	"QUERY_STRING":    SourceHTTPGet,
	"REQUEST_METHOD":  SourceHTTPHeader,
	"CONTENT_TYPE":    SourceHTTPHeader,
	"CONTENT_LENGTH":  SourceHTTPBody,
	"HTTP_COOKIE":     SourceHTTPCookie,
	"HTTP_HOST":       SourceHTTPHeader,
	"HTTP_USER_AGENT": SourceHTTPHeader,
	"HTTP_REFERER":    SourceHTTPHeader,
	"HTTP_ACCEPT":     SourceHTTPHeader,
	"PATH_INFO":       SourceHTTPPath,
	"PATH_TRANSLATED": SourceHTTPPath,
	"SCRIPT_NAME":     SourceHTTPPath,
	"REQUEST_URI":     SourceHTTPPath,
	"REMOTE_ADDR":     SourceNetwork,
	"REMOTE_HOST":     SourceNetwork,
	"SERVER_NAME":     SourceHTTPHeader,
	"SERVER_PORT":     SourceHTTPHeader,
	"HTTPS":           SourceHTTPHeader,
}

CGIEnvVars contains CGI environment variable mappings (shared C/C++)

View Source 
var DefaultSkipDirs = []string{
	".git",
	"node_modules",
	"vendor",
	"__pycache__",
	".venv",
	"venv",
	"target",
	"build",
	"dist",
	".idea",
	".vscode",
	".cache",
}

DefaultSkipDirs contains directories that should be skipped during analysis Replaces hardcoded array in tracer.go DefaultConfig()

View Source 
var (
	GetRegistry = core.GetRegistry
)

Re-export core functions for convenience Note: IsInputMethod is NOT re-exported because sources.IsInputMethod has a different signature

View Source 
var InputMethods = []InputMethod{

	{VarPattern: "request", MethodName: "get", Category: CategoryHTTP, SourceType: SourceHTTPGet, Framework: "generic", Description: "Generic GET getter"},
	{VarPattern: "request", MethodName: "post", Category: CategoryHTTP, SourceType: SourceHTTPPost, Framework: "generic", Description: "Generic POST getter"},
	{VarPattern: "request", MethodName: "cookie", Category: CategoryHTTP, SourceType: SourceHTTPCookie, Framework: "generic", Description: "Generic cookie getter"},
	{VarPattern: "request", MethodName: "server", Category: CategoryHTTP, SourceType: SourceHTTPHeader, Framework: "generic", Description: "Generic server var getter"},
	{VarPattern: "request", MethodName: "header", Category: CategoryHTTP, SourceType: SourceHTTPHeader, Framework: "generic", Description: "Generic header getter"},
	{VarPattern: "request", MethodName: "input", Category: CategoryHTTP, SourceType: SourceUserInput, Framework: "generic", Description: "Generic input getter"},
	{VarPattern: "request", MethodName: "all", Category: CategoryHTTP, SourceType: SourceUserInput, Framework: "generic", Description: "Get all input"},

	{VarPattern: "*", MethodName: "get", Category: CategoryHTTP, SourceType: SourceHTTPGet, Framework: "generic", Description: "Generic GET method"},
	{VarPattern: "*", MethodName: "post", Category: CategoryHTTP, SourceType: SourceHTTPPost, Framework: "generic", Description: "Generic POST method"},
	{VarPattern: "*", MethodName: "cookie", Category: CategoryHTTP, SourceType: SourceHTTPCookie, Framework: "generic", Description: "Generic cookie method"},
	{VarPattern: "*", MethodName: "header", Category: CategoryHTTP, SourceType: SourceHTTPHeader, Framework: "generic", Description: "Generic header method"},
	{VarPattern: "*", MethodName: "param", Category: CategoryHTTP, SourceType: SourceUserInput, Framework: "generic", Description: "Generic param method"},
	{VarPattern: "*", MethodName: "input", Category: CategoryHTTP, SourceType: SourceUserInput, Framework: "generic", Description: "Generic input method"},
	{VarPattern: "*", MethodName: "query", Category: CategoryHTTP, SourceType: SourceHTTPGet, Framework: "generic", Description: "Generic query method"},

