dsl

package
v0.0.0-...-35f3cf1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Nov 10, 2025 License: AGPL-3.0 Imports: 7 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type CallMatchResult 

type CallMatchResult struct {
	CallSite    callgraph.CallSite
	MatchedBy   string // Which pattern matched
	FunctionFQN string // Which function contains this call
	SourceFile  string // Which file
	Line        int    // Line number
}

CallMatchResult represents a match with additional context.

type CallMatcherExecutor 

type CallMatcherExecutor struct {
	IR        *CallMatcherIR
	CallGraph *callgraph.CallGraph
}

CallMatcherExecutor executes call_matcher IR against callgraph.

func NewCallMatcherExecutor 

func NewCallMatcherExecutor(ir *CallMatcherIR, cg *callgraph.CallGraph) *CallMatcherExecutor

NewCallMatcherExecutor creates a new executor.

func (*CallMatcherExecutor) Execute 

func (e *CallMatcherExecutor) Execute() []callgraph.CallSite

Execute finds all call sites matching the patterns

Algorithm:

  1. Iterate over callGraph.CallSites (keyed by function FQN)
  2. For each function's call sites, check if Target matches any pattern
  3. Support wildcards (* matching)
  4. Return list of matching CallSite objects

Performance: O(F * C * P) where: 

F = number of functions
C = avg call sites per function (~5-10)
P = number of patterns (~2-5)

Typical: 1000 functions * 7 calls * 3 patterns = 21,000 comparisons (fast!)

func (*CallMatcherExecutor) ExecuteWithContext 

func (e *CallMatcherExecutor) ExecuteWithContext() []CallMatchResult

ExecuteWithContext returns matches with additional context.

type CallMatcherIR 

type CallMatcherIR struct {
	Type      string   `json:"type"`      // "call_matcher"
	Patterns  []string `json:"patterns"`  // ["eval", "exec"]
	Wildcard  bool     `json:"wildcard"`  // true if any pattern has *
	MatchMode string   `json:"matchMode"` // "any" (OR) or "all" (AND)
}

CallMatcherIR represents call_matcher JSON IR.

func (*CallMatcherIR) GetType 

func (c *CallMatcherIR) GetType() IRType

GetType returns the IR type.

type CallSiteMatch 

type CallSiteMatch struct {
	CallSite    callgraph.CallSite
	FunctionFQN string
	Line        int
}

CallSiteMatch represents a matched call site.

type DataflowDetection 

type DataflowDetection struct {
	FunctionFQN string  // Function containing the vulnerability
	SourceLine  int     // Line where taint originates
	SinkLine    int     // Line where taint reaches sink
	TaintedVar  string  // Variable name that is tainted
	SinkCall    string  // Sink function name
	Confidence  float64 // 0.0-1.0 confidence score
	Sanitized   bool    // Was sanitization detected?
	Scope       string  // "local" or "global"
}

DataflowDetection represents a detected taint flow.

type DataflowExecutor 

type DataflowExecutor struct {
	IR        *DataflowIR
	CallGraph *callgraph.CallGraph
}

DataflowExecutor wraps existing taint analysis functions.

func NewDataflowExecutor 

func NewDataflowExecutor(ir *DataflowIR, cg *callgraph.CallGraph) *DataflowExecutor

NewDataflowExecutor creates a new executor.

func (*DataflowExecutor) Execute 

func (e *DataflowExecutor) Execute() []DataflowDetection

Execute routes to local or global analysis based on scope.

type DataflowIR 

type DataflowIR struct {
	Type        string          `json:"type"`        // "dataflow"
	Sources     []CallMatcherIR `json:"sources"`     // Where taint originates
	Sinks       []CallMatcherIR `json:"sinks"`       // Dangerous functions
	Sanitizers  []CallMatcherIR `json:"sanitizers"`  // Taint-removing functions
	Propagation []PropagationIR `json:"propagation"` // How taint flows (for future use)
	Scope       string          `json:"scope"`       // "local" or "global"
}

