/** * Prototype Lookup * * @param currentLoc * @param property_name * @return null if the prototype chain leads to null when looking for the property or a location * if the object at that location contains the property */ public Location Prototype(Location currentLoc, String property_name) { if (currentLoc != null) { JSObject obj = this.get(currentLoc); if (obj != null) { if (obj.isin(property_name)) return currentLoc; else { Location proto = (Location) obj.get("__proto__"); return Prototype(proto, property_name); } } } return null; }
/** * Displays the heap so that it can be visualized as a graph * * @return */ public String toGraphRep() { Location global = this.getGlobal(); String graphviz = "digraph G{"; Set<Location> locs = heap.keySet(); for (Location l : locs) { JSObject lj = heap.get(l); if (l == global) { graphviz += l.getObjValue() + "[ fillcolor = \"green\", style = \"filled\"];"; } if (lj.isin("at_Taint")) { if (lj.get("at_Taint") != null) { if (((SecurityType) lj.get("at_Taint")).isTainted()) { graphviz += l.getObjValue() + "[ fillcolor = \"red\", style = \"filled\"];"; } else { graphviz += l.getObjValue() + "[ fillcolor = \"lightblue\", style = \"filled\"];"; } } } Set<String> keys = lj.getKeySet(); for (String key : keys) { ObjectValue ov = lj.get(key); if (ov != null) { if (ov instanceof Location) { if (key.equals("innerHTML")) { graphviz += ov.getObjValue() + "[ fillcolor = \"lightblue\", style = \"filled\"];"; } JSObject jsov = heap.get(ov); if (jsov != null) { if (jsov.isin("at_Taint")) { if (jsov.get("at_Taint") != null) { if (((SecurityType) jsov.get("at_Taint")).isTainted()) { graphviz += ov.getObjValue() + "[ fillcolor = \"red\", style = \"filled\"];"; } else { graphviz += ov.getObjValue() + "[ fillcolor = \"lightblue\", style = \"filled\"];"; } } } } String key_new = key; if (key.endsWith("\"")) { key_new = key.substring(1, key.length() - 1); key = key_new; } // if(!key_new.equals("at_Class") && !key_new.equals("__constructor__") && // !key_new.equals("at_FScope") && !key_new.equals("at_Scope") ){ graphviz += "\n" + l.getObjValue() + " -> " + ov.getObjValue() + " [ label = \"" + key_new + "\" ];"; // } } } } } graphviz += "}"; return graphviz; }