	{VarPattern: "*", MethodName: "read", Category: CategoryFile, SourceType: SourceFile, Framework: "generic", Description: "File read"},
	{VarPattern: "*", MethodName: "file_get_contents", Category: CategoryFile, SourceType: SourceFile, Framework: "generic", Description: "Get file contents"},
	{VarPattern: "*", MethodName: "fopen", Category: CategoryFile, SourceType: SourceFile, Framework: "generic", Description: "Open file"},

	{VarPattern: "*", MethodName: "exec", Category: CategoryCommand, SourceType: SourceUserInput, Framework: "generic", Description: "Command exec"},
	{VarPattern: "*", MethodName: "shell_exec", Category: CategoryCommand, SourceType: SourceUserInput, Framework: "generic", Description: "Shell exec"},
	{VarPattern: "*", MethodName: "system", Category: CategoryCommand, SourceType: SourceUserInput, Framework: "generic", Description: "System call"},
	{VarPattern: "*", MethodName: "passthru", Category: CategoryCommand, SourceType: SourceUserInput, Framework: "generic", Description: "Passthru"},
}

InputMethods is the canonical list of input-returning methods Replaces hardcoded patterns in extractor.go isInputMethod() and isInterestingMethod()

NOTE: Framework-specific patterns (MyBB, phpBB, WordPress, etc.) should be defined in their respective files under pkg/sources/php/{framework}.go This file contains ONLY generic/universal patterns.

View Source 
var LabelToSourceType = map[InputLabel]SourceType{
	LabelHTTPGet:     SourceHTTPGet,
	LabelHTTPPost:    SourceHTTPPost,
	LabelHTTPCookie:  SourceHTTPCookie,
	LabelHTTPHeader:  SourceHTTPHeader,
	LabelHTTPBody:    SourceHTTPBody,
	LabelCLI:         SourceCLIArg,
	LabelEnvironment: SourceEnvVar,
	LabelFile:        SourceFile,
	LabelDatabase:    SourceDatabase,
	LabelNetwork:     SourceNetwork,
	LabelUserInput:   SourceUserInput,
}

LabelToSourceType maps InputLabel to SourceType for conversion

View Source 
var LanguageSkipDirs = map[string][]string{
	"common":     {".git", ".svn", ".hg"},
	"javascript": {"node_modules", "bower_components", "dist", "build"},
	"python":     {"__pycache__", ".venv", "venv", "env", ".tox", ".pytest_cache"},
	"go":         {"vendor"},
	"rust":       {"target"},
	"java":       {"target", "build", "bin", "out"},
	"c_sharp":    {"bin", "obj", "packages"},
	"ruby":       {"vendor", ".bundle"},
	"php":        {"vendor", "cache", "tests", "tmp", "storage"},
	"ide":        {".idea", ".vscode", ".vs"},
}

LanguageSkipDirs provides language-specific skip directories

View Source 
var MethodToSuperglobals = map[string][]string{
	"get_input": {"$_GET", "$_POST"},
	"input":     {"$_GET", "$_POST"},
	"get":       {"$_GET"},
	"post":      {"$_POST"},
	"cookie":    {"$_COOKIE"},
	"server":    {"$_SERVER"},
	"file":      {"$_FILES"},
}

MethodToSuperglobals maps common method names to their typical superglobal sources Used for PHP input method resolution in tracing

View Source 
var PHPDiscoverySkipDirs = []string{
	"/vendor/",
	"/cache/",
	"/tests/",
	"/.git/",
	"/tmp/",
	"/storage/",
	"/freemius/",
	"/action-scheduler/",
	"/redux-core/",
	"/redux-framework/",
	"/cmb2/",
	"/starter-content/",
	"/starter-templates/",
}

PHPDiscoverySkipDirs returns directories to skip during PHP discovery These include vendor, cache, tests, and VCS directories

View Source 
var PHPServerConfigKeys = []string{
	"DOCUMENT_ROOT",
	"SCRIPT_FILENAME",
	"SCRIPT_NAME",
	"SERVER_ADDR",
	"SERVER_NAME",
	"SERVER_PORT",
	"SERVER_PROTOCOL",
	"SERVER_SOFTWARE",
	"SERVER_ADMIN",
	"GATEWAY_INTERFACE",
	"REQUEST_TIME",
	"REQUEST_TIME_FLOAT",
}

PHPServerConfigKeys are $_SERVER keys that contain SERVER CONFIGURATION data. These are NOT user-controllable and should NOT be marked as user input.

