"Fossies" - the Fresh Open Source Software Archive  

Source code changes of the file "interprocedural_analyses/taint/configuration.ml" between
pyre-check-0.0.53.tar.gz and pyre-check-0.0.54.tar.gz

About: Pyre is a performant type checker for Python (ships with Pysa, a security focused static analysis tool).

configuration.ml  (pyre-check-0.0.53):configuration.ml  (pyre-check-0.0.54)
skipping to change at line 41 skipping to change at line 41
maximum_overrides_to_analyze: int option; maximum_overrides_to_analyze: int option;
} }
let default_analysis_model_constraints = let default_analysis_model_constraints =
{ {
maximum_model_width = 25; maximum_model_width = 25;
maximum_complex_access_path_length = 10; maximum_complex_access_path_length = 10;
maximum_overrides_to_analyze = None; maximum_overrides_to_analyze = None;
} }
type partial_sink_converter = (Sources.t * Sinks.t) list String.Map.Tree.t type partial_sink_converter = (Sources.t list * Sinks.t) list String.Map.Tree.t
type t = { type t = {
sources: string list; sources: string list;
sinks: string list; sinks: string list;
features: string list; features: string list;
rules: Rule.t list; rules: Rule.t list;
implicit_sinks: implicit_sinks; implicit_sinks: implicit_sinks;
partial_sink_converter: partial_sink_converter; partial_sink_converter: partial_sink_converter;
acceptable_sink_labels: string list String.Map.Tree.t; acceptable_sink_labels: string list String.Map.Tree.t;
find_obscure_flows: bool; find_obscure_flows: bool;
skipping to change at line 99 skipping to change at line 99
exception exception
MalformedConfiguration of { MalformedConfiguration of {
path: string; path: string;
parse_error: string; parse_error: string;
} }
module PartialSinkConverter = struct module PartialSinkConverter = struct
let mangle { Sinks.kind; label } = Format.sprintf "%s$%s" kind label let mangle { Sinks.kind; label } = Format.sprintf "%s$%s" kind label
let add map ~first_source ~first_sinks ~second_source ~second_sinks = let add map ~first_sources ~first_sinks ~second_sources ~second_sinks =
let add map (first_sink, second_sink) = let add map (first_sink, second_sink) =
(* Trigger second sink when the first sink matches a source, and vice vers a. *) (* Trigger second sink when the first sink matches a source, and vice vers a. *)
String.Map.Tree.add_multi String.Map.Tree.add_multi
map map
~key:(mangle first_sink) ~key:(mangle first_sink)
~data:(first_source, Sinks.TriggeredPartialSink second_sink) ~data:(first_sources, Sinks.TriggeredPartialSink second_sink)
|> String.Map.Tree.add_multi |> String.Map.Tree.add_multi
~key:(mangle second_sink) ~key:(mangle second_sink)
~data:(second_source, Sinks.TriggeredPartialSink first_sink) ~data:(second_sources, Sinks.TriggeredPartialSink first_sink)
in in
List.cartesian_product first_sinks second_sinks |> List.fold ~f:add ~init:ma p List.cartesian_product first_sinks second_sinks |> List.fold ~f:add ~init:ma p
let merge left right = let merge left right =
String.Map.Tree.merge String.Map.Tree.merge
~f:(fun ~key:_ -> function ~f:(fun ~key:_ -> function
| `Left value | `Left value
| `Right value -> | `Right value ->
Some value Some value
| `Both (left, right) -> Some (left @ right)) | `Both (left, right) -> Some (left @ right))
left left
right right
let get_triggered_sink sink_to_sources ~partial_sink ~source = let get_triggered_sink sink_to_sources ~partial_sink ~source =
match mangle partial_sink |> String.Map.Tree.find sink_to_sources with match mangle partial_sink |> String.Map.Tree.find sink_to_sources with
| Some source_and_sink_list -> | Some source_and_sink_list ->
List.find source_and_sink_list ~f:(fun (supported_source, _) -> List.find source_and_sink_list ~f:(fun (supported_sources, _) ->
Sources.equal source supported_source) List.exists supported_sources ~f:(Sources.equal source))
>>| snd >>| snd
| _ -> None | _ -> None
end end
let parse source_jsons = let parse source_jsons =
let member name json = let member name json =
try Json.Util.member name json with try Json.Util.member name json with
| Not_found -> `Null | Not_found -> `Null
in in
let array_member name json = let array_member name json =
skipping to change at line 209 skipping to change at line 209
let parse_combined_source_rules ~allowed_sources ~acceptable_sink_labels json = let parse_combined_source_rules ~allowed_sources ~acceptable_sink_labels json =
let parse_combined_source_rule (rules, partial_sink_converter) json = let parse_combined_source_rule (rules, partial_sink_converter) json =
