Fraunhofer-AISEC · konradweiss · May 18, 2024 · Jun 11, 2024 · Jun 11, 2024 · Jun 11, 2024
diff --git a/codyze-cli/build.gradle.kts b/codyze-cli/build.gradle.kts
@@ -8,6 +8,7 @@ dependencies {
     implementation(projects.codyzeCore)
     implementation(projects.codyzeBackends.cpg)
     implementation(projects.codyzeSpecificationLanguages.coko.cokoDsl)
+    implementation(projects.codyzeSpecificationLanguages.cpgNative)
 
     implementation(libs.clikt)
     implementation(libs.koin)

diff --git a/codyze-cli/src/main/kotlin/de/fraunhofer/aisec/codyze/cli/KoinModules.kt b/codyze-cli/src/main/kotlin/de/fraunhofer/aisec/codyze/cli/KoinModules.kt
@@ -24,6 +24,7 @@ import de.fraunhofer.aisec.codyze.core.executor.ExecutorCommand
 import de.fraunhofer.aisec.codyze.core.output.OutputBuilder
 import de.fraunhofer.aisec.codyze.core.output.SarifBuilder
 import de.fraunhofer.aisec.codyze.core.plugin.Plugin
+import de.fraunhofer.aisec.codyze.specificationLanguage.cpg.native.CPGQuerySubcommand
 import de.fraunhofer.aisec.codyze.specificationLanguages.coko.dsl.cli.CokoSubcommand
 import org.koin.core.module.dsl.factoryOf
 import org.koin.dsl.bind
@@ -42,6 +43,7 @@ val backendCommands = module {
  * Each [Executor] must provide a [ExecutorCommand] to be selectable in the CLI.
  */
 val executorCommands = module {
+    factoryOf(::CPGQuerySubcommand) bind(ExecutorCommand::class)
     factoryOf(::CokoSubcommand) bind(ExecutorCommand::class)
 }
 

diff --git a/codyze-specification-languages/cpg-native/build.gradle.kts b/codyze-specification-languages/cpg-native/build.gradle.kts
@@ -0,0 +1,38 @@
+plugins {
+    id("documented-module")
+    id("publish")
+}
+
+dependencies {
+    implementation(projects.codyzeCore)
+    implementation(projects.codyzeSpecificationLanguages.coko.cokoCore)
+    implementation(projects.codyzeBackends.cpg) // used only for the CokoScript plugin block configuration
+    implementation(libs.bundles.cpg)
+    implementation(libs.kotlin.reflect)
+
+    implementation(libs.sarif4k)
+    implementation(libs.koin)
+    implementation(libs.clikt)
+
+    // For testing with koin
+    // kotlin-test-junit has to be excluded because it is loaded by "documented-module" plugin
+    testImplementation(libs.koin.test) {
+        exclude(group = "org.jetbrains.kotlin", module = "kotlin-test-junit")
+    }
+    testImplementation(libs.koin.junit5) {
+        exclude(group = "org.jetbrains.kotlin", module = "kotlin-test-junit")
+    }
+    testImplementation(libs.mockk)
+    testImplementation(libs.bundles.cpg)
+}
+
+publishing {
+    publications {
+        named<MavenPublication>(name) {
+            pom {
+                name.set("Codyze Specification Language Native CPG Query DSL")
+                description.set("Queries with native CPG DSL for Codyze")
+            }
+        }
+    }
+}
diff --git a/...tlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/CPGQueryConfiguration.kt b/...tlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/CPGQueryConfiguration.kt
@@ -0,0 +1,10 @@
+package de.fraunhofer.aisec.codyze.specificationLanguage.cpg.native
+
+import de.fraunhofer.aisec.codyze.core.executor.ExecutorConfiguration
+import io.github.oshai.kotlinlogging.KotlinLogging
+
+private val logger = KotlinLogging.logger { }
+
+data class CPGQueryConfiguration(
+    val runQueries: Boolean // Queries may be turned of, if all executors are run and queries shoul be excluded
+) : ExecutorConfiguration {}
diff --git a/...in/kotlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/CPGQueryExecutor.kt b/...in/kotlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/CPGQueryExecutor.kt
@@ -0,0 +1,36 @@
+package de.fraunhofer.aisec.codyze.specificationLanguage.cpg.native
+
+import de.fraunhofer.aisec.codyze.core.executor.Executor
+import de.fraunhofer.aisec.codyze.backends.cpg.CPGBackend
+import de.fraunhofer.aisec.codyze.specificationLanguage.cpg.native.queries.CPGQuery
+import de.fraunhofer.aisec.codyze.specificationLanguage.cpg.native.queries.ExampleQuery
+import io.github.detekt.sarif4k.Run
+import io.github.oshai.kotlinlogging.KotlinLogging
+
+
+private val logger = KotlinLogging.logger {}
+
+/**
+ * The [Executor] to run natively defined CPG queries on the cpg backend, generating Sarif output
+ */
+
+class CPGQueryExecutor(private val configuration: CPGQueryConfiguration, private val backend: CPGBackend) :
+    Executor {
+    private val queries: MutableList<CPGQuery> = mutableListOf()
+
+    init {
+        queries.add(ExampleQuery())
+    }
+
+    override fun evaluate(): Run {
+        logger.info { "Running CPG Queries" }
+        val findings: MutableMap<CPGQuery,List<CpgQueryFinding>> = mutableMapOf()
+
+        queries.forEach {
+            findings.put(it, it.query(backend))
+        }
+
+        val cpgQuerySarifBuilder = CPGQuerySarifBuilder(queries = queries, backend = backend)
+        return cpgQuerySarifBuilder.buildRun(findings = findings)
+    }
+}
diff --git a/...ain/kotlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/CPGQueryFinding.kt b/...ain/kotlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/CPGQueryFinding.kt
@@ -0,0 +1,37 @@
+package de.fraunhofer.aisec.codyze.specificationLanguage.cpg.native
+
+import de.fraunhofer.aisec.codyze.backends.cpg.coko.getSarifLocation
+import de.fraunhofer.aisec.codyze.specificationLanguage.cpg.native.queries.CPGQuery
+import de.fraunhofer.aisec.codyze.specificationLanguages.coko.core.Finding
+import de.fraunhofer.aisec.cpg.graph.Node
+import io.github.detekt.sarif4k.Artifact
+import io.github.detekt.sarif4k.Level
+import io.github.detekt.sarif4k.Message
+import io.github.detekt.sarif4k.Result
+import java.nio.file.Path
+
+/**
+ * An implementation of a [Finding] specifically for native queries.
+ */
+data class CpgQueryFinding(
+    val message: String,
+    val kind: Finding.Kind = Finding.Kind.Fail,
+    val node: Node? = null,
+    val relatedNodes: Collection<Node>? = null,
+) {
+    fun toSarif(query: CPGQuery, queries: List<CPGQuery>, artifacts: Map<Path, Artifact>?) =
+        Result(
+            message = Message(text = message),
+            kind = kind.resultKind,
+            level = if (kind == Finding.Kind.Fail) {
+                query.level
+            } else {
+                Level.None
+            },
+            ruleIndex = queries.indexOf(query