multifile bug fixes

bin/main.ml

@@ -79,7 +79,7 @@ let main (filename : string) (output_path : string) (config_path : string) (mult
           let moduleGraph = ModuleGraphs.get module_graphs module_name in 
 
           (* exported function information *)
-          let func_loc = ExportedObject.get_function moduleEO info.properties in 
+          let func_loc = ExportedObject.get_value_location moduleEO info.properties in 
           if not (Graph.has_external_function graph func_loc) then (
             let func_graph = Graph.get_function moduleGraph func_loc in 
             Graph.add_external_func graph func_graph l_call func_loc
@@ -90,9 +90,12 @@ let main (filename : string) (output_path : string) (config_path : string) (mult
 
       ) external_calls;
 
+      (* save current module info*)
+      let alter_name = String.sub file_path 0 (String.length file_path - 3) in 
       ModuleGraphs.add module_graphs file_path graph;
+      ModuleGraphs.add module_graphs alter_name graph;
       Summaries.add summaries file_path exportedObject;
-      Summaries.add summaries (String.sub file_path 0 (String.length file_path - 3)) exportedObject;
+      Summaries.add summaries alter_name exportedObject;
     );
 
   ) (DependencyTree.bottom_up_visit dep_tree);

lib/mdg/analyse.ml

@@ -9,6 +9,7 @@ open Auxiliary.Functions
 open Auxiliary.Structures
 open Structures
 open AnalysisType
+open ExternalReferences
 
 let verbose = ref false;;
 
@@ -359,37 +360,52 @@ module GraphConstrunction (Auxiliary : AbstractAnalysis.T) = struct
 
 end
 
-let add_taint_sinks (state : State.t) (config : Config.t) : unit = 
+let rec add_taint_sinks (state : State.t) (config : Config.t) (ext_calls : ExternalReferences.t) : unit = 
   let graph = state.graph in 
-  let salloc = Graph.alloc_tsink graph in
-  let add_tsink = Graph.add_taint_sink graph in 
-  let add_sink_edge = Graph.add_sink_edge graph in
-  let add_dep_edge = Graph.add_dep_edge graph in
 
   Graph.iter_nodes (fun loc node -> 
     match node._type with 
       | Call callee -> 
+        (* function sink *)
         let sink_info = Config.get_function_sink_info config callee in
         option_may (fun (sink_info : functionSink) ->
-
-          (* add taint sink *)
-          let l_tsink = salloc node.id in
-          add_tsink l_tsink callee node.loc;
-          add_sink_edge loc l_tsink callee;
-
-          (* add depedency edges from dangerous inputs (arguments) to taint sink *)
-          let args = Graph.get_arg_locations graph loc in 
-          let dangerous_inputs = sink_info.args in
-          List.iter (fun dangerous_index ->
-            let dangerous_index = string_of_int (dangerous_index - 1) in
-            let arg_locs = List.filter (((=) dangerous_index) << fst) args in 
-            List.iter (fun (_, l) -> add_dep_edge l l_tsink) arg_locs
-          ) dangerous_inputs
-
-        ) sink_info
+          add_taink_sink graph loc node sink_info.sink sink_info.args
+        ) sink_info;
+
+        (* package sink *)
+        let referece_info = ExternalReferences.get_opt ext_calls loc in 
+        option_may (fun ref ->
+          (* check if there is only one property *)
+          if List.length ref.properties = 1 then
+            let method_name = List.nth ref.properties 0 in 
+            let package_name = ref._module in 
+            let sink_info = Config.get_package_sink_info config package_name method_name in 
+            option_may (fun (sink_info : package) -> 
+              add_taink_sink graph loc node method_name sink_info.args
+            ) sink_info
+        ) referece_info
 
       | _ -> ()
-  ) graph;;
+  ) graph
+
+and add_taink_sink (graph : Graph.t) (loc : location) (node : Graph.Node.t) (sink_name : string) (sink_args : int list) : unit = 
+  let salloc = Graph.alloc_tsink graph in
+  let add_tsink = Graph.add_taint_sink graph in 
+  let add_sink_edge = Graph.add_sink_edge graph in
+  let add_dep_edge = Graph.add_dep_edge graph in
+
+  (* add taint sink *)
+  let l_tsink = salloc node.id in
+  add_tsink l_tsink sink_name node.loc;
+  add_sink_edge loc l_tsink sink_name;
+
+  (* add depedency edges from dangerous inputs (arguments) to taint sink *)
+  let args = Graph.get_arg_locations graph loc in 
+  List.iter (fun dangerous_index ->
+    let dangerous_index = string_of_int (dangerous_index - 1) in
+    let arg_locs = List.filter (((=) dangerous_index) << fst) args in 
+    List.iter (fun (_, l) -> add_dep_edge l l_tsink) arg_locs
+  ) sink_args
 
 
 let add_taint_sources (state : State.t) (_config : Config.t) : unit = 
@@ -459,7 +475,7 @@ and construct_object (state : State.t) (loc : LocationSet.t) : ExportedObject.t
         (* return *)
         !object'
 