View Source 
var PHPServerUserKeys = map[string]SourceType{

	"PHP_SELF":       SourceHTTPPath,
	"REQUEST_URI":    SourceHTTPPath,
	"QUERY_STRING":   SourceHTTPGet,
	"PATH_INFO":      SourceHTTPPath,
	"ORIG_PATH_INFO": SourceHTTPPath,

	"REQUEST_METHOD": SourceHTTPHeader,
	"CONTENT_TYPE":   SourceHTTPHeader,
	"CONTENT_LENGTH": SourceHTTPHeader,

	"PHP_AUTH_USER":   SourceHTTPHeader,
	"PHP_AUTH_PW":     SourceHTTPHeader,
	"PHP_AUTH_DIGEST": SourceHTTPHeader,
	"AUTH_TYPE":       SourceHTTPHeader,

	"HTTP_HOST":              SourceHTTPHeader,
	"HTTP_USER_AGENT":        SourceHTTPHeader,
	"HTTP_ACCEPT":            SourceHTTPHeader,
	"HTTP_ACCEPT_LANGUAGE":   SourceHTTPHeader,
	"HTTP_ACCEPT_ENCODING":   SourceHTTPHeader,
	"HTTP_ACCEPT_CHARSET":    SourceHTTPHeader,
	"HTTP_CONNECTION":        SourceHTTPHeader,
	"HTTP_REFERER":           SourceHTTPHeader,
	"HTTP_COOKIE":            SourceHTTPCookie,
	"HTTP_AUTHORIZATION":     SourceHTTPHeader,
	"HTTP_CACHE_CONTROL":     SourceHTTPHeader,
	"HTTP_PRAGMA":            SourceHTTPHeader,
	"HTTP_IF_MODIFIED_SINCE": SourceHTTPHeader,
	"HTTP_IF_NONE_MATCH":     SourceHTTPHeader,
	"HTTP_X_FORWARDED_FOR":   SourceHTTPHeader,
	"HTTP_X_FORWARDED_HOST":  SourceHTTPHeader,
	"HTTP_X_FORWARDED_PROTO": SourceHTTPHeader,
	"HTTP_X_REQUESTED_WITH":  SourceHTTPHeader,
	"HTTP_X_REAL_IP":         SourceHTTPHeader,
	"HTTP_ORIGIN":            SourceHTTPHeader,

	"REMOTE_ADDR": SourceNetwork,
	"REMOTE_HOST": SourceNetwork,
	"REMOTE_PORT": SourceNetwork,
}

PHPServerUserKeys are $_SERVER keys that contain USER-CONTROLLABLE data from the HTTP request. An attacker can manipulate these values by crafting their HTTP request. This list is based on PHP documentation and JetBrains PHP stubs research.

Reference: https://www.php.net/manual/en/reserved.variables.server.php Key insight: "All elements of the $_SERVER array whose keys begin with 'HTTP_' come from HTTP request headers and are not to be trusted."

View Source 
var PHPSuperglobals = []PHPSuperglobal{

	{"$_GET", SourceHTTPGet, []InputLabel{LabelHTTPGet, LabelUserInput}, "HTTP GET parameters (query string)"},
	{"$_POST", SourceHTTPPost, []InputLabel{LabelHTTPPost, LabelUserInput}, "HTTP POST parameters (form data)"},
	{"$_REQUEST", SourceHTTPRequest, []InputLabel{LabelHTTPGet, LabelHTTPPost, LabelHTTPCookie, LabelUserInput}, "Combined GET/POST/COOKIE (request data)"},
	{"$_COOKIE", SourceHTTPCookie, []InputLabel{LabelHTTPCookie, LabelUserInput}, "HTTP cookies (sent with request)"},
	{"$_FILES", SourceHTTPFile, []InputLabel{LabelFile, LabelUserInput}, "HTTP file uploads (multipart request data)"},

	{"$_SERVER", SourceHTTPHeader, []InputLabel{LabelHTTPHeader, LabelUserInput}, "Server/request info (SOME keys are user-controllable)"},

	{"$_ENV", SourceEnvVar, []InputLabel{LabelEnvironment}, "Environment variables (server config, NOT request data)"},
	{"$_SESSION", SourceSession, []InputLabel{}, "Session data (stored server-side, NOT sent in request)"},
}

PHPSuperglobals is the canonical list of PHP superglobals This replaces scattered arrays in discovery/superglobal.go and elsewhere

STRICT USER INPUT DEFINITION: User input is ONLY data that comes from an HTTP REQUEST.

