100000 Find_Imports 0 100000 true 0 Java false false 2 Corp 1 Java_Exploitable_Path Comment rootComment = new Comment(); // @BUG This is currently missing "require.main.require" CxList imports = All.FindByType(typeof(Import)); foreach(CxList imp in imports){ Import import = imp.TryGetCSharpGraph<Import>(); string name = import.ImportedFilename; if (IsThirdPartyPackage(name)){ AddToResults(name, import.LinePragma); } } void AddToResults(String ModuleName, LinePragma LP){ Comment comment = new Comment(ModuleName, ModuleName, rootComment, LP); comment.ResolveShortName(ModuleName); result.Add(comment.NodeId, comment); } // Imports bool IsThirdPartyPackage(string name) { // A list of NodeJS builtin modules that will be ignored HashSet<string> BuiltinModules = new HashSet<string> {"assert","async_hooks","buffer","child_process","cluster","console","constants","crypto","dgram","dns","domain","events","fs","http","http2","https","inspector","module","net","os","path","perf_hooks","process","punycode","querystring","readline","repl","stream","string_decoder","timers","tls","trace_events","tty","url","util","v8","vm","zlib"}; return !name.StartsWith(".") && !BuiltinModules.Contains(name); } 1 100001 Find_Unresolved_Methods 0 100000 true 0 Java false false 2 Corp 1 Java_Exploitable_Path CxList allParams = All.FindByType(typeof(Param)); CxList methods = All.FindByType(typeof(MethodInvokeExpr)); CxList ctors = All.FindByType(typeof(ObjectCreateExpr)); CxList typeRefs = All.FindByType(typeof(TypeRef)); CxList unknownReferences = All.FindByType(typeof(UnknownReference)); CxList genericTypes = All.FindByType(typeof(GenericTypeRef)); CxList declarators = All.FindByType(typeof(Declarator)); CxList javaCollections = All.FindByShortNames(new List<string> { "ArrayDequeue", "ArrayList","Collection","Dequeue","HashMap","HashSet","HashTable", "Iterable","LinkedHashSet","LinkedList","List","PriorityQueue","Queue", "Set","SortedSet","Stack","TreeSet","Vector" }); // For a ctor, calling FindDefinition() will always return 0 results. // Here, the ctors without a definition are added to the methods list foreach(CxList ctor in ctors) { bool foundDef = false; var ctorTypeRefs = typeRefs.FindByFathers(ctor); foreach(CxList ctorTypeRef in ctorTypeRefs) { if(All.FindDefinition(ctorTypeRef).Count != 0) { foundDef = true; } } if (!foundDef) { methods.Add(ctor); } } foreach(CxList method in methods){ if(All.FindDefinition(method).Count == 0){ CxList target = method.GetTargetOfMembers(); CxList def = All.FindDefinition(target); Comment rootComment = new Comment(); Expression methObject = method.TryGetCSharpGraph<Expression>(); LinePragma lp = methObject.LinePragma; string lpString = lp.ToString(); if (lpString.Contains("\\plugins\\java\\")) { continue; } string methodName = method.GetName(); CxList methodParams = allParams.GetByAncs(method); string paramsStr = "||("; string currParamStr = ""; bool isFirst = true; foreach(CxList methodParam in methodParams){ try { // Check if it's indeed a param for the current method, or a more inner param CxList methodsOfParam = methodParam.GetAncOfType(typeof(MethodInvokeExpr)); CxList ctorsOfParam = methodParam.GetAncOfType(typeof(ObjectCreateExpr)); methodsOfParam.Add(ctorsOfParam); bool isParamOfMethod = false; foreach(CxList methodOfParam in methodsOfParam){ isParamOfMethod = methodOfParam.Equals(method); } if (!isParamOfMethod) { continue; } Param paramObj = methodParam.TryGetCSharpGraph<Param>(); if (paramObj.Value is PrimitiveExpr) { if (paramObj.Value is BooleanLiteral) { currParamStr = "boolean"; } else if (paramObj.Value is CharLiteral) { currParamStr = "char"; } else if (paramObj.Value is IntegerLiteral) { currParamStr = "int"; } else if (paramObj.Value is RealLiteral) { currParamStr = "double"; // means float or double } else if (paramObj.Value is StringLiteral) { currParamStr = "string"; } else { currParamStr = "object"; } } else if (paramObj.Value is Reference) { currParamStr = All.FindById(paramObj.Value.DomId).GetName(); } else { currParamStr = "object"; } } catch { currParamStr = "object"; } if (isFirst) { isFirst = false; } else { paramsStr += "||,"; } paramsStr += currParamStr; } paramsStr += "||)"; CxList objectCreate = ctors.GetByAncs(def); objectCreate -= javaCollections; CxList typeRef = typeRefs.GetByAncs(def); typeRef -= javaCollections; CxList declar = declarators.GetByAncs(def); bool foundSignature = false; string name = ""; string objectName = ""; if (methObject is ObjectCreateExpr) { foundSignature = true; name = methodName; // In case of ctor, method and class names match objectName = methodName; } else if (objectCreate.Count > 0) { // When refering to Object Create Expression foundSignature = true; name = objectCreate.GetName(); objectName = objectCreate.GetName(); } else if (typeRef.Count > 0) { // When refering to Type Ref foundSignature = true; name = typeRef.GetName(); objectName = typeRef.GetName(); } else if (declar.Count > 0) { // When refering to Declarators Declarator declarator = declar.TryGetCSharpGraph<Declarator>(); LinePragma lpDecl = declarator.LinePragma; CxList relevantTypes = All.NewCxList(); relevantTypes.Add(genericTypes,typeRefs,ctors); CxList typeName = relevantTypes.FindByPosition(lpDecl.FileName, lpDecl.Line); typeName -= javaCollections; typeName -= typeName.FindByShortName("?"); if (typeName.Count > 0) { foundSignature = true; name = typeName.GetName(); objectName = typeName.GetName(); } } if (objectName.StartsWith("CxOrphanClass_")) { objectName = "object"; } //if (foundSignature) { Comment comment = new Comment(methodName, methodName, rootComment, lp); comment.ResolveShortName(objectName + "||." + methodName + paramsStr); result.Add(comment.NodeId, comment); //} } } 1