mariana-trench icon indicating copy to clipboard operation
mariana-trench copied to clipboard

Published 20 hours ago verified publisher icon facebook

How to check argument value with regex?

Open IgorInk opened this issue 2 years ago • 1 comments

Hi. How can I check some argument value with mariana? For example, I need to check Cipher.getInstanse(v) argument value with some regex pattern (AES/CBC/* etc) I'm defining this model for sink:

      "find": "methods",
      "where": [
        {
          "constraint": "is_static",
          "value": true
        },
        {
          "constraint": "signature",
          "pattern": "Ljavax/crypto/Cipher;\\.getInstance:\\(Ljava/lang/String;\\)Ljavax/crypto/Cipher;"
        }
      ],
      "model": {
        "for_all_parameters": [
          {
            "variable": "idx",
            "where": [

            ],
            "sinks": [
              {
                "kind": "CryptoTransformation",
                "port": "Argument(0)",
                "via_value_of": [
                  "Argument(0)"
                ]
              }
            ]
          }
        ]
      }

How can I check Argument(0) value with the regex? Thanks

IgorInk avatar Feb 24 '23 11:02 IgorInk

Hi @IgorInk,

This is not currently possible and is unlikely to be implemented soon. The model generation step (which parses the json) does not have information about arguments, it only has typing information. I would recommend using via_value_of for now (as you did).

arthaud avatar Feb 24 '23 18:02 arthaud