YES - These ARE user input (from HTTP request):

  • $_GET, $_POST, $_COOKIE, $_REQUEST, $_FILES
  • $_SERVER keys that contain request data (HTTP_*, REQUEST_URI, etc.)
  • php://input, file_get_contents('php://input')

NO - These are NOT user input:

  • $_SESSION (stored server-side, not sent in request)
  • $_ENV, getenv() (server configuration, not request data)
  • Database query results (not request data)
  • File reads from filesystem (not request data)
View Source 
var ShortNameToSuperglobal = map[string]string{
	"GET":     "$_GET",
	"POST":    "$_POST",
	"COOKIE":  "$_COOKIE",
	"REQUEST": "$_REQUEST",
	"SERVER":  "$_SERVER",
	"FILES":   "$_FILES",
	"SESSION": "$_SESSION",
	"ENV":     "$_ENV",
}

ShortNameToSuperglobal maps short names back to superglobal names (reverse)

View Source 
var SkipPathPatterns = []string{
	"/vendor/",
	"/node_modules/",
	"/.git/",
	"/cache/",
	"/__pycache__/",
	"/.venv/",
	"/venv/",
	"/target/",
	"/build/",
	"/dist/",
	"/.idea/",
	"/.vscode/",
}

SkipPathPatterns contains path patterns that should be skipped

View Source 
var SourceTypeToLabel = map[SourceType]InputLabel{
	SourceHTTPGet:    LabelHTTPGet,
	SourceHTTPPost:   LabelHTTPPost,
	SourceHTTPCookie: LabelHTTPCookie,
	SourceHTTPHeader: LabelHTTPHeader,
	SourceHTTPBody:   LabelHTTPBody,
	SourceCLIArg:     LabelCLI,
	SourceEnvVar:     LabelEnvironment,
	SourceFile:       LabelFile,
	SourceDatabase:   LabelDatabase,
	SourceNetwork:    LabelNetwork,
	SourceUserInput:  LabelUserInput,
}

SourceTypeToLabel maps SourceType back to InputLabel (reverse lookup)

View Source 
var SourceTypeToSuperglobal = map[SourceType]string{
	SourceHTTPGet:     "$_GET",
	SourceHTTPPost:    "$_POST",
	SourceHTTPRequest: "$_REQUEST",
	SourceHTTPCookie:  "$_COOKIE",
	SourceHTTPHeader:  "$_SERVER",
	SourceHTTPFile:    "$_FILES",
	SourceEnvVar:      "$_ENV",
	SourceSession:     "$_SESSION",
}

SourceTypeToSuperglobal maps SourceType back to superglobal name (reverse lookup)

View Source 
var SpecialFilenameLanguages = map[string]string{
	"makefile":    "makefile",
	"gnumakefile": "makefile",
	"dockerfile":  "dockerfile",
	"vagrantfile": "ruby",
	"gemfile":     "ruby",
	"rakefile":    "ruby",
	"guardfile":   "ruby",
	"podfile":     "ruby",
	"fastfile":    "ruby",
	"appfile":     "ruby",
	"dangerfile":  "ruby",
	"brewfile":    "ruby",
	"cakefile":    "coffeescript",
	"gruntfile":   "javascript",
	"gulpfile":    "javascript",
	"jakefile":    "javascript",
	"procfile":    "yaml",
	"jenkinsfile": "groovy",
}

SpecialFilenameLanguages maps special filenames to their language Some special files have a known language even without extension

View Source 
var StandardCInputFunctions = map[string]SourceType{
	"gets":          SourceStdin,
	"fgets":         SourceFile,
	"scanf":         SourceStdin,
	"fscanf":        SourceFile,
	"sscanf":        SourceUserInput,
	"getchar":       SourceStdin,
	"getc":          SourceFile,
	"fgetc":         SourceFile,
	"getline":       SourceStdin,
	"getdelim":      SourceFile,
	"read":          SourceFile,
	"pread":         SourceFile,
	"readv":         SourceFile,
	"preadv":        SourceFile,
	"fread":         SourceFile,
	"recv":          SourceNetwork,
	"recvfrom":      SourceNetwork,
	"recvmsg":       SourceNetwork,
	"recvmmsg":      SourceNetwork,
	"getenv":        SourceEnvVar,
	"secure_getenv": SourceEnvVar,
	"mmap":          SourceFile,
	"fopen":         SourceFile,
	"open":          SourceFile,
	"fdopen":        SourceFile,
}

