Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Question about reachables-slices.json result #152

Open
0x456de opened this issue Aug 14, 2024 · 4 comments
Open

Question about reachables-slices.json result #152

0x456de opened this issue Aug 14, 2024 · 4 comments

Comments

@0x456de
Copy link

0x456de commented Aug 14, 2024

Hi!
I try to understand how exactly reachables slices are created.
So, I use following dummy sample code.

import fs from 'fs';
import path from 'path';
import http from 'http';

let server;

function pipeFileToMyResponse(res, file, type) {
  fs.createReadStream(path.join(path.resolve(), 'sandbo', file)).pipe(res);
}

server = http.createServer(function (req, res) { 
  //url.parse(req.url,
  pipeFileToMyResponse(res, './client.html'); 
});

Next, I generate bom.json in deep mode within cdxgen and get reachables.
Result for my sample code:

{
    "reachables": [
        {
            "flows": [
                {
                    "id": 93,
                    "label": "IDENTIFIER",
                    "name": "http",
                    "fullName": "",
                    "signature": "",
                    "isExternal": false,
                    "code": "http.createServer(function (req, res) { \n  //url.parse(req.url,\n  pipeFileToMyResponse(res, './client.html'); \n})",
                    "typeFullName": "",
                    "parentMethodName": ":program",
                    "parentMethodSignature": "",
                    "parentFileName": "main.mjs",
                    "parentPackageName": "<global>",
                    "parentClassName": "main.mjs::program",
                    "lineNumber": 11,
                    "columnNumber": 9,
                    "tags": "pkg:npm/http@0.0.1-security"
                },
                {
                    "id": 54,
                    "label": "METHOD_PARAMETER_IN",
                    "name": "res",
                    "fullName": "",
                    "signature": "",
                    "isExternal": false,
                    "code": "res",
                    "typeFullName": "ANY",
                    "parentMethodName": "anonymous",
                    "parentMethodSignature": "",
                    "parentFileName": "main.mjs",
                    "parentPackageName": "<global>",
                    "parentClassName": "main.mjs::program",
                    "lineNumber": 11,
                    "columnNumber": 42,
                    "tags": ""
                },
                {
                    "id": 59,
                    "label": "IDENTIFIER",
                    "name": "res",
                    "fullName": "",
                    "signature": "",
                    "isExternal": false,
                    "code": "pipeFileToMyResponse(res, './client.html')",
                    "typeFullName": "",
                    "parentMethodName": "anonymous",
                    "parentMethodSignature": "",
                    "parentFileName": "main.mjs",
                    "parentPackageName": "<global>",
                    "parentClassName": "main.mjs::program",
                    "lineNumber": 13,
                    "columnNumber": 23,
                    "tags": ""
                },
                {
                    "id": 17,
                    "label": "METHOD_PARAMETER_IN",
                    "name": "res",
                    "fullName": "",
                    "signature": "",
                    "isExternal": false,
                    "code": "res",
                    "typeFullName": "ANY",
                    "parentMethodName": "pipeFileToMyResponse",
                    "parentMethodSignature": "",
                    "parentFileName": "main.mjs",
                    "parentPackageName": "<global>",
                    "parentClassName": "main.mjs::program",
                    "lineNumber": 7,
                    "columnNumber": 30,
                    "tags": ""
                },
                {
                    "id": 44,
                    "label": "IDENTIFIER",
                    "name": "res",
                    "fullName": "",
                    "signature": "",
                    "isExternal": false,
                    "code": "fs.createReadStream(path.join(path.resolve(), 'sandbo', file)).pipe(res)",
                    "typeFullName": "",
                    "parentMethodName": "pipeFileToMyResponse",
                    "parentMethodSignature": "",
                    "parentFileName": "main.mjs",
                    "parentPackageName": "<global>",
                    "parentClassName": "main.mjs::program",
                    "lineNumber": 8,
                    "columnNumber": 70,
                    "tags": "pkg:npm/fs@0.0.1-security, pkg:npm/path@0.12.7"
                }
            ],
            "purls": [
                "pkg:npm/path@0.12.7",
                "pkg:npm/http@0.0.1-security",
                "pkg:npm/fs@0.0.1-security"
            ]
        },
        {
            "flows": [
                {
                    "id": 93,
                    "label": "IDENTIFIER",
                    "name": "http",
                    "fullName": "",
                    "signature": "",
                    "isExternal": false,
                    "code": "http.createServer(function (req, res) { \n  //url.parse(req.url,\n  pipeFileToMyResponse(res, './client.html'); \n})",
                    "typeFullName": "",
                    "parentMethodName": ":program",
                    "parentMethodSignature": "",
                    "parentFileName": "main.mjs",
                    "parentPackageName": "<global>",
                    "parentClassName": "main.mjs::program",
                    "lineNumber": 11,
                    "columnNumber": 9,
                    "tags": "pkg:npm/http@0.0.1-security"
                },
                {
                    "id": 54,
                    "label": "METHOD_PARAMETER_IN",
                    "name": "res",
                    "fullName": "",
                    "signature": "",
                    "isExternal": false,
                    "code": "res",
                    "typeFullName": "ANY",
                    "parentMethodName": "anonymous",
                    "parentMethodSignature": "",
                    "parentFileName": "main.mjs",
                    "parentPackageName": "<global>",
                    "parentClassName": "main.mjs::program",
                    "lineNumber": 11,
                    "columnNumber": 42,
                    "tags": ""
                },
                {
                    "id": 59,
                    "label": "IDENTIFIER",
                    "name": "res",
                    "fullName": "",
                    "signature": "",
                    "isExternal": false,
                    "code": "pipeFileToMyResponse(res, './client.html')",
                    "typeFullName": "",
                    "parentMethodName": "anonymous",
                    "parentMethodSignature": "",
                    "parentFileName": "main.mjs",
                    "parentPackageName": "<global>",
                    "parentClassName": "main.mjs::program",
                    "lineNumber": 13,
                    "columnNumber": 23,
                    "tags": ""
                },
                {
                    "id": 17,
                    "label": "METHOD_PARAMETER_IN",
                    "name": "res",
                    "fullName": "",
                    "signature": "",
                    "isExternal": false,
                    "code": "res",
                    "typeFullName": "ANY",
                    "parentMethodName": "pipeFileToMyResponse",
                    "parentMethodSignature": "",
                    "parentFileName": "main.mjs",
                    "parentPackageName": "<global>",
                    "parentClassName": "main.mjs::program",
                    "lineNumber": 7,
                    "columnNumber": 30,
                    "tags": ""
                },
                {
                    "id": 44,
                    "label": "IDENTIFIER",
                    "name": "res",
                    "fullName": "",
                    "signature": "",
                    "isExternal": false,
                    "code": "fs.createReadStream(path.join(path.resolve(), 'sandbo', file)).pipe(res)",
                    "typeFullName": "",
                    "parentMethodName": "pipeFileToMyResponse",
                    "parentMethodSignature": "",
                    "parentFileName": "main.mjs",
                    "parentPackageName": "<global>",
                    "parentClassName": "main.mjs::program",
                    "lineNumber": 8,
                    "columnNumber": 70,
                    "tags": "pkg:npm/fs@0.0.1-security, pkg:npm/path@0.12.7"
                }
            ],
            "purls": [
                "pkg:npm/path@0.12.7",
                "pkg:npm/http@0.0.1-security",
                "pkg:npm/fs@0.0.1-security"
            ]
        }
    ]
}

