mate.poi.analysis.PathTraversal module

class mate.poi.analysis.PathTraversal.PathTraversal

Bases: mate.poi.poi_types.Analysis

run(session: mate_query.db.Session, graph: mate_query.db.Graph, _inputs: Dict[str, Any]) Iterable[Tuple[mate_common.models.analyses.POI, List[Union[mate_common.models.graphs.NodeRequest, mate_common.models.graphs.GraphRequest, mate_common.models.graphs.SliceRequest]]]]
Parameters
Return type

Iterable[Tuple[mate_common.models.analyses.POI, List[Union[mate_common.models.graphs.NodeRequest, mate_common.models.graphs.GraphRequest, mate_common.models.graphs.SliceRequest]]]]

class mate.poi.analysis.PathTraversal.PathTraversalPOI(*, insight: str, source: str = None, sink: str = None, salient_functions: List[mate_common.models.analyses.SalientFunction] = [])

Bases: mate_common.models.analyses.POI

This POI represents a potential pointer address leak to a public output.

It consists of an LLVM pointer value and an output signature where that pointer might be leaked to the user.

Parameters
Return type

None

insight: str

A human-readable piece of “insight” for the POI, in Markdown format.

salient_functions: List[SalientFunction]

A list of SalientFunction models.

Each POI analysis determines which, if any, functions to include in this list.

sink: Optional[str]

A human readable location string for the “sink” of the POI.

source: Optional[str]

A human readable location string for the “source” of the POI.

mate.poi.analysis.PathTraversal.compute_cfl_path_traversal(session: Session, cpg: db.Graph) Iterable[Tuple[Instruction, Instruction, List[Tuple[InputSignature, OutputSignature]]]]
Parameters
Return type

Iterable[Tuple[Instruction, Instruction, List[Tuple[InputSignature, OutputSignature]]]]

mate.poi.analysis.PathTraversal.compute_path_traversal(session: Session, cpg: db.Graph) Iterable[Tuple[InputSignature, OutputSignature]]
Parameters
Return type

Iterable[Tuple[InputSignature, OutputSignature]]