StandardCInputFunctions contains C standard input functions

View Source 
var SuperglobalShortNames = map[string]string{
	"$_GET":     "GET",
	"$_POST":    "POST",
	"$_COOKIE":  "COOKIE",
	"$_REQUEST": "REQUEST",
	"$_SERVER":  "SERVER",
	"$_FILES":   "FILES",
	"$_SESSION": "SESSION",
	"$_ENV":     "ENV",
}

SuperglobalShortNames maps superglobal names to short classifier names Replaces classifier.superglobalToSourceTypes

View Source 
var SuperglobalToSourceType = map[string]SourceType{
	"$_GET":     SourceHTTPGet,
	"$_POST":    SourceHTTPPost,
	"$_REQUEST": SourceHTTPRequest,
	"$_COOKIE":  SourceHTTPCookie,
	"$_SERVER":  SourceHTTPHeader,
	"$_FILES":   SourceHTTPFile,
	"$_ENV":     SourceEnvVar,
	"$_SESSION": SourceSession,
}

SuperglobalToSourceType maps superglobal name to SourceType Replaces switch statements in executor.go, classifier.go, etc.

View Source 
var UnsupportedFilenames = map[string]bool{
	"makefile":      true,
	"gnumakefile":   true,
	"dockerfile":    true,
	"vagrantfile":   true,
	".gitignore":    true,
	".dockerignore": true,
	".npmignore":    true,
	".eslintignore": true,
	"license":       true,
	"licence":       true,
	"readme":        true,
	"changelog":     true,
	"contributing":  true,
}

UnsupportedFilenames contains filenames that should not be parsed Replaces hardcoded switch in parser/service.go

View Source 
var WordPressVendorDirs = []string{
	"freemius",
	"action-scheduler",
	"redux-core",
	"redux-framework",
	"cmb2",
	"starter-content",
	"starter-templates",
}

WordPressVendorDirs lists WordPress-ecosystem bundled third-party directories that should be excluded from analysis. Callers that know they are analyzing a WordPress project can append these to Config.SkipDirs.

Functions

func GetDBFetchFunctions 

func GetDBFetchFunctions() map[string]bool

GetDBFetchFunctions returns DBFetchFunctions for PHP, never nil

func GetInputFunctions 

func GetInputFunctions(language string) map[string]SourceType

GetInputFunctions returns InputFunctions for a language, never nil

func GetInputSources 

func GetInputSources(language string) map[string]SourceType

GetInputSources returns InputSources for a language, never nil

func GetSkipDirsForLanguages 

func GetSkipDirsForLanguages(languages []string) []string

GetSkipDirsForLanguages returns combined skip directories for specified languages

func GetSpecialFilenameLanguage 

func GetSpecialFilenameLanguage(basename string) string

GetSpecialFilenameLanguage returns the language for a special filename, or empty string

func GetSuperglobalByShortName 

func GetSuperglobalByShortName(shortName string) string

GetSuperglobalByShortName returns the superglobal name from its short name (e.g., "GET" -> "$_GET")

func GetSuperglobalShortName 

func GetSuperglobalShortName(name string) string

GetSuperglobalShortName returns the short name for a superglobal (e.g., "$_GET" -> "GET")

func GetSuperglobalsForMethod 

func GetSuperglobalsForMethod(methodName string) []string

GetSuperglobalsForMethod returns the superglobals typically accessed by a method name

func IsBinaryExtension 

func IsBinaryExtension(ext string) bool

IsBinaryExtension checks if a file extension indicates a binary file

func IsInputMethod 

func IsInputMethod(varName, methodName string) bool

IsInputMethod checks if a var.method combination is a known input method Replaces isInputMethod() in extractor.go

func IsInterestingMethod 

func IsInterestingMethod(methodName string) bool

IsInterestingMethod checks if a method name is security-relevant Note: This library traces INPUT SOURCES only, not sinks This function is kept for compatibility but only returns true for file/command operations

