facebook / sapp Goto Github PK
View Code? Open in Web Editor NEWPost Processor for Facebook Static Analysis Tools.
License: MIT License
Post Processor for Facebook Static Analysis Tools.
License: MIT License
When using:
sapp --tool=mariana-trench analyze .
I got error:
/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/sqlalchemy/orm/relationships.py:1994: SAWarning: Setting backref / back_populates on relationship Run.issue_instances to refer to viewonly relationship IssueInstance.run should include sync_backref=False set on the Run.issue_instances relationship. (this warning may be suppressed after 10 occurrences)
util.warn_limited(
/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/sqlalchemy/orm/relationships.py:1994: SAWarning: Setting backref / back_populates on relationship IssueInstance.run to refer to viewonly relationship Run.issue_instances should include sync_backref=False set on the IssueInstance.run relationship. (this warning may be suppressed after 10 occurrences)
util.warn_limited(
2022-06-01 20:47:21,491 [INFO] Parsing analysis output...
Traceback (most recent call last):
File "/Users/shijian03/.venvs/mariana-trench/bin/sapp", line 8, in
sys.exit(cli())
File "/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/click/core.py", line 1130, in call
return self.main(*args, **kwargs)
File "/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/click/core.py", line 1055, in main
rv = self.invoke(ctx)
File "/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/click/core.py", line 1657, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/click/core.py", line 1404, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/click/core.py", line 760, in invoke
return __callback(*args, **kwargs)
File "/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/click/decorators.py", line 84, in new_func
return ctx.invoke(f, obj, *args, **kwargs)
File "/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/click/core.py", line 760, in invoke
return __callback(*args, **kwargs)
File "/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/sapp/cli_lib.py", line 208, in analyze
pipeline.run(analysis_output, summary_blob)
File "/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/sapp/pipeline/init.py", line 363, in run
next_input, summary = step.run(next_input, summary)
File "/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/sapp/pipeline/base_parser.py", line 236, in run
self.analysis_output_to_dict_entries(
File "/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/sapp/pipeline/base_parser.py", line 188, in analysis_output_to_dict_entries
for typ, key, e in self._analysis_output_to_parsed_tuples(inputfile):
File "/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/sapp/pipeline/base_parser.py", line 135, in _analysis_output_to_parsed_tuples
for e in entries:
File "/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/sapp/pipeline/mariana_trench_parser.py", line 351, in parse
yield from self.parse_handle(handle)
File "/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/sapp/pipeline/mariana_trench_parser.py", line 367, in parse_handle
for postcondition in self._parse_postconditions(model):
File "/Users/shijian03/.venvs/mariana-trench/lib/python3.9/site-packages/sapp/pipeline/mariana_trench_parser.py", line 528, in _parse_postconditions
port=Port.from_json(generation["caller_port"], "source"),
KeyError: 'caller_port'
Looking forward to hearing from you.
Thanks!
Error while reading issues with the following description
User input flows into WebView load: Values from user-controlled source may eventually flow into a Webview load potentially causing XSS
sapp --database-name=sapp.db server --source-directory=src/main/java
# Python 3.8.10
# Ubuntu 20.01
# Installed Using: pip install mariana-trench
function adjustRange(range: Range, lines: $ReadOnlyArray<string>): Range {
// TODO(T78595608): workaround for inaccurate Pysa locations with leading and
// trailing whitespaces.
// Assuming all ranges are single line.
const source = lines[range.from.line].slice(range.from.ch, range.to.ch); // <<<<< ERROR
const leadingWhitespace = source.search(/\S/);
const trailingWhitespace = source.length - source.trimEnd().length;
return {
from: {
line: range.from.line,
ch: range.from.ch + leadingWhitespace,
},
to: {
line: range.to.line,
ch: range.to.ch - trailingWhitespace,
},
};
}
react-dom.production.min.js:209 TypeError: Cannot read properties of undefined (reading 'slice')
at Source.js:40
at Source.js:80
at Array.map (<anonymous>)
at te (Source.js:63)
at ne (Source.js:183)
at $i (react-dom.production.min.js:153)
at Ia (react-dom.production.min.js:175)
at mc (react-dom.production.min.js:263)
at ls (react-dom.production.min.js:246)
at cs (react-dom.production.min.js:246)
When I install fb-sapp
from Pypi and analyze the output it returns the following error.
sapp -v "DEBUG" --tool=mariana-trench analyze .
