package fr.lifl.stc.stan.dsl; import java.io.IOException; import java.util.Collection; import fr.lifl.stc.stan.link.Link; import fr.lifl.stc.stan.link.TableLink; import fr.lifl.stc.stan.link.defaultLink.DefaultLink; import fr.lifl.stc.stan.samples.flow.FlowPartialSignature; import fr.lifl.stc.stan.samples.flow.FlowPartialSignatureData; import fr.lifl.stc.stan.signature.PartialSignature; import fr.lifl.stc.stan.signature.PartialSignatureData; import fr.lifl.stc.stan.signature.Signature; import fr.lifl.stc.stan.signature.SignatureDictionary; import org.antlr.runtime.*; import org.antlr.runtime.tree.*; import org.apache.bcel.classfile.Attribute; import org.apache.bcel.classfile.ClassParser; import org.apache.bcel.classfile.Code; import org.apache.bcel.classfile.ExactLinkAttribute; import org.apache.bcel.classfile.GlobalLinkAttribute; import org.apache.bcel.classfile.JavaClass; import org.apache.bcel.classfile.LinkAttribute; import org.apache.bcel.classfile.Method; import org.apache.bcel.classfile.ProofAttribute; import org.apache.bcel.generic.ObjectType; import org.apache.bcel.generic.Type; import java.io.File; import org.apache.bcel.classfile.Field; import gnu.getopt.Getopt; public class DSLChecker { public static void main(String args[]) { Getopt g = new Getopt("DSLChecker", args, "d:c:"); String dslpath=""; String classpackage_path=""; String arg; int c; while ((c = g.getopt()) != -1) { switch( c ) { case 'd': arg = g.getOptarg(); dslpath = arg; break; case 'c': arg = g.getOptarg(); classpackage_path=arg; break; } } if ( dslpath == "" || classpackage_path == "" ) { System.out.println("Bad usage : use -d for policy file and -c for class/package path."); System.exit(-1); } DSLReader dsl = null; try { dsl = new DSLReader(dslpath); } catch (RecognitionException e) { System.out.println("There was an error while reading the DSL file " + e.getMessage()); System.exit(-1); } catch (IOException e) { System.out.println("Unable to open DSL file : " + e.getMessage()); System.exit(-1); } System.out.println("DSL read :"); System.out.println(dsl.policies); File classdir = new File(classpackage_path); if ( classdir.isDirectory() ) checkPackage(classdir, dsl.policies); else checkClass(classdir.getAbsolutePath(), dsl.policies); } public static void checkPackage(File dir, PolicyManager policies) { String[] children = dir.list(); for (int i = 0; i < children.length; i++) { File f = new File(dir, children[i]); if ( f.isDirectory() ) checkPackage(f, policies); else if ( f.getAbsolutePath().endsWith(".class") ) checkClass(f.getAbsolutePath(), policies); } } public static void checkClass(String path, PolicyManager policies) { System.out.println(); System.out.println(">>> Analyzing class [" + path + "]"); try { ClassParser cp = new ClassParser(path); JavaClass jc = cp.parse(); /* Check if all Secret attributes are private */ for(String secret: policies.getSecretFieldsFor(new ObjectType(jc.getClassName()))) { boolean found = false; for(Field f: jc.getFields()) if ( f.getName().equals(secret) ) { found = true; if ( ! f.isPrivate() ) System.out.println("[E]{" + jc.getClassName() + "}(" + secret + ") Secret field isn't private in class"); } if ( ! found ) System.out.println("[W]{" + jc.getClassName() + "}(" + secret + ") Secret field not found in class"); } FlowChecker fc = new FlowChecker(policies); for(Method m: jc.getMethods()) { //System.out.println("\t* " + m.getName()); for(Attribute a: m.getAttributes()) { if (a instanceof GlobalLinkAttribute) { //System.out.println("G ->" + a); GlobalLinkAttribute ga = (GlobalLinkAttribute)a; for(int lid=0; lid < ga.getLinkCount(); lid++) { int[] r = ga.getLink(lid); //System.out.println("->" + r[0] + "," + r[1] + "," + r[2]); Flow f = new Flow(jc, m, r[0], r[1], r[2]); try { fc.check(f); } catch(FlowCheckerException e) { System.out.println("[E]{" + jc.getClassName() + "}{" + m.getName() + "} " + e.getMessage()); } } } } } } catch(Exception e) { e.printStackTrace(); } } }