func IsServerKeyUserInput 

func IsServerKeyUserInput(key string) bool

IsServerKeyUserInput returns true if the $_SERVER key contains user-controllable data

func IsSuperglobal 

func IsSuperglobal(name string) bool

IsSuperglobal checks if a name is a known PHP superglobal

func IsUnsupportedFilename 

func IsUnsupportedFilename(basename string) bool

IsUnsupportedFilename checks if a filename should be skipped

func IsValidSourceType 

func IsValidSourceType(s string) bool

IsValidSourceType checks if a string is a valid SourceType

func MergeMaps 

func MergeMaps(maps ...map[string]SourceType) map[string]SourceType

MergeMaps combines multiple source type maps into one

func RegisterAll 

func RegisterAll(r *Registry)

RegisterAll registers all language matchers with the registry

func ShouldSkipDir 

func ShouldSkipDir(dirName string) bool

ShouldSkipDir checks if a directory name should be skipped

func ShouldSkipPHPPath 

func ShouldSkipPHPPath(path string) bool

ShouldSkipPHPPath checks if a path should be skipped during PHP discovery

func ShouldSkipPath 

func ShouldSkipPath(path string) bool

ShouldSkipPath checks if a path matches any skip pattern

func SuperglobalNames 

func SuperglobalNames() []string

SuperglobalNames returns just the names for iteration Replaces discovery.PHPSuperglobals array

Types

type BaseMatcher 

type BaseMatcher = common.BaseMatcher

func NewBaseMatcher 

func NewBaseMatcher(language string, sources []Definition) *BaseMatcher

NewBaseMatcher creates a new base matcher

type Definition 

type Definition = common.Definition

type FrameworkTypeInfo 

type FrameworkTypeInfo struct {
	Framework  string
	SourceType SourceType
}

FrameworkTypeInfo holds information about framework types that carry user input

type InputLabel 

type InputLabel = common.InputLabel

Re-export types from common package for backwards compatibility

type InputMethod 

type InputMethod struct {
	VarPattern  string              // e.g., "mybb", "request", "*" for any
	MethodName  string              // e.g., "get_input", "variable"
	Category    InputMethodCategory // http, database, file, command
	SourceType  SourceType          // Mapped source type
	Framework   string              // e.g., "mybb", "laravel", "generic"
	Description string              // Human-readable description
}

InputMethod describes a method that returns user input

func GetCommandMethods 

func GetCommandMethods() []InputMethod

GetCommandMethods returns all command execution methods

func GetFileMethods 

func GetFileMethods() []InputMethod

GetFileMethods returns all file-related methods

func GetHTTPInputMethods 

func GetHTTPInputMethods() []InputMethod

GetHTTPInputMethods returns all HTTP input methods

func GetInputMethodInfo 

func GetInputMethodInfo(varName, methodName string) *InputMethod

GetInputMethodInfo returns full info for a var.method combination

func GetMethodsByCategory 

func GetMethodsByCategory(category InputMethodCategory) []InputMethod

GetMethodsByCategory returns all methods in a category

func GetMethodsByFramework 

func GetMethodsByFramework(framework string) []InputMethod

GetMethodsByFramework returns all methods for a framework

type InputMethodCategory 

type InputMethodCategory string

InputMethodCategory classifies input method types 

const (
	CategoryHTTP    InputMethodCategory = "http"
	CategoryFile    InputMethodCategory = "file"
	CategoryCommand InputMethodCategory = "command"
	CategoryGeneric InputMethodCategory = "generic"
)

type InputPattern 

type InputPattern = core.InputPattern

Re-export new types from core package

type LanguageMappings 

type LanguageMappings struct {
	Language string

	// InputFunctions maps function/method names to source types
	InputFunctions map[string]SourceType

	// InputSources maps property/variable access patterns to source types
	InputSources map[string]SourceType

	// Superglobals maps superglobal variables to source types (PHP specific)
	Superglobals map[string]SourceType

	// DBFetchFunctions maps database fetch function names (PHP specific)
	DBFetchFunctions map[string]bool

	// GlobalSources maps browser global sources (JS specific)
	GlobalSources map[string]SourceType

	// DOMSources maps DOM property sources (JS specific)
	DOMSources map[string]SourceType

