Documentation ¶
Index ¶
- Variables
- func EvalConst(expr ssa.Value, cg util.CallGraph) (*ssa.Const, bool)
- func FilterResults(unfilteredResults []util.Finding, parent_dir string) ([]util.Finding, error)
- func LoadGenericAnalyzers() []*analysis.Analyzer
- func OutputResults(results []util.Finding, success bool) error
- func Scan(args []string) ([]util.Finding, error)
- type FuncCheck
- type FuncContent
Constants ¶
This section is empty.
Variables ¶
var AllcryptoAnalyzer = &analysis.Analyzer{ Name: "all_crypto", Doc: "reports all cryptographic algorithms", Run: allcryptoRun, Requires: []*analysis.Analyzer{buildssa.Analyzer}, }
var Analyzers = []*analysis.Analyzer{ WeakcryptoAnalyzer, lowLengthAnalyzer, FuncTaintAnalyzer, RandomAnalyzer, SSRFAnalyzer, TLSAnalyzer, }
Analyzers
var FuncTaintAnalyzer = &analysis.Analyzer{ Name: "function taint", Doc: "misuse crypto function", Run: funcRun, Requires: []*analysis.Analyzer{buildssa.Analyzer}, }
AESKeyLenAnalyzer
var RECOMMENDED_KEYLEN []int64
var RECOMMENDED_KEYLEN_ string
var RandomAnalyzer = &analysis.Analyzer{ Name: "random", Doc: "random generation is not correct", Run: randomRun, Requires: []*analysis.Analyzer{buildssa.Analyzer}, }
AESKeyLenAnalyzer
var ReuseFileFlat map[string]bool
reuse
var SSRFAnalyzer = &analysis.Analyzer{ Name: "HTTP", Doc: "Do not use HTTP URL connections", Run: ssrfRun, Requires: []*analysis.Analyzer{buildssa.Analyzer}, }
SSRF Analyzer constructs Sinks from a set of functions known to be vulnerable to Server Side Request Forgery, converts all variables to SSA form to construct a call graph and performs recursive taint analysis to search for input sources of user-controllable data
Functions ¶
func EvalConst ¶
EvalConst attempts to take a value, and simplify it down to a single constant it returns a tuple of (the constant, whether or not it successfully simplified)
func FilterResults ¶
func LoadGenericAnalyzers ¶
LoadGenericAnalyzers creates generic taint analyzers from custom Sources and Sinks defined in analyzers.yaml converts all variables to SSA form to construct a call graph and performs recursive taint analysis to search for input sources of user-controllable data
Types ¶
type FuncCheck ¶
type FuncCheck map[string][]FuncContent