mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-06 19:35:13 +02:00
f96a89e7c1
* feat: Enhance control flow analysis with function summaries and taint analysis * feat: Update taint analysis to utilize function summaries for enhanced tracking * Refactor `walk.rs` batch processing and override handling: - Renamed `Batcher` to `BatchSender` for clarity. - Added `BatchSender::new` constructor for cleaner initialization. - Simplified batch size management in `BatchSender`. - Extracted `build_overrides` function for reusable override construction. - Improved error handling and validation in override building. - Enhanced performance with directory and file type filtering in `walk`. * Improve logging and streamline directory walk process: - Added detailed `tracing` logs for debugging batch flushes, override construction, and walk initialization/completion. - Optimized and simplified `filter_entry` logic for directory and file type filters. - Improved metadata checks and max file size enforcement during the scan. * Refactor and optimize taint tracking, label rules, and directory walk process: - Replaced `DefaultHasher` with `blake3::Hasher` for improved taint hashing. - Enhanced sorting and hashing logic in `taint.rs` for consistency and efficiency. - Removed unused `set_hash` function and redundant imports across files. - Improved batch sender logic in `walk.rs`, renaming key components for clarity. - Unified `spawn_senders` and `spawn_file_walker` with thread handling and channel tuple return. - Expanded label rules with additional matchers for sources, sanitizers, and sinks. - Deprecated `dump_cfg` and specific logging utilities in `cfg.rs` for code cleanup. * fix: fixed let chains error in walk.rs * fix: updated dependencies * fix: updated dependencies * chore: Remove standard error in scan.rs * feat: Introduce function summaries for enhanced taint and control flow analysis * feat: Enhance taint analysis with interop support and function summaries * feat: Add configuration analysis module and enhance matcher rules * feat: Add arity column to function_summaries and handle schema migration * fix: fixed clippy &PathBuf warnings * chore: Update dependencies and versioning in Cargo files * docs: Update README to enhance clarity and detail on features and analysis modes * chore: Update CHANGELOG for version 0.2.0 with new features, changes, and fixes * docs: Update SECURITY.md to clarify version support status --------- Co-authored-by: elipeter <eli.peter@es.fcm.travel>
71 lines
2.1 KiB
Python
71 lines
2.1 KiB
Python
import os
|
|
import subprocess
|
|
import pickle
|
|
import yaml
|
|
import hashlib
|
|
import tempfile
|
|
|
|
# ───── Deserialization ─────
|
|
|
|
def load_cached_session(session_file):
|
|
"""Loads a pickled session from disk.
|
|
VULN: pickle.load on untrusted data (arbitrary code execution)
|
|
"""
|
|
with open(session_file, "rb") as f:
|
|
session = pickle.load(f)
|
|
return session
|
|
|
|
def load_yaml_config(config_path):
|
|
"""Loads YAML configuration.
|
|
VULN: yaml.load without SafeLoader (arbitrary code execution)
|
|
"""
|
|
with open(config_path) as f:
|
|
config = yaml.load(f)
|
|
return config
|
|
|
|
# ───── File operations ─────
|
|
|
|
def process_upload(request):
|
|
"""Saves an uploaded file to a path constructed from user input.
|
|
VULN: request.form flows into open() path (path traversal)
|
|
"""
|
|
filename = request.form.get("filename")
|
|
content = request.form.get("content")
|
|
upload_path = os.path.join("/uploads", filename)
|
|
with open(upload_path, "w") as f:
|
|
f.write(content)
|
|
return {"saved": upload_path}
|
|
|
|
# ───── System commands ─────
|
|
|
|
def check_disk_usage():
|
|
"""Reports disk usage from an env-configured mount point.
|
|
VULN: os.getenv flows into subprocess.check_output
|
|
"""
|
|
mount = os.getenv("MOUNT_POINT")
|
|
output = subprocess.check_output(["df", "-h", mount])
|
|
return output.decode()
|
|
|
|
def compile_template(template_path):
|
|
"""Compiles a template by calling an external tool.
|
|
VULN: os.getenv flows into exec (code injection via env)
|
|
"""
|
|
compiler = os.getenv("TEMPLATE_COMPILER")
|
|
exec(compiler + "('" + template_path + "')")
|
|
|
|
# ───── Hashing ─────
|
|
|
|
def hash_token(token):
|
|
"""VULN: MD5 is cryptographically weak, should use sha256+salt."""
|
|
return hashlib.md5(token.encode()).hexdigest()
|
|
|
|
# ───── Safe utilities ─────
|
|
|
|
def sanitize_filename(name):
|
|
"""Strips path traversal characters from a filename."""
|
|
return os.path.basename(name).replace("..", "")
|
|
|
|
def safe_hash(data):
|
|
"""SAFE: uses SHA-256 with proper salt."""
|
|
salt = os.urandom(16)
|
|
return hashlib.sha256(salt + data.encode()).hexdigest()
|