	// NodeSources maps Node.js-specific sources (JS specific)
	NodeSources map[string]SourceType

	// CGIEnvVars maps CGI environment variables to source types (C/C++ specific)
	CGIEnvVars map[string]SourceType

	// QtInputMethods maps Qt widget methods to source types (C++ specific)
	QtInputMethods map[string]SourceType

	// FrameworkTypes maps framework type names to their info (C++ specific)
	FrameworkTypes map[string]FrameworkTypeInfo

	// MethodInputs maps method names that return user input (C++ specific)
	MethodInputs map[string]SourceType

	// Annotations maps annotation/decorator names to source types (Java/C# specific)
	Annotations map[string]SourceType

	// InputMethods maps input method names to source types (Java specific)
	InputMethods map[string]SourceType
}

LanguageMappings holds all input source mappings for a single language

func GetMappings 

func GetMappings(language string) *LanguageMappings

GetMappings returns the mappings for a specific language

func (*LanguageMappings) GetCGIEnvVarsMap 

func (lm *LanguageMappings) GetCGIEnvVarsMap() map[string]common.SourceType

GetCGIEnvVarsMap returns CGIEnvVars as common.SourceType map

func (*LanguageMappings) GetDBFetchFunctionsMap 

func (lm *LanguageMappings) GetDBFetchFunctionsMap() map[string]bool

GetDBFetchFunctionsMap returns DBFetchFunctions map

func (*LanguageMappings) GetDOMSourcesMap 

func (lm *LanguageMappings) GetDOMSourcesMap() map[string]common.SourceType

GetDOMSourcesMap returns DOMSources as common.SourceType map

func (*LanguageMappings) GetFrameworkTypesMap 

func (lm *LanguageMappings) GetFrameworkTypesMap() map[string]FrameworkTypeInfo

GetFrameworkTypesMap returns FrameworkTypes map

func (*LanguageMappings) GetGlobalSourcesMap 

func (lm *LanguageMappings) GetGlobalSourcesMap() map[string]common.SourceType

GetGlobalSourcesMap returns GlobalSources as common.SourceType map

func (*LanguageMappings) GetInputFunctionsMap 

func (lm *LanguageMappings) GetInputFunctionsMap() map[string]common.SourceType

GetInputFunctionsMap returns InputFunctions as common.SourceType map

func (*LanguageMappings) GetInputMethodsMap 

func (lm *LanguageMappings) GetInputMethodsMap() map[string]common.SourceType

GetInputMethodsMap returns InputMethods as common.SourceType map

func (*LanguageMappings) GetInputSourcesMap 

func (lm *LanguageMappings) GetInputSourcesMap() map[string]common.SourceType

GetInputSourcesMap returns InputSources as common.SourceType map

func (*LanguageMappings) GetMethodInputsMap 

func (lm *LanguageMappings) GetMethodInputsMap() map[string]common.SourceType

GetMethodInputsMap returns MethodInputs as common.SourceType map

func (*LanguageMappings) GetNodeSourcesMap 

func (lm *LanguageMappings) GetNodeSourcesMap() map[string]common.SourceType

GetNodeSourcesMap returns NodeSources as common.SourceType map

func (*LanguageMappings) GetQtInputMethodsMap 

func (lm *LanguageMappings) GetQtInputMethodsMap() map[string]common.SourceType

GetQtInputMethodsMap returns QtInputMethods as common.SourceType map

func (*LanguageMappings) GetSuperglobalsMap 

func (lm *LanguageMappings) GetSuperglobalsMap() map[string]common.SourceType

GetSuperglobalsMap returns Superglobals as common.SourceType map

type Match 

type Match = common.Match

type MatchResult 

type MatchResult = core.MatchResult

type Matcher 

type Matcher interface {
	Language() string
	FindSources(root *sitter.Node, src []byte) []Match
}

Matcher interface for language-specific source detection

type PHPSuperglobal 

type PHPSuperglobal struct {
	Name        string       // "$_GET", "$_POST", etc.
	SourceType  SourceType   // Mapped source type
	Labels      []InputLabel // Input categories
	Description string       // Human-readable description
}