DataflowIR represents dataflow (taint analysis) JSON IR from Python DSL.

func (*DataflowIR) GetType 

func (d *DataflowIR) GetType() IRType

GetType returns the IR type.

type IRType 

type IRType string

IRType represents the type of IR node. 

const (
	IRTypeCallMatcher     IRType = "call_matcher"
	IRTypeVariableMatcher IRType = "variable_matcher"
	IRTypeDataflow        IRType = "dataflow"
	IRTypeLogicAnd        IRType = "logic_and"
	IRTypeLogicOr         IRType = "logic_or"
	IRTypeLogicNot        IRType = "logic_not"
)

type MatcherIR 

type MatcherIR interface {
	GetType() IRType
}

MatcherIR is the base interface for all matcher IR types.

type PropagationIR 

type PropagationIR struct {
	Type     string                 `json:"type"`     // "assignment", "function_args", etc.
	Metadata map[string]interface{} `json:"metadata"` // Future use
}

PropagationIR represents propagation primitives (currently informational only).

type RuleIR 

type RuleIR struct {
	Rule struct {
		ID          string `json:"id"`
		Name        string `json:"name"`
		Severity    string `json:"severity"`
		CWE         string `json:"cwe"`
		OWASP       string `json:"owasp"`
		Description string `json:"description"`
	} `json:"rule"`
	Matcher interface{} `json:"matcher"` // Will be one of *MatcherIR types
}

RuleIR represents a complete rule with metadata.

type RuleLoader 

type RuleLoader struct {
	RulesPath string // Path to .py rules file or directory
}

RuleLoader loads Python DSL rules and executes them.

func NewRuleLoader 

func NewRuleLoader(rulesPath string) *RuleLoader

NewRuleLoader creates a new rule loader.

func (*RuleLoader) ExecuteRule 

func (l *RuleLoader) ExecuteRule(rule *RuleIR, cg *callgraph.CallGraph) ([]DataflowDetection, error)

ExecuteRule executes a single rule against callgraph.

func (*RuleLoader) LoadRules 

func (l *RuleLoader) LoadRules() ([]RuleIR, error)

LoadRules loads and executes Python DSL rules.

Algorithm:

  1. Execute Python rules file with timeout: python3 rules.py
  2. Capture JSON IR output from stdout
  3. Parse JSON IR into RuleIR structs
  4. Return list of rules

type VariableMatchResult 

type VariableMatchResult struct {
	CallSite     callgraph.CallSite
	VariableName string // The matched variable name
	ArgumentPos  int    // Position in argument list
	FunctionFQN  string
	SourceFile   string
	Line         int
}

VariableMatchResult contains match information.

type VariableMatcherExecutor 

type VariableMatcherExecutor struct {
	IR        *VariableMatcherIR
	CallGraph *callgraph.CallGraph
}

VariableMatcherExecutor executes variable_matcher IR.

func NewVariableMatcherExecutor 

func NewVariableMatcherExecutor(ir *VariableMatcherIR, cg *callgraph.CallGraph) *VariableMatcherExecutor

NewVariableMatcherExecutor creates a new executor.

func (*VariableMatcherExecutor) Execute 

func (e *VariableMatcherExecutor) Execute() []VariableMatchResult

Execute finds all variable references matching the pattern.

Algorithm:

  1. Iterate over callGraph.CallSites
  2. For each call site, check arguments for variable references
  3. Match argument values against pattern (with wildcard support)
  4. Return list of matching call sites with argument positions

type VariableMatcherIR 

type VariableMatcherIR struct {
	Type     string `json:"type"`     // "variable_matcher"
	Pattern  string `json:"pattern"`  // "user_input" or "user_*"
	Wildcard bool   `json:"wildcard"` // true if pattern has *
}

VariableMatcherIR represents variable_matcher JSON IR.

func (*VariableMatcherIR) GetType 

func (v *VariableMatcherIR) GetType() IRType

GetType returns the IR type.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.