/usr/local/lib/python3.9/site-packages/sqlalchemy/orm/relationships.py:1994: SAWarning: Setting backref / back_populates on relationship Run.issue_instances to refer to viewonly relationship IssueInstance.run should include sync_backref=False set on the Run.issue_instances relationship. (this warning may be suppressed after 10 occurrences)
util.warn_limited(
/usr/local/lib/python3.9/site-packages/sqlalchemy/orm/relationships.py:1994: SAWarning: Setting backref / back_populates on relationship IssueInstance.run to refer to viewonly relationship Run.issue_instances should include sync_backref=False set on the IssueInstance.run relationship. (this warning may be suppressed after 10 occurrences)
util.warn_limited(
2022-08-23 11:00:16,264 [DEBUG] Context: Context(database=<sapp.db.DB object at 0x1121fa1c0>, parser_class=<class 'sapp.pipeline.mariana_trench_parser_v2.Parser'>, repository='/Volumes/Samsung_T5/2. Lab Project/SAST-Mobile/Android-InsecureBankv2', ipython_extensions=[], tool='mariana-trench')
2022-08-23 11:00:16,269 [INFO] Parsing analysis output...
Traceback (most recent call last):
File "/usr/local/bin/sapp", line 8, in <module>
sys.exit(cli())
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1130, in __call__
return self.main(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1055, in main
rv = self.invoke(ctx)
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1657, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1404, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 760, in invoke
return __callback(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/click/decorators.py", line 84, in new_func
return ctx.invoke(f, obj, *args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 760, in invoke
return __callback(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/sapp/cli_lib.py", line 206, in analyze
pipeline.run(analysis_output, summary_blob)
File "/usr/local/lib/python3.9/site-packages/sapp/pipeline/__init__.py", line 365, in run
next_input, summary = step.run(next_input, summary)
File "/usr/local/lib/python3.9/site-packages/sapp/pipeline/base_parser.py", line 235, in run
self.analysis_output_to_dict_entries(
File "/usr/local/lib/python3.9/site-packages/sapp/pipeline/base_parser.py", line 187, in analysis_output_to_dict_entries
for typ, key, e in self._analysis_output_to_parsed_tuples(inputfile):
File "/usr/local/lib/python3.9/site-packages/sapp/pipeline/base_parser.py", line 136, in _analysis_output_to_parsed_tuples
for e in entries:
File "/usr/local/lib/python3.9/site-packages/sapp/pipeline/mariana_trench_parser_v2.py", line 468, in parse
yield from self.parse_handle(handle)
File "/usr/local/lib/python3.9/site-packages/sapp/pipeline/mariana_trench_parser_v2.py", line 482, in parse_handle
for precondition in self._parse_preconditions(model):
File "/usr/local/lib/python3.9/site-packages/sapp/pipeline/mariana_trench_parser_v2.py", line 764, in _parse_condition
port=Port.from_json(leaf_model["port"], leaf_kind),
KeyError: 'port'
The temporary solution is to use the previous version pip install fb-sapp==0.5.2
Instead of using the latest version pip install fb-sapp==0.5.3
released on Aug 19, 2022
sapp/sapp/pipeline/mariana_trench_parser.py
Line 850 in e6f541a
I am trying to make mariana-trench work and have followed their guide on there repo (https://github.com/facebook/mariana-trench). Everything seems to run successfully but when I want to use sapp to analyse, I get "KeyError: 'port'". Here is the full error:
/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/sqlalchemy/orm/relationships.py:1994: SAWarning: Setting backref / back_populates on relationship Run.issue_instances to refer to viewonly relationship IssueInstance.run should include sync_backref=False set on the Run.issue_instances relationship. (this warning may be suppressed after 10 occurrences) util.warn_limited( /home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/sqlalchemy/orm/relationships.py:1994: SAWarning: Setting backref / back_populates on relationship IssueInstance.run to refer to viewonly relationship Run.issue_instances should include sync_backref=False set on the IssueInstance.run relationship. (this warning may be suppressed after 10 occurrences) util.warn_limited( 2023-02-06 00:03:09,854 [INFO] Parsing analysis output... Traceback (most recent call last): File "/home/hukad/.venvs/mariana-trench/bin/sapp", line 33, in <module> sys.exit(load_entry_point('fb-sapp==0.5.4', 'console_scripts', 'sapp')()) File "/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/click/core.py", line 1130, in __call__ return self.main(*args, **kwargs) File "/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/click/core.py", line 1055, in main rv = self.invoke(ctx) File "/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/click/core.py", line 1657, in invoke return _process_result(sub_ctx.command.invoke(sub_ctx)) File "/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/click/core.py", line 1404, in invoke return ctx.invoke(self.callback, **ctx.params) File "/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/click/core.py", line 760, in invoke return __callback(*args, **kwargs) File "/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/click/decorators.py", line 84, in new_func return ctx.invoke(f, obj, *args, **kwargs) File "/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/click/core.py", line 760, in invoke return __callback(*args, **kwargs) File "/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/sapp/cli_lib.py", line 206, in analyze pipeline.run(analysis_output, summary_blob) File "/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/sapp/pipeline/__init__.py", line 365, in run next_input, summary = step.run(next_input, summary) File "/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/sapp/pipeline/base_parser.py", line 231, in run self.analysis_output_to_dict_entries( File "/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/sapp/pipeline/base_parser.py", line 183, in analysis_output_to_dict_entries for typ, key, e in self._analysis_output_to_parsed_tuples(inputfile): File "/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/sapp/pipeline/base_parser.py", line 132, in _analysis_output_to_parsed_tuples for e in entries: File "/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/sapp/pipeline/mariana_trench_parser.py", line 541, in parse yield from self.parse_handle(handle) File "/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/sapp/pipeline/mariana_trench_parser.py", line 555, in parse_handle for precondition in self._parse_preconditions(model): File "/home/hukad/.venvs/mariana-trench/lib/python3.10/site-packages/sapp/pipeline/mariana_trench_parser.py", line 850, in _parse_condition port=Port.from_json(leaf_model["port"], leaf_kind), KeyError: 'port'
This happens both when installing fb-sapp from pip or directly from github.
zstd library changed and there is no ZstdCompressor in it.
json diagnostics
Thanks for your continued interest in helping us out with Pysa and SAPP, @m0mosenpai and @gracewgao!
Currently, we don't support updating existing SAPP filters. If a user wants to change a field for an existing filter, but keep the name of the filter the same, they would need to delete the filter before re-saving the filter with the same name
For example, suppose we have an existing filter Test Filter 1
that filters only for Code==5008
and we want to overwrite Test Filter 1
to only filter for Code==5003
. We expect to perform this action by loading the saved filter Test Filter 1
, changing the value of code
from 5008
to 5003
, and finally saving the change to Test Filter 1
. However to perform this action now, we will need to delete Test Filter 1
, set the code
to filter for 5003
, and save a new filter with the same name Test Filter 1
git clone [email protected]:facebook/sapp.git && cd sapp
python3 -m venv ~/.venvs/sapp
source ~/.venvs/sapp/bin/activate
pip3 install -r requirements.txt
cd sapp/ui/frontend && npm install
npm run-script build
pyre analyze --no-verify --save-results-to .
python3 -m sapp.cli analyze taint-output.json
python3 -m sapp.cli server
5008
) and save the filter as Test Filter 1
Test Filter 1
)2021-06-01 19:03:22,221 [ERROR] Traceback (most recent call last):
...
graphql.error.located_error.GraphQLLocatedError: (sqlite3.IntegrityError) UNIQUE constraint failed: filters.name
[SQL: INSERT INTO filters (name, description, json) VALUES (?, ?, ?)]
[parameters: ('test', None, '{"features":[{"mode":"all of","features":[]}],"codes":[5001]}')]
(Background on this error at: http://sqlalche.me/e/14/gkpj)
The following list of files that might be good starting points:
Bug description
Following the instructions on the Mariana Trench home page to run but encountered issue.
Reproduction steps
Follow the post processing steps on https://github.com/facebook/mariana-trench
Expected behavior
Give a clear and concise description of what you expected to happen.
Logs
File "/usr/local/bin/sapp", line 8, in <module>
sys.exit(cli())
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1130, in __call__
return self.main(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1055, in main
rv = self.invoke(ctx)
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1657, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 1404, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 760, in invoke
return __callback(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/click/decorators.py", line 84, in new_func
return ctx.invoke(f, obj, *args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/click/core.py", line 760, in invoke
return __callback(*args, **kwargs)
File "/usr/local/lib/python3.9/site-packages/sapp/cli_lib.py", line 236, in server
start_server(ctx.database, debug, static_resources, source_directory, editor_schema)
File "/usr/local/lib/python3.9/site-packages/sapp/ui/server.py", line 75, in start_server
scopefunc=_app_ctx_stack.__ident_func__,
AttributeError: 'LocalStack' object has no attribute '__ident_func__'
Additional context
Add any other context about the problem here.