However, when I change code to this one:

import fs from 'fs';
import path from 'path';
import http from 'http';

let server;

function pipeFileToMyResponse(res, file, type) {
  fs.createReadStream(path.join(path.resolve(), 'sandbo', file)).pipe(res);
}

server = http.createServer(function (req, res) { 
  pipeFileToMyResponse(res, './client.html'); 
});

I have empty results. It's strange behaviour as for me. And I can't understands reasons of it. Could u explain, please?
@prabhu
Copy link
Contributor

prabhu commented Aug 14, 2024

Reachables slicing requires a valid application. So there must be a package.json, lock file, and deep mode bom.json file to be present in the same directory. Can you check if all these exists?

@0x456de
Copy link
Author

0x456de commented Aug 14, 2024
edited
Loading

So, I spend some hours for deep diving in it

I have this js-code

import http from 'http';

let server;

function myfunc(u) {
  sandbox(u); 
}

server = http.createServer(function (req, res) 
{ 
  myfunc(req.url); 
});

And, I notice that "url" and "sanbox" identediers are maked as framework-in and framework-our correspondanly. As I understand, algorightma use this tags for building full paths.

If u know, why exactly this identifiers, please, explain me :)

By the way, all attempts (last one and this one) were made whith deep bom.json, package, package-lock files. And, I removed before operation last *.atom file.

@prabhu
Copy link
Contributor

prabhu commented Aug 15, 2024

It's a lengthy explanation. Can you join one of our office hour? It will resume in September.

@0x456de
Copy link
Author

0x456de commented Aug 19, 2024

Do you mean return to this question in September?

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@prabhu @0x456de