PHPSuperglobal represents a PHP superglobal variable with all its metadata

func GetSuperglobalInfo 

func GetSuperglobalInfo(name string) *PHPSuperglobal

GetSuperglobalInfo returns full info for a superglobal name

type Registry 

type Registry struct {
	// contains filtered or unexported fields
}

Registry manages all source matchers

func NewRegistry 

func NewRegistry() *Registry

NewRegistry creates a new source registry

func (*Registry) AddSource 

func (r *Registry) AddSource(def Definition)

AddSource adds a source definition

func (*Registry) GetMatcher 

func (r *Registry) GetMatcher(language string) Matcher

GetMatcher returns the matcher for a language

func (*Registry) GetSources 

func (r *Registry) GetSources(language string) []Definition

GetSources returns all source definitions for a language

func (*Registry) RegisterMatcher 

func (r *Registry) RegisterMatcher(matcher Matcher)

RegisterMatcher registers a language-specific matcher

type SourceType 

type SourceType = common.SourceType

SourceType represents the semantic type of an input source Re-exported from common package

func GetServerKeySourceType 

func GetServerKeySourceType(key string) SourceType

GetServerKeySourceType returns the SourceType for a $_SERVER key

func GetSuperglobalSourceType 

func GetSuperglobalSourceType(name string) SourceType

GetSuperglobalSourceType returns the SourceType for a superglobal, or SourceUnknown

Source Files

View all Source files

Directories

Path Synopsis
c
Package c - input_patterns.go provides C-specific input source patterns These patterns identify where user input enters C programs
 Package c - input_patterns.go provides C-specific input source patterns These patterns identify where user input enters C programs
Package common - framework_patterns.go provides framework pattern definitions All framework-specific patterns should be defined using these types
 Package common - framework_patterns.go provides framework pattern definitions All framework-specific patterns should be defined using these types
Package constants provides centralized type constants for the tracer.
 Package constants provides centralized type constants for the tracer.
Package core provides the centralized type definitions and registry for input detection.
 Package core provides the centralized type definitions and registry for input detection.
Package cpp - frameworks.go provides C++ web framework patterns Includes patterns for Crow, Drogon, Boost.Beast, cpprestsdk, Poco, and Qt
 Package cpp - frameworks.go provides C++ web framework patterns Includes patterns for Crow, Drogon, Boost.Beast, cpprestsdk, Poco, and Qt
Package csharp - frameworks.go provides C# web framework patterns Includes patterns for ASP.NET Core, ASP.NET MVC, Nancy, and ServiceStack
 Package csharp - frameworks.go provides C# web framework patterns Includes patterns for ASP.NET Core, ASP.NET MVC, Nancy, and ServiceStack
Package frameworks - detection.go provides framework detection utilities This centralizes file path indicators used to detect frameworks in codebases
 Package frameworks - detection.go provides framework detection utilities This centralizes file path indicators used to detect frameworks in codebases
Package golang - frameworks.go provides Go framework pattern registry All Go framework patterns should be registered here
 Package golang - frameworks.go provides Go framework pattern registry All Go framework patterns should be registered here
Package java - annotations.go provides Java annotation to source type mappings This centralizes all annotation-based input source detection for Java frameworks
 Package java - annotations.go provides Java annotation to source type mappings This centralizes all annotation-based input source detection for Java frameworks
Package javascript - express.go provides Express.js framework input patterns
 Package javascript - express.go provides Express.js framework input patterns
Package patterns provides centralized regex patterns for code analysis.
 Package patterns provides centralized regex patterns for code analysis.
Package php provides PHP database-related patterns
 Package php provides PHP database-related patterns
Package python - frameworks.go provides Python framework pattern registry All Python framework patterns should be registered here
 Package python - frameworks.go provides Python framework pattern registry All Python framework patterns should be registered here
Package ruby - frameworks.go provides Ruby web framework patterns Includes patterns for Rails, Sinatra, Hanami, Grape, and Padrino
 Package ruby - frameworks.go provides Ruby web framework patterns Includes patterns for Rails, Sinatra, Hanami, Grape, and Padrino
Package rust - frameworks.go provides Rust web framework patterns Includes patterns for Actix-web, Rocket, Axum, Warp, and Tide
 Package rust - frameworks.go provides Rust web framework patterns Includes patterns for Actix-web, Rocket, Axum, Warp, and Tide
Package typescript provides centralized TypeScript patterns for semantic analysis
 Package typescript provides centralized TypeScript patterns for semantic analysis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.