I added some simple rules to Filter. Please note that the filter with code = 3 in the following picture
First I select it to do filter.It works fine and gives me the issues with code = 3
After several random clicking different filter rules via web UI. I reselected the code=3 filler .It is frustrated to me that the filter result is empty . The reason is the filter query has a unnecessary feature(statuses:do_not_care)。It is weird for same filter has different results
After run sapp --database-name=sapp.db server, we can only visit the issues by http://localhost:5000. But does the sapp can support to bind 0.0.0.0, so that all the people in a team can visit the issues by http://x.x.x.x:500/ ? or is there any roadmap to support this feature ?
While trying to analyze Pysa output with command sapp --database-name sapp.db analyze taint-output.json
, I get the following output.
2023-01-03 14:07:22,447 [INFO] Parsing analysis output...
Traceback (most recent call last):
File "/usr/local/bin/sapp", line 8, in <module>
sys.exit(cli())
File "/usr/local/lib/python3.7/dist-packages/click/core.py", line 1130, in __call__
return self.main(*args, **kwargs)
File "/usr/local/lib/python3.7/dist-packages/click/core.py", line 1055, in main
rv = self.invoke(ctx)
File "/usr/local/lib/python3.7/dist-packages/click/core.py", line 1657, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/usr/local/lib/python3.7/dist-packages/click/core.py", line 1404, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/usr/local/lib/python3.7/dist-packages/click/core.py", line 760, in invoke
return __callback(*args, **kwargs)
File "/usr/local/lib/python3.7/dist-packages/click/decorators.py", line 84, in new_func
return ctx.invoke(f, obj, *args, **kwargs)
File "/usr/local/lib/python3.7/dist-packages/click/core.py", line 760, in invoke
return __callback(*args, **kwargs)
File "/usr/local/lib/python3.7/dist-packages/sapp/cli_lib.py", line 207, in analyze
pipeline.run(analysis_output, summary_blob)
File "/usr/local/lib/python3.7/dist-packages/sapp/pipeline/__init__.py", line 441, in run
next_input, summary = step.run(next_input, summary)
File "/usr/local/lib/python3.7/dist-packages/sapp/pipeline/base_parser.py", line 254, in run
summary.get("old_linemap_file"),
File "/usr/local/lib/python3.7/dist-packages/sapp/pipeline/base_parser.py", line 203, in analysis_output_to_dict_entries
for typ, key, e in self._analysis_output_to_parsed_tuples(inputfile):
File "/usr/local/lib/python3.7/dist-packages/sapp/pipeline/base_parser.py", line 141, in _analysis_output_to_parsed_tuples
for e in entries:
File "/usr/local/lib/python3.7/dist-packages/sapp/pipeline/pysa_taint_parser.py", line 99, in parse
for entry in self.parse_handle(handle):
File "/usr/local/lib/python3.7/dist-packages/sapp/pipeline/pysa_taint_parser.py", line 106, in parse_handle
yield from self._parse_by_type(entry)
File "/usr/local/lib/python3.7/dist-packages/sapp/pipeline/pysa_taint_parser.py", line 172, in _parse_by_type
yield from self._parse_issue(entry["data"])
File "/usr/local/lib/python3.7/dist-packages/sapp/pipeline/base_parser.py", line 87, in wrapper
yield from func(self, json, *args)
File "/usr/local/lib/python3.7/dist-packages/sapp/pipeline/pysa_taint_parser.py", line 239, in _parse_issue
) = self._parse_issue_traces(json["traces"], "backward", "sink")
File "/usr/local/lib/python3.7/dist-packages/sapp/pipeline/pysa_taint_parser.py", line 298, in _parse_issue_traces
return self._parse_issue_trace_fragments(leaf_port, trace["roots"])
File "/usr/local/lib/python3.7/dist-packages/sapp/pipeline/pysa_taint_parser.py", line 311, in _parse_issue_trace_fragments
for fragment in self._parse_trace_fragment(leaf_port, trace):
File "/usr/local/lib/python3.7/dist-packages/sapp/pipeline/pysa_taint_parser.py", line 351, in _parse_trace_fragment
yield from self._parse_trace_fragment_v3(leaf_port, trace)
File "/usr/local/lib/python3.7/dist-packages/sapp/pipeline/pysa_taint_parser.py", line 468, in _parse_trace_fragment_v3
raise ParseError("Unexpected trace fragment.", received=trace)
sapp.pipeline.ParseError: Unexpected trace fragment.
