Categorygithub.com/cokeBeer/gootpkgexampledataflowtaint
package
0.0.33
Repository: https://github.com/cokebeer/goot.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
24
Dependents
1
Files
2k SLOC

# README

Taint

OPTIONS

I write a runner to help you use taint analysis
You can set options directly on a Runner like

runner := taint.NewRunner("relative/path/to/package")
runner.ModuleName = "module-name"
runner.PassThroughDstPath = "passthrough.json"
runner.CallGraphDstPath = "callgraph.json"

All options are:

  • ModuleName(necessary): the target module's name, often in go.mod
  • PkgPath(necessary): the target packages' relative path, it is important that you should write analysis file in same project. e.g. cmd/myanalysis/main.go, in case go can't find target packages
  • Debug(optional): when set true, output debug information, default false
  • InitOnly(optional): when set true, only analysis init functions, default false
  • PassThroughOnly(optional): when set true only do passthrough analysis, default false
  • PassThroughSrcPath(optional): path to passthrough sources, you can use it to accelerate analysis or add additional passthrough, default []string{}
  • PassThroughDstPath(optional): path to save passthrough output, default ""
  • TaintGraphDstPath(optional): path to save taint edge output, default ""
  • Ruler (optional): ruler is interface that defines how to decide whether a node is sink, source or intra. You can implements it, default DummyRuler
  • PersistToNeo4j(optional): when set true, save nodes and edges to neo4j, default false
  • Neo4jUsername(optiosnal): neo4j usename, default ""
  • Neo4jPassword(optional): neo4j password, default ""
  • Neo4jURI(optional): neo4j uri, default ""
  • TargetFunc(optional): when set, only analysis target function and output its SSA, default ""
  • UsePointerAnalysis(optional): when set, use pointer analysis to help selecting callee, default false. ⚠️ note that if you set this true, the PkgPath option can only contain main packages

# Packages

No description provided by the author

# Functions

FetchPassThrough loads passthrougth data from target source.
GetTaint returns innerTaint.
GetTaintWrapper gets wrapper with a key.
MergeTaintWrapper merges wrapper with same key from in flow to inout flow.
New creates a TaintAnalysis.
NewDummyRuler returns a DummyRuler.
NewInterfaceHierarchy returns an InterfaceHierarchy.
NewPassThrough return a PassThrough.
NewPassThroughCache returns a PassThroughCache.
NewRunner returns a *taint.Runner.
NewTaintGraph returns a TaintGraph.
NewTaintWrapper returns a TaintWrapper.
PassTaint passes taint from a wrapper with key to another with key.
PersistPassThrough stores passthrough data to target destination.
PersistTaintGraph stores taint edges to target destination.
PersistToNeo4j stores taint edges to neo4j database.
Run kicks off a taint analysis on a function.
SetTaint set innerTaint for a wrapper with a key.
SetTaintWrapper sets wrapper wtih a key.

# Variables

Gostd reprents all go standard library's PkgPath.

# Structs

DummyRuler is a dummy rule.Ruler used for test.
Edge represents a taint edge.
Imethod represents an interface method I.m.
InterfaceHierarchy represents implemetation relations.
Node represents a taint node.
NoMainPkgError represents a no main package error.
PassThrough represents a passthrough.
PassThroughCache represents a passthrough cache.
Runner represents a analysis runner.
TaintAnalysis represents a taint analysis.
TaintConfig represents a configuration for taint analysis.
TaintGraph represents a graph contain static call nodes and edges.
TaintSwitcher represents a switcher for taint analysis.
TaintWrapper represents a wrapper of taint.