-      | Function _ -> ExportedObject.Function loc
+      | Function _ -> ExportedObject.Value loc
       | _ -> ExportedObject.empty ()
 
   else if LocationSet.is_empty loc then 
@@ -488,7 +504,7 @@ let rec program (is_verbose : bool) (config_path : string) ((_, program) : m Pro
   (* process auxiliary analysis outputs*)
   let exportsObjectInfo, config, external_calls = get_analysis_output (Analysis.finish analysis) in 
 
-  add_taint_sinks state config;
+  add_taint_sinks state config external_calls;
   add_taint_sources state config;
   let exportsObject = buildExportsObject state exportsObjectInfo in
 

lib/mdg/structures/exportedObject.ml

@@ -2,7 +2,7 @@ open Auxiliary.Structures
 
 type t = 
   | Object of t HashTable.t
-  | Function of Structures.location
+  | Value of Structures.location
 
 let empty () : t = Object (HashTable.create 0)
 
@@ -30,20 +30,24 @@ let print (exportedObject : t) : unit =
         print_endline (identation_str ^ "}")
 
 
-      | Function func -> print_endline func;
+      | Value loc -> print_endline loc;
   in
 
   print' exportedObject 0
 
-let rec get_function (exportedObject : t) (properties : Structures.property list) : Structures.location =
+let rec get_value_location (exportedObject : t) (properties : Structures.property list) : Structures.location =
   match properties with
     | [] -> get_location exportedObject
-    | property::properties' -> get_function (get_property exportedObject property) properties'
+    | property::properties' -> get_value_location (get_property exportedObject property) properties'
 
 and get_location (exportedObject : t) : Structures.location = 
   match exportedObject with 
-    | Function loc -> loc
-    | _ -> failwith "unable to get function location from exported object"
+    | Value loc -> loc
+    | Object obj -> 
+      (* module.exports = {f} and f = require(...) *)
+      if HashTable.length obj = 1 
+        then get_location (List.nth (List.of_seq (HashTable.to_seq_values obj)) 0)
+        else failwith "unable to get function location from exported object"
 
 and get_property (exportedObject : t) (property : Structures.property) : t =
   match exportedObject with

lib/mdg/structures/externalReferences.ml

@@ -10,6 +10,11 @@ type t' = {
 
 type t = t' T.t
 
+
+let get_opt (ext_refs : t) (location : location) : t' option = 
+  let locs = LocationSet.singleton location in 
+  T.find_opt ext_refs locs
+
 let iter : (LocationSet.t -> t' -> unit) -> t -> unit = T.iter 
 let print (refs : t) : unit =
   print_endline "=======" ;

lib/mdg/structures/graph'.ml

@@ -590,7 +590,7 @@ let update_arg_edges (graph : t) (call_node : location) (parameters : string lis
       (* check if it is a argument edge pointing to the call_node*)
       match edge._to = call_node, edge._type with
         | true, Argument (index, _) -> 
-          let param_name = Option.value (List.nth_opt parameters (int_of_string index)) ~default:"undefined" in
+          let param_name = Option.value (if index = "this" then Some index else List.nth_opt parameters (int_of_string index)) ~default:"undefined" in
           {edge with _type = Argument (index, param_name)}
 
         | _ -> edge

lib/setup/dependencyTree.ml

@@ -28,5 +28,10 @@ let bottom_up_visit (dep_tree : t) : string list =
                     ) acc list
     | _ -> failwith "error visiting dependency tree in bottom up approach"
   in
-  visit dep_tree.structure []
+
+  let visit_order = visit dep_tree.structure []  in
+  (* remove duplicated from visit *)
+  List.rev (List.fold_left (fun final_order curr -> if List.mem curr final_order then final_order else curr :: final_order)  [] visit_order)
+
+