Received: `{'kinds': [{'leaves': [{'name': 'print'}], 'kind': 'Print'}], 'origin': {'filename': 'imprecision1.py', 'line': 5, 'start': 6, 'end': 22}}
Program being analyzed:
n: int = input("Input a number: ")
i: int = 'I am a number'
res = n+i
print(res.bit_length())
And the taint-output.json
I want to analyze:
{"file_version":3,"config":{"repo":"/Users/tiraboschi/pysa_project"}}
{"kind":"issue","data":{"callable":"imprecision1.$toplevel","callable_line":1,"code":5002,"line":5,"start":6,"end":22,"filename":"imprecision1.py","message":"Data from [UserControlled] source(s) may reach [Print] sink(s)","traces":[{"name":"forward","roots":[{"kinds":[{"leaves":[{"name":"input"}],"kind":"UserControlled"}],"local_features":[{"always-via":"obscure:model"},{"always-type":"integer"},{"always-type":"scalar"},{"always-via":"tito"}],"tito_positions":[{"line":4,"start":6,"end":7},{"line":5,"start":6,"end":9}],"origin":{"filename":"imprecision1.py","line":2,"start":9,"end":34}}]},{"name":"backward","roots":[{"kinds":[{"leaves":[{"name":"print"}],"kind":"Print"}],"origin":{"filename":"imprecision1.py","line":5,"start":6,"end":22}}]}],"features":[{"always-via":"obscure:model"},{"always-type":"integer"},{"always-type":"scalar"},{"always-via":"tito"}],"sink_handle":{"kind":"Call","callee":"print","index":0,"parameter":"formal(*rest0)"},"master_handle":"imprecision1.$toplevel:5002:0:Call|print|0|formal(*rest0):f92c08fecfc0d6d0890769682e75edf0"}}
{"kind":"issue","data":{"callable":"imprecision2.convert","callable_line":7,"code":5002,"line":10,"start":10,"end":14,"filename":"imprecision2.py","message":"Data from [UserControlled] source(s) may reach [Print] sink(s)","traces":[{"name":"forward","roots":[{"kinds":[{"leaves":[{"name":"input"}],"kind":"UserControlled"}],"local_features":[{"always-via":"tito"},{"always-via":"obscure:unknown-callee"}],"tito_positions":[{"line":9,"start":20,"end":21}],"origin":{"filename":"imprecision2.py","line":8,"start":8,"end":33}}]},{"name":"backward","roots":[{"kinds":[{"leaves":[{"name":"print"}],"kind":"Print"}],"origin":{"filename":"imprecision2.py","line":10,"start":10,"end":14}}]}],"features":[{"always-via":"tito"},{"always-via":"obscure:unknown-callee"}],"sink_handle":{"kind":"Call","callee":"print","index":0,"parameter":"formal(*rest0)"},"master_handle":"imprecision2.convert:5002:0:Call|print|0|formal(*rest0):b730aacd59b2cd2e9376c74ea615a9bb"}}
{"kind":"model","data":{"callable":"imprecision2.get_zero","tito":[{"port":"formal(n)[__mul__]","taint":[{"kinds":[{"return_paths":{"":0},"kind":"LocalReturn"}],"local_features":[{"always-via":"obscure:unknown-callee"}],"tito":null}]}]}}
{"kind":"issue","data":{"callable":"imprecision3.convert","callable_line":7,"code":5002,"line":13,"start":14,"end":18,"filename":"imprecision3.py","message":"Data from [UserControlled] source(s) may reach [Print] sink(s)","traces":[{"name":"forward","roots":[{"kinds":[{"leaves":[{"name":"input"}],"kind":"UserControlled"}],"local_features":[{"always-via":"tito"},{"always-via":"obscure:unknown-callee"}],"tito_positions":[{"line":9,"start":20,"end":21}],"origin":{"filename":"imprecision3.py","line":8,"start":8,"end":33}}]},{"name":"backward","roots":[{"kinds":[{"leaves":[{"name":"print"}],"kind":"Print"}],"origin":{"filename":"imprecision3.py","line":13,"start":14,"end":18}}]}],"features":[{"always-via":"tito"},{"always-via":"obscure:unknown-callee"}],"sink_handle":{"kind":"Call","callee":"print","index":0,"parameter":"formal(*rest0)"},"master_handle":"imprecision3.convert:5002:0:Call|print|0|formal(*rest0):05da74f5000e93661778704068697bda"}}
{"kind":"model","data":{"callable":"imprecision3.get_zero","tito":[{"port":"formal(n)[__mul__]","taint":[{"kinds":[{"return_paths":{"":0},"kind":"LocalReturn"}],"local_features":[{"always-via":"obscure:unknown-callee"}],"tito":null}]}]}}
