Home > Developer > PHP

PHP static analysis and cross-site scripting (4)-PHP source code

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >
Ec (2); I will continue to submit reading program notes today. This time is relatively small and relatively simple. ConnectorComputation & nbsp;-compute () & nbsp; if there are other elements in the workList, continue the loop, but the first time you enter the loop, the workList has only one element according to the constructor. & lt; mai script ec (2); script

I will continue to submit reading program notes today. This time is relatively small and relatively simple.
ConnectorComputation
-Compute ()
If there are still elements in the workList, the cycle continues. However, when the first cycle is started, there is only one element in the workList according to the constructor. . Then, retrieve the first element from the workList, obtain TacFunction and CallString (gamma), and obtain ECS (ecs_p) from function2ECS according to TacFunction (p ), in fact, the TacFunction corresponding to the first element in functions2ECS is _ main. Obtain the position of gamma in ecs_p, that is, the position in a CallString linked list.
Then, iterate all the worker nodecall contained in the TacFunction p. For each callNode, obtain its callee (called function q) in q! If it is null, create a new CallString (gamma_2) with callNode, obtain the ECS (ecs_q) corresponding to q from function2ECS, and obtain the location of gamma_2 in ecs_q, if it is-1, gamma_2 is added to the CallStrings queue of ecs_q, and the elements created with q and gamma_2 are added to the workList, expand it.
What is the next expansion of ConnectorFunction is not useful because it is in the for loop and is an operation on local variables.
Call the makeCallGraph () method after the while loop ends.
-MakeCallGraph ()
First, initialize a CallGraph with mainFunction to obtain the method call list included in mainFunction processUs. Create a set named visited and add the mainFunction to the set.
When processUs is not empty, extract the callNode element in sequence to obtain its caller and callee. If callee! = Null: add an element to callGraph. If callee has not been processed, add all function calls it contains to processUs and put them into visited.

Checker
According to the initial supplied run-all.bat parameters, the aliases analyze and literal analyze are not actually performed, but gta. analyze () is performed, that is, only dependance analyze is actually executed. Vulns is determined based on the link.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
how to fix cross site scripting vulnerability in php encrypt and decrypt php source code php and mysql web development source code php projects with source code and database sonar static code analysis lua static code analysis resharper static code analysis

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More