diff --git a/codyze-v2/jitpack.yml b/codyze-v2/jitpack.yml deleted file mode 100644 index 02810dbde..000000000 --- a/codyze-v2/jitpack.yml +++ /dev/null @@ -1,3 +0,0 @@ -jdk: - - openjdk11 - diff --git a/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/markevaluation/EvaluationHelper.kt b/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/markevaluation/EvaluationHelper.kt index cbc4389bf..b15d9326a 100644 --- a/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/markevaluation/EvaluationHelper.kt +++ b/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/markevaluation/EvaluationHelper.kt @@ -532,7 +532,8 @@ fun MRule.getMatchingReferences( vars.add(opStmt) } // Function parameter, i.e. "something(..., var, ...)" - if (opStmt.call.params.stream().anyMatch { p: Parameter -> + if ( + opStmt.call.params.stream().anyMatch { p: Parameter -> p.getVar() == finalAttribute } ) { @@ -658,7 +659,8 @@ fun MRule.getMatchingReferences( baseOfCallExpression = v.getSuitableDFGTarget() } else { baseOfCallExpression = v.getBaseDeclaration() - if (baseOfCallExpression == null + if ( + baseOfCallExpression == null ) { // if we did not find a base the "easy way", try to find a base // using the simple-DFG baseOfCallExpression = v.getSuitableDFGTarget() diff --git a/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/markevaluation/ForbiddenEvaluator.kt b/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/markevaluation/ForbiddenEvaluator.kt index bd9122040..f9e1646a8 100644 --- a/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/markevaluation/ForbiddenEvaluator.kt +++ b/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/markevaluation/ForbiddenEvaluator.kt @@ -26,7 +26,8 @@ class ForbiddenEvaluator(private val markModel: Mark) { for (entity in markModel.entities) { for (op in entity.ops) { for ((node, value) in op.nodesToStatements) { - if (value.stream().noneMatch { call: OpStatement -> + if ( + value.stream().noneMatch { call: OpStatement -> "forbidden" == call.forbidden } ) { diff --git a/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/resolution/SimpleConstantResolver.kt b/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/resolution/SimpleConstantResolver.kt index dab68a219..ff7b0f400 100644 --- a/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/resolution/SimpleConstantResolver.kt +++ b/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/resolution/SimpleConstantResolver.kt @@ -78,7 +78,8 @@ class SimpleConstantResolver : ConstantResolver { } seen.add(tVertex) - if (tVertex is BinaryOperator && tVertex.operatorCode == "=" && tVertex.lhs != null + if ( + tVertex is BinaryOperator && tVertex.operatorCode == "=" && tVertex.lhs != null ) { val lhs = tVertex.lhs diff --git a/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/wpds/TypestateAnalysis.kt b/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/wpds/TypestateAnalysis.kt index b06434170..d54bb2dfc 100644 --- a/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/wpds/TypestateAnalysis.kt +++ b/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/analysis/wpds/TypestateAnalysis.kt @@ -793,7 +793,8 @@ class TypestateAnalysis(private val markContextHolder: MarkContextHolder) { and simply check if the call stmt matches the one in the "op" spec. "Matches" means that it matches the function and valInScope is either one of the arguments or is assigned the call's return value. */ - if (assignerFqn != null && + if ( + assignerFqn != null && opStatement.call.name == assignerFqn && (assigneeVar != null // is return value assigned to valInScope? || @@ -807,7 +808,8 @@ class TypestateAnalysis(private val markContextHolder: MarkContextHolder) { } } else { for (type in types) { - if (type.typeName.startsWith( + if ( + type.typeName.startsWith( Utils.getScope(opStatement.call.name).replace("::", ".") ) // Dirty: startsWith() to ignore modifiers (such as "*"). && opStatement.call.name.endsWith(this.name) @@ -882,7 +884,8 @@ class TypestateAnalysis(private val markContextHolder: MarkContextHolder) { and simply check if the call stmt matches the one in the "op" spec. "Matches" means that it matches the function and valInScope is either one of the arguments or is assigned the call's return value. */ - if (assignerFqn != null && + if ( + assignerFqn != null && opStatement.call.name == assignerFqn && (assigneeVar != null // is return value assigned to valInScope? || @@ -896,7 +899,8 @@ class TypestateAnalysis(private val markContextHolder: MarkContextHolder) { } } else { for (type in types) { - if (type.typeName.startsWith( + if ( + type.typeName.startsWith( Utils.getScope(opStatement.call.name).replace("::", ".") ) // Dirty: startsWith() to ignore modifiers (such as "*"). && opStatement.call.name.endsWith(this.name) diff --git a/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/config/Configuration.kt b/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/config/Configuration.kt index 6e37ab1af..3f0696d14 100644 --- a/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/config/Configuration.kt +++ b/codyze-v2/src/main/java/de/fraunhofer/aisec/codyze/config/Configuration.kt @@ -189,7 +189,8 @@ class Configuration { translationConfig.includePath(file.absolutePath) } - if (!cpg.translation.enabledIncludesCLI.matched || cpg.translation.enabledIncludesCLI.append + if ( + !cpg.translation.enabledIncludesCLI.matched || cpg.translation.enabledIncludesCLI.append ) { for (s in cpg.translation.enabledIncludes) { translationConfig.includeWhitelist(s.absolutePath) @@ -200,7 +201,8 @@ class Configuration { translationConfig.includeWhitelist(file.absolutePath) } - if (!cpg.translation.disabledIncludesCLI.matched || + if ( + !cpg.translation.disabledIncludesCLI.matched || cpg.translation.disabledIncludesCLI.append ) { for (s in cpg.translation.disabledIncludes) { @@ -286,16 +288,17 @@ class Configuration { for (includedFile in result) { // excludedPath is located under includedFile - if (includedFile.isDirectory && + if ( + includedFile.isDirectory && excludedNormalizedFile.startsWith( includedFile.absolutePath + File.separator ) ) { newResult.addAll(findSiblings(excludedNormalizedFile, includedFile)) } else if ( - // includedFile is located under excludedPath or excludedPath is equal to - // includedFile - (excludedNormalizedFile.isDirectory && + // includedFile is located under excludedPath or excludedPath is equal to + // includedFile + (excludedNormalizedFile.isDirectory && includedFile.startsWith( excludedNormalizedFile.absolutePath + File.separator )) || excludedNormalizedFile == includedFile @@ -462,7 +465,8 @@ class Configuration { } fun getLocation(tokenLocation: JsonLocation): String { - return if (tokenLocation.contentReference() != null && + return if ( + tokenLocation.contentReference() != null && tokenLocation.contentReference().rawContent is File ) " (${(tokenLocation.contentReference().rawContent as File).absolutePath})" diff --git a/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/BuildTranslationConfigTest.kt b/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/BuildTranslationConfigTest.kt index 8aee8ccd5..6910a69d5 100644 --- a/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/BuildTranslationConfigTest.kt +++ b/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/BuildTranslationConfigTest.kt @@ -175,14 +175,18 @@ internal class BuildTranslationConfigTest { fun startup() { val additionalOptionResource = ConfigLoadTest::class - .java.classLoader.getResource("config-files/additional_options.yml") + .java + .classLoader + .getResource("config-files/additional_options.yml") assertNotNull(additionalOptionResource) additionalOptionFile = File(additionalOptionResource.file) assertNotNull(additionalOptionFile) val sourceDisablingResource = ConfigLoadTest::class - .java.classLoader.getResource("config-files/source_disabling.yml") + .java + .classLoader + .getResource("config-files/source_disabling.yml") assertNotNull(sourceDisablingResource) sourceDisablingFile = File(sourceDisablingResource.file) assertNotNull(sourceDisablingFile) diff --git a/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/ConfigCLILoadTest.kt b/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/ConfigCLILoadTest.kt index 4dbb230a3..cfe22b027 100644 --- a/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/ConfigCLILoadTest.kt +++ b/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/ConfigCLILoadTest.kt @@ -396,21 +396,27 @@ class ConfigCLILoadTest { fun startup() { val correctStructureResource = ConfigLoadTest::class - .java.classLoader.getResource("config-files/correct_structure.yml") + .java + .classLoader + .getResource("config-files/correct_structure.yml") assertNotNull(correctStructureResource) correctFile = File(correctStructureResource.file) assertNotNull(correctFile) val incorrectStructureResource = ConfigLoadTest::class - .java.classLoader.getResource("config-files/incorrect_structure.yml") + .java + .classLoader + .getResource("config-files/incorrect_structure.yml") assertNotNull(incorrectStructureResource) incorrectFile = File(incorrectStructureResource.file) assertNotNull(incorrectFile) val additionalOptionResource = ConfigLoadTest::class - .java.classLoader.getResource("config-files/additional_options.yml") + .java + .classLoader + .getResource("config-files/additional_options.yml") assertNotNull(additionalOptionResource) additionalOptionFile = File(additionalOptionResource.file) assertNotNull(additionalOptionFile) @@ -423,7 +429,9 @@ class ConfigCLILoadTest { val sourceDisablingResource = ConfigLoadTest::class - .java.classLoader.getResource("config-files/source_disabling.yml") + .java + .classLoader + .getResource("config-files/source_disabling.yml") assertNotNull(sourceDisablingResource) sourceDisablingFile = File(sourceDisablingResource.file) assertNotNull(sourceDisablingFile) diff --git a/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/ConfigLoadTest.kt b/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/ConfigLoadTest.kt index da240a960..eb0b3f617 100644 --- a/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/ConfigLoadTest.kt +++ b/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/ConfigLoadTest.kt @@ -208,28 +208,36 @@ internal class ConfigLoadTest { fun startup() { val correctStructureResource = ConfigLoadTest::class - .java.classLoader.getResource("config-files/correct_structure.yml") + .java + .classLoader + .getResource("config-files/correct_structure.yml") assertNotNull(correctStructureResource) correctFile = File(correctStructureResource.file) assertNotNull(correctFile) val incorrectStructureResource = ConfigLoadTest::class - .java.classLoader.getResource("config-files/incorrect_structure.yml") + .java + .classLoader + .getResource("config-files/incorrect_structure.yml") assertNotNull(incorrectStructureResource) incorrectFile = File(incorrectStructureResource.file) assertNotNull(incorrectFile) val additionalOptionResource = ConfigLoadTest::class - .java.classLoader.getResource("config-files/additional_options.yml") + .java + .classLoader + .getResource("config-files/additional_options.yml") assertNotNull(additionalOptionResource) additionalOptionFile = File(additionalOptionResource.file) assertNotNull(additionalOptionFile) val unknownLanguageResource = ConfigLoadTest::class - .java.classLoader.getResource("config-files/unknown_language.yml") + .java + .classLoader + .getResource("config-files/unknown_language.yml") assertNotNull(unknownLanguageResource) unknownLanguageFile = File(unknownLanguageResource.file) assertNotNull(unknownLanguageFile) diff --git a/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/GithubTest.kt b/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/GithubTest.kt index 67a6be30d..60a0bc72a 100644 --- a/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/GithubTest.kt +++ b/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/GithubTest.kt @@ -177,7 +177,8 @@ internal class GithubTest : AbstractTest() { val logFiltered: MutableList = ArrayList() var hasParseError = false for (x in log) { - if (x.message.formattedMessage.contains( + if ( + x.message.formattedMessage.contains( "Parsing of type class org.eclipse.cdt.internal.core.dom.parser.cpp.CPPASTProblemStatement is not supported (yet)" ) || x.message.formattedMessage.contains("JavaParser could not parse file") ) { diff --git a/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/MarkLoadOutputTest.kt b/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/MarkLoadOutputTest.kt index f96cd8f49..ef116a8e7 100644 --- a/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/MarkLoadOutputTest.kt +++ b/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/MarkLoadOutputTest.kt @@ -60,7 +60,9 @@ internal class MarkLoadOutputTest { fun startup() { val resource = MarkLoadOutputTest::class - .java.classLoader.getResource("mark/PoC_MS1/Botan_AutoSeededRNG.mark") + .java + .classLoader + .getResource("mark/PoC_MS1/Botan_AutoSeededRNG.mark") assertNotNull(resource) val markPoC1 = File(resource.file) assertNotNull(markPoC1) diff --git a/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/MarkLoadTest.kt b/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/MarkLoadTest.kt index d8ce1bc1c..899747d1a 100644 --- a/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/MarkLoadTest.kt +++ b/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/MarkLoadTest.kt @@ -39,10 +39,12 @@ internal class MarkLoadTest { allMarkRules.size - disabledMarkRules .getOrDefault("java", DisabledMarkRulesValue()) - .disabledMarkRuleNames.size - + .disabledMarkRuleNames + .size - disabledMarkRules .getOrDefault("", DisabledMarkRulesValue()) - .disabledMarkRuleNames.size + .disabledMarkRuleNames + .size assertEquals( expectedSize, actualMarkRuleNames.size, @@ -139,7 +141,8 @@ internal class MarkLoadTest { allMarkRules.size - disabledMarkRules .getOrDefault("java", DisabledMarkRulesValue()) - .disabledMarkRuleNames.size - + .disabledMarkRuleNames + .size - botanMarkRuleNames.size assertEquals( expectedSize, @@ -190,7 +193,9 @@ internal class MarkLoadTest { val javaMarkResource = MarkLoadTest::class - .java.classLoader.getResource("real-examples/bc/rwedoff.Password-Manager") + .java + .classLoader + .getResource("real-examples/bc/rwedoff.Password-Manager") assertNotNull(javaMarkResource) javaLocation = File(javaMarkResource.file) assertNotNull(javaLocation) diff --git a/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/RuleEnsureSemanticsTest.kt b/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/RuleEnsureSemanticsTest.kt index 9ac2944ab..b8bea503a 100644 --- a/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/RuleEnsureSemanticsTest.kt +++ b/codyze-v2/src/test/java/de/fraunhofer/aisec/codyze/crymlin/RuleEnsureSemanticsTest.kt @@ -92,7 +92,9 @@ internal class RuleEnsureSemanticsTest { fun startup() { val resource = RuleEnsureSemanticsTest::class - .java.classLoader.getResource("mark/rules/ensure/semantics/") + .java + .classLoader + .getResource("mark/rules/ensure/semantics/") assertNotNull(resource) val markFile = File(resource.file) diff --git a/codyze-v2/src/test/java/de/fraunhofer/aisec/cpg/analysis/fsm/FSMBuilderTest.kt b/codyze-v2/src/test/java/de/fraunhofer/aisec/cpg/analysis/fsm/FSMBuilderTest.kt index fcb44f90c..1f1be49aa 100644 --- a/codyze-v2/src/test/java/de/fraunhofer/aisec/cpg/analysis/fsm/FSMBuilderTest.kt +++ b/codyze-v2/src/test/java/de/fraunhofer/aisec/cpg/analysis/fsm/FSMBuilderTest.kt @@ -16,7 +16,9 @@ class FSMBuilderTest { fun testSimpleOrder() { val resource = MarkLoadOutputTest::class - .java.classLoader.getResource("unittests/fsm_builder/order.mark") + .java + .classLoader + .getResource("unittests/fsm_builder/order.mark") assertNotNull(resource) val markPoC1 = File(resource.file) assertNotNull(markPoC1) @@ -46,7 +48,9 @@ class FSMBuilderTest { fun testLoopOrder() { val resource = MarkLoadOutputTest::class - .java.classLoader.getResource("unittests/fsm_builder/order2.mark") + .java + .classLoader + .getResource("unittests/fsm_builder/order2.mark") assertNotNull(resource) val markPoC1 = File(resource.file) assertNotNull(markPoC1) @@ -87,7 +91,9 @@ class FSMBuilderTest { fun testBranchOrder() { val resource = MarkLoadOutputTest::class - .java.classLoader.getResource("unittests/fsm_builder/order3.mark") + .java + .classLoader + .getResource("unittests/fsm_builder/order3.mark") assertNotNull(resource) val markPoC1 = File(resource.file) assertNotNull(markPoC1) @@ -132,7 +138,9 @@ class FSMBuilderTest { fun testFailOrder() { val resource = MarkLoadOutputTest::class - .java.classLoader.getResource("unittests/fsm_builder/order_fail.mark") + .java + .classLoader + .getResource("unittests/fsm_builder/order_fail.mark") assertNotNull(resource) val markPoC1 = File(resource.file) assertNotNull(markPoC1) diff --git a/jitpack.yml b/jitpack.yml new file mode 100644 index 000000000..21fccfb15 --- /dev/null +++ b/jitpack.yml @@ -0,0 +1,6 @@ +before_install: + - sdk update + - sdk install java 11.0.15-tem + - sdk use java 11.0.15-tem +install: + - ./gradlew :codyze-v2:build :codyze-v2:publishToMavenLocal #:codyze-v3:codyze:build :codyze-v3:codyze:publishToMavenLocal