Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Sign up
Appearance settings

Commit 3b344a3

Browse files
Merge pull request #190 from adrianbn/128_dont_ask_me_anymore
128: Allow the user to cancel interactive mode
2 parents 54df18e + 986532a commit 3b344a3

File tree

1 file changed

+16
-11
lines changed

1 file changed

+16
-11
lines changed

‎pyt/vulnerabilities/vulnerabilities.py

Lines changed: 16 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -327,34 +327,38 @@ def how_vulnerable(
327327
if current_node in sanitiser_nodes:
328328
vuln_deets['sanitiser'] = current_node
329329
vuln_deets['confident'] = True
330-
return VulnerabilityType.SANITISED
330+
return VulnerabilityType.SANITISED, interactive
331331

332332
if isinstance(current_node, BBorBInode):
333333
if current_node.func_name in blackbox_mapping['propagates']:
334334
continue
335335
elif current_node.func_name in blackbox_mapping['does_not_propagate']:
336-
return VulnerabilityType.FALSE
336+
return VulnerabilityType.FALSE, interactive
337337
elif interactive:
338338
user_says = input(
339-
'Is the return value of {} with tainted argument "{}" vulnerable? (Y/n)'.format(
339+
'Is the return value of {} with tainted argument "{}" vulnerable? ([Y]es/[N]o/[S]top asking)'.format(
340340
current_node.label,
341341
chain[i - 1].left_hand_side
342342
)
343343
).lower()
344+
if user_says.startswith('s'):
345+
interactive = False
346+
vuln_deets['unknown_assignment'] = current_node
347+
return VulnerabilityType.UNKNOWN, interactive
344348
if user_says.startswith('n'):
345349
blackbox_mapping['does_not_propagate'].append(current_node.func_name)
346-
return VulnerabilityType.FALSE
350+
return VulnerabilityType.FALSE, interactive
347351
blackbox_mapping['propagates'].append(current_node.func_name)
348352
else:
349353
vuln_deets['unknown_assignment'] = current_node
350-
return VulnerabilityType.UNKNOWN
354+
return VulnerabilityType.UNKNOWN, interactive
351355

352356
if potential_sanitiser:
353357
vuln_deets['sanitiser'] = potential_sanitiser
354358
vuln_deets['confident'] = False
355-
return VulnerabilityType.SANITISED
359+
return VulnerabilityType.SANITISED, interactive
356360

357-
return VulnerabilityType.TRUE
361+
return VulnerabilityType.TRUE, interactive
358362

359363

360364
def get_tainted_node_in_sink_args(
@@ -439,12 +443,13 @@ def get_vulnerability(
439443
cfg.nodes,
440444
lattice
441445
)
446+
442447
for chain in get_vulnerability_chains(
443448
source.cfg_node,
444449
sink.cfg_node,
445450
def_use
446451
):
447-
vulnerability_type = how_vulnerable(
452+
vulnerability_type, interactive = how_vulnerable(
448453
chain,
449454
blackbox_mapping,
450455
sanitiser_nodes,
@@ -458,9 +463,9 @@ def get_vulnerability(
458463

459464
vuln_deets['reassignment_nodes'] = chain
460465

461-
return vuln_factory(vulnerability_type)(**vuln_deets)
466+
return vuln_factory(vulnerability_type)(**vuln_deets), interactive
462467

463-
return None
468+
return None, interactive
464469

465470

466471
def find_vulnerabilities_in_cfg(
@@ -491,7 +496,7 @@ def find_vulnerabilities_in_cfg(
491496
)
492497
for sink in triggers.sinks:
493498
for source in triggers.sources:
494-
vulnerability = get_vulnerability(
499+
vulnerability, interactive = get_vulnerability(
495500
source,
496501
sink,
497502
triggers,

0 commit comments

Comments
(0)

AltStyle によって変換されたページ (->オリジナル) /