{"kind":"issue","data":{"callable":"imprecision4.convert","callable_line":7,"code":5002,"line":13,"start":14,"end":18,"filename":"imprecision4.py","message":"Data from [UserControlled] source(s) may reach [Print] sink(s)","traces":[{"name":"forward","roots":[{"kinds":[{"leaves":[{"name":"input"}],"kind":"UserControlled"}],"local_features":[{"always-via":"tito"},{"always-via":"obscure:unknown-callee"}],"tito_positions":[{"line":9,"start":20,"end":21}],"origin":{"filename":"imprecision4.py","line":8,"start":8,"end":33}}]},{"name":"backward","roots":[{"kinds":[{"leaves":[{"name":"print"}],"kind":"Print"}],"origin":{"filename":"imprecision4.py","line":13,"start":14,"end":18}}]}],"features":[{"always-via":"tito"},{"always-via":"obscure:unknown-callee"}],"sink_handle":{"kind":"Call","callee":"print","index":0,"parameter":"formal(*rest0)"},"master_handle":"imprecision4.convert:5002:0:Call|print|0|formal(*rest0):5d60f5a756115ff632602c48995522a3"}}
{"kind":"model","data":{"callable":"imprecision4.get_zero","tito":[{"port":"formal(n)[__mul__]","taint":[{"kinds":[{"return_paths":{"":0},"kind":"LocalReturn"}],"local_features":[{"always-via":"obscure:unknown-callee"}],"tito":null}]}]}}
{"kind":"model","data":{"callable":"input","sources":[{"port":"result","taint":[{"kinds":[{"kind":"UserControlled"}],"declaration":null}]}],"modes":["Obscure"]}}
{"kind":"model","data":{"callable":"os.system","sinks":[{"port":"formal(command)","taint":[{"kinds":[{"kind":"RemoteCodeExecution"}],"declaration":null}]}],"modes":["Obscure"]}}
{"kind":"model","data":{"callable":"print","sinks":[{"port":"formal(*rest0)","taint":[{"kinds":[{"kind":"Print"}],"declaration":null}]}],"modes":["Obscure"]}}
{"kind":"issue","data":{"callable":"source.convert","callable_line":7,"code":5001,"line":9,"start":22,"end":32,"filename":"source.py","message":"Data from [UserControlled] source(s) may reach [RemoteCodeExecution] sink(s)","traces":[{"name":"forward","roots":[{"kinds":[{"leaves":[{"name":"input"}],"kind":"UserControlled"}],"origin":{"filename":"source.py","line":8,"start":17,"end":38}}]},{"name":"backward","roots":[{"kinds":[{"features":[{"always-via":"format-string"},{"always-via":"tito"}],"leaves":[{"name":"os.system"}],"length":1,"kind":"RemoteCodeExecution"}],"call":{"position":{"filename":"source.py","line":9,"start":22,"end":32},"resolves_to":["source.get_image"],"port":"formal(url)"}}]}],"features":[{"always-via":"format-string"},{"always-via":"tito"}],"sink_handle":{"kind":"Call","callee":"source.get_image","index":0,"parameter":"formal(url)"},"master_handle":"source.convert:5001:0:Call|source.get_image|0|formal(url):71e3ce573ab7da30d5a55d88882319a9"}}
{"kind":"model","data":{"callable":"source.get_image","sinks":[{"port":"formal(url)","taint":[{"kinds":[{"leaves":[{"name":"os.system"}],"kind":"RemoteCodeExecution"}],"local_features":[{"always-via":"format-string"},{"always-via":"tito"}],"tito_positions":[{"line":4,"start":40,"end":43}],"origin":{"filename":"source.py","line":5,"start":21,"end":28}}]}],"tito":[{"port":"formal(url)","taint":[{"kinds":[{"return_paths":{"":0},"length":1,"kind":"LocalReturn"}],"local_features":[{"always-via":"obscure:model"},{"always-type":"integer"},{"always-via":"format-string"},{"always-type":"scalar"},{"always-via":"tito"}],"tito_positions":[{"line":4,"start":40,"end":43},{"line":5,"start":21,"end":28}],"tito":null}]}]}}
{"kind":"model","data":{"callable":"pstats.FunctionProfile.__init__","tito":[{"port":"formal(tottime)","taint":[{"kinds":[{"return_paths":{"[tottime]":999999},"kind":"LocalReturn"}],"tito":null}]},{"port":"formal(percall_tottime)","taint":[{"kinds":[{"return_paths":{"[percall_tottime]":999999},"kind":"LocalReturn"}],"tito":null}]},{"port":"formal(percall_cumtime)","taint":[{"kinds":[{"return_paths":{"[percall_cumtime]":999999},"kind":"LocalReturn"}],"tito":null}]},{"port":"formal(ncalls)","taint":[{"kinds":[{"return_paths":{"[ncalls]":999999},"kind":"LocalReturn"}],"tito":null}]},{"port":"formal(line_number)","taint":[{"kinds":[{"return_paths":{"[line_number]":999999},"kind":"LocalReturn"}],"tito":null}]},{"port":"formal(file_name)","taint":[{"kinds":[{"return_paths":{"[file_name]":999999},"kind":"LocalReturn"}],"tito":null}]},{"port":"formal(cumtime)","taint":[{"kinds":[{"return_paths":{"[cumtime]":999999},"kind":"LocalReturn"}],"tito":null}]}]}}
{"kind":"model","data":{"callable":"pstats.StatsProfile.__init__","tito":[{"port":"formal(total_tt)","taint":[{"kinds":[{"return_paths":{"[total_tt]":999999},"kind":"LocalReturn"}],"tito":null}]},{"port":"formal(func_profiles)","taint":[{"kinds":[{"return_paths":{"[func_profiles]":999999},"kind":"LocalReturn"}],"tito":null}]}]}}
I don't understand why I am getting this error: is it my fault or some incompatibility?