let name = Json.Util.member "name" json |> Json.Util.to_string in let name = Json.Util.member "name" json |> Json.Util.to_string in
let message_format = Json.Util.member "message_format" json |> Json.Util.t o_string in let message_format = Json.Util.member "message_format" json |> Json.Util.t o_string in
let code = Json.Util.member "code" json |> Json.Util.to_int in let code = Json.Util.member "code" json |> Json.Util.to_int in
validate_code_uniqueness code; validate_code_uniqueness code;
let sources = Json.Util.member "sources" json in let sources = Json.Util.member "sources" json in
let keys = Json.Util.keys sources in let keys = Json.Util.keys sources in
match keys with match keys with
| [first; second] -> | [first; second] ->
let first_source = let parse_sources sources =
Json.Util.member first sources match sources with
|> Json.Util.to_string | `String source -> [Sources.parse ~allowed:allowed_sources source]
|> Sources.parse ~allowed:allowed_sources | `List sources ->
in List.map sources ~f:Json.Util.to_string
let second_source = |> List.map ~f:(Sources.parse ~allowed:allowed_sources)
Json.Util.member second sources | _ -> failwith "Expected a string or list of strings for combined r
|> Json.Util.to_string ule sources."
|> Sources.parse ~allowed:allowed_sources
in in
let first_sources = Json.Util.member first sources |> parse_sources in
let second_sources = Json.Util.member second sources |> parse_sources
in
let sinks = Json.Util.member "sinks" json |> parse_string_list in let sinks = Json.Util.member "sinks" json |> parse_string_list in
let create_partial_sink label sink = let create_partial_sink label sink =
begin begin
match String.Map.Tree.find acceptable_sink_labels sink with match String.Map.Tree.find acceptable_sink_labels sink with
| Some labels when not (List.mem ~equal:String.equal labels label) -> | Some labels when not (List.mem ~equal:String.equal labels label) ->
failwith failwith
(Format.sprintf (Format.sprintf
"Error when parsing configuration: `%s` is an invalid lab el For multi sink \ "Error when parsing configuration: `%s` is an invalid lab el For multi sink \
`%s` (choices: `%s`)" `%s` (choices: `%s`)"
skipping to change at line 244 skipping to change at line 244
(Format.sprintf (Format.sprintf
"Error when parsing configuration: `%s` is not a multi si nk." "Error when parsing configuration: `%s` is not a multi si nk."
sink) sink)
| _ -> () | _ -> ()
end; end;
{ Sinks.kind = sink; label } { Sinks.kind = sink; label }
in in
let first_sinks = List.map sinks ~f:(create_partial_sink first) in let first_sinks = List.map sinks ~f:(create_partial_sink first) in
let second_sinks = List.map sinks ~f:(create_partial_sink second) in let second_sinks = List.map sinks ~f:(create_partial_sink second) in
( { ( {
Rule.sources = [first_source]; Rule.sources = first_sources;
sinks = List.map first_sinks ~f:(fun sink -> Sinks.TriggeredPartia lSink sink); sinks = List.map first_sinks ~f:(fun sink -> Sinks.TriggeredPartia lSink sink);
name; name;
code; code;
message_format; message_format;
} }
:: { :: {
Rule.sources = [second_source]; Rule.sources = second_sources;
sinks = List.map second_sinks ~f:(fun sink -> Sinks.TriggeredPa rtialSink sink); sinks = List.map second_sinks ~f:(fun sink -> Sinks.TriggeredPa rtialSink sink);
name; name;
code; code;
message_format; message_format;
} }
:: rules, :: rules,
PartialSinkConverter.add PartialSinkConverter.add
partial_sink_converter partial_sink_converter
~first_source ~first_sources
~first_sinks ~first_sinks
~second_source ~second_sources
~second_sinks ) ~second_sinks )
| _ -> failwith "Combined source rules must be of the form {\"a\": SourceA , \"b\": SourceB}" | _ -> failwith "Combined source rules must be of the form {\"a\": SourceA , \"b\": SourceB}"
in in
array_member "combined_source_rules" json array_member "combined_source_rules" json
|> List.fold ~init:([], String.Map.Tree.empty) ~f:parse_combined_source_rule |> List.fold ~init:([], String.Map.Tree.empty) ~f:parse_combined_source_rule
in in
let parse_implicit_sinks ~allowed_sinks json = let parse_implicit_sinks ~allowed_sinks json =
match member "implicit_sinks" json with match member "implicit_sinks" json with
| `Null -> empty_implicit_sinks | `Null -> empty_implicit_sinks
| implicit_sinks -> | implicit_sinks ->
 End of changes. 11 change blocks. 
19 lines changed or deleted 21 lines changed or added

Home  |  About  |  Features  |  All  |  Newest  |  Dox  |  Diffs  |  RSS Feeds  |  Screenshots  |  Comments  |  Imprint  |  Privacy  |  HTTP(S)