hi all ,I noticed that a list of filters can be applied to a single list of issues and show me a merged results by Command-Line Interface.
But It seems that web interface don't has this feature.How can i apply several filters and get a merged reaults in web interface??
I found Mariana-trench support "field" type sources/sinks : https://mariana-tren.ch/docs/models/#field-models
I tried to use this feature. and I catch an error when I use sapp to show the result. as follow:
Traceback (most recent call last):
File "/Users/listennter/.venvs/dev-mariana/bin/sapp", line 8, in <module>
sys.exit(cli())
File "/Users/listennter/.venvs/dev-mariana/lib/python3.9/site-packages/click/core.py", line 1128, in __call__
return self.main(*args, **kwargs)
File "/Users/listennter/.venvs/dev-mariana/lib/python3.9/site-packages/click/core.py", line 1053, in main
rv = self.invoke(ctx)
File "/Users/listennter/.venvs/dev-mariana/lib/python3.9/site-packages/click/core.py", line 1659, in invoke
return _process_result(sub_ctx.command.invoke(sub_ctx))
File "/Users/listennter/.venvs/dev-mariana/lib/python3.9/site-packages/click/core.py", line 1395, in invoke
return ctx.invoke(self.callback, **ctx.params)
File "/Users/listennter/.venvs/dev-mariana/lib/python3.9/site-packages/click/core.py", line 754, in invoke
return __callback(*args, **kwargs)
File "/Users/listennter/.venvs/dev-mariana/lib/python3.9/site-packages/click/decorators.py", line 84, in new_func
return ctx.invoke(f, obj, *args, **kwargs)
File "/Users/listennter/.venvs/dev-mariana/lib/python3.9/site-packages/click/core.py", line 754, in invoke
return __callback(*args, **kwargs)
File "/Users/listennter/.venvs/dev-mariana/lib/python3.9/site-packages/sapp/cli_lib.py", line 207, in analyze
pipeline.run(analysis_output, summary_blob)
File "/Users/listennter/.venvs/dev-mariana/lib/python3.9/site-packages/sapp/pipeline/__init__.py", line 441, in run
next_input, summary = step.run(next_input, summary)
File "/Users/listennter/.venvs/dev-mariana/lib/python3.9/site-packages/sapp/pipeline/base_parser.py", line 251, in run
self.analysis_output_to_dict_entries(
File "/Users/listennter/.venvs/dev-mariana/lib/python3.9/site-packages/sapp/pipeline/base_parser.py", line 203, in analysis_output_to_dict_entries
for typ, key, e in self._analysis_output_to_parsed_tuples(inputfile):
File "/Users/listennter/.venvs/dev-mariana/lib/python3.9/site-packages/sapp/pipeline/base_parser.py", line 141, in _analysis_output_to_parsed_tuples
for e in entries:
File "/Users/listennter/.venvs/dev-mariana/lib/python3.9/site-packages/sapp/pipeline/mariana_trench_parser.py", line 338, in parse
yield from self.parse_handle(handle)
File "/Users/listennter/.venvs/dev-mariana/lib/python3.9/site-packages/sapp/pipeline/mariana_trench_parser.py", line 348, in parse_handle
for precondition in self._parse_precondition(model):
File "/Users/listennter/.venvs/dev-mariana/lib/python3.9/site-packages/sapp/pipeline/mariana_trench_parser.py", line 448, in _parse_precondition
caller = Method.from_json(model["method"])
KeyError: 'method'
When mariana find an issue which source/sink is an "Field". It will contain an json like this in its output
{
"field": "Lcom/unicom/xiaowo/account/shield/e/g;.d:Ljava/lang/String;",
"position": {},
"sinks": [
{
"callee_port": "Leaf",
"field_callee": "Lcom/unicom/xiaowo/account/shield/e/g;.d:Ljava/lang/String;",
"field_origins": [
"Lcom/unicom/xiaowo/account/shield/e/g;.d:Ljava/lang/String;"
],
"kind": "N1rv0us-sink"
}
],
"sources": [
{
"callee_port": "Leaf",
"field_callee": "Lcom/unicom/xiaowo/account/shield/e/g;.d:Ljava/lang/String;",
"field_origins": [
"Lcom/unicom/xiaowo/account/shield/e/g;.d:Ljava/lang/String;"
],
"kind": "SSID"
}
],
"line": 9805
}
but when sapp pasing precondition/postcondition, It will assume that all results are method,thus ignoring the parsing of field.
some code in sapp/pipeline/mariana_trench_parser.py
https://github.com/facebook/sapp/blob/main/sapp/pipeline/mariana_trench_parser.py
def _parse_precondition(self, model: Dict[str, Any]) -> Iterable[Precondition]:
caller = Method.from_json(model["method"])
caller_position = Position.from_json(model["position"], caller)
...
def _parse_postconditions(self, model: Dict[str, Any]) -> Iterable[Postcondition]:
caller = Method.from_json(model["method"])
caller_position = Position.from_json(model["position"], caller)
...
Hope to support the parsing of Field results soon.
Hi Folks,
While trying to install fb-sapp
along with pyre-check
, I am receiving the following error:
Because no versions of pyre-check match >0.9.18,<0.10.0
and pyre-check (0.9.18) depends on pyre-extensions (>=0.0.29), pyre-check (>=0.9.18,<0.10.0) requires pyre-extensions (>=0.0.29).
And because fb-sapp (0.5.4) depends on pyre-extensions (0.0.27)
and no versions of fb-sapp match >0.5.4,<0.6.0, pyre-check (>=0.9.18,<0.10.0) is incompatible with fb-sapp (>=0.5.4,<0.6.0).
So, because test-project depends on both fb-sapp (^0.5.4) and pyre-check (^0.9.18), version solving failed.
The pyre-check
version I am trying to install is the latest as of writing this issue, which is 0.9.18
and I have tried poetry and pip both. This installation works correctly with pyre-check version 0.9.15
.
I believe the pyre-extension
package is outdated in fb-sapp (which is 0.0.27) and needs to be in-line with the latest pyre-check
version (which is 0.0.30)
I'm looking to tinker with using SAPP with multiple users, so I'd like to be able to run with some client/server style database (I'm thinking postgres or possibly python-dqlite. ). However the DB class does not handle URLs directly. It is typically in SQLAlchemy to use a URL to define all the connection parameters of a database. The DBType
enum is somewhat superfluous, since the driver can be inferred from a proper URL. It would be pretty straightforward to refactor it to pass in a URL and just pass that directly to sqlalchemy.engine.url.make_url
, and fall back if it's a file path.
If you wanted to keep the same interface, you could have a helper function something like
class DBType(Enum):
XDB = "xdb" # not yet implemented
INFER = "infer"
SQLITE = "sqlite"
MEMORY = "memory"
def _make_url(name_or_url: Optional[Union[str, sqlalchemy.engine.url.URL]] = None,
dbtype: Union[DBType, str] = DBType.INFER,
default_db_file: str = 'sapp.db') -> sqlalchemy.engine.url.URL:
if dbtype is DBType.MEMORY or name_or_url == ':memory:':
return sqlalchemy.engine.url.URL('sqlite', database=":memory:")
if dbtype is DBType.SQLITE:
return sqlalchemy.engine.url.URL('sqlite', database=name_or_url or default_db_file)
if dbtype is DBType.INFER:
return sqlalchemy.engine.url.make_url(name_or_url)
raise errors.AIException(f'unsupported database type: {dbtype}')
This would keep the existing CLI behavior exactly as is, while allowing folks to pass in different URLs. Obviously plugging into postgres would require a bit more tooling (seems there is some graphene integration which relies on some particular functions/stored procedures - it looks tractable) but I think this would be a start in the right direction. It's a useful feature in its own right - URLs are a pretty standard way to deal with database connections. Caveat: I'm not sure what XDB is. Also is there any reason why DBType is a sqlalchemy.Enum
as opposed to enum.Enum
?
I could PR this if you want. Just sketched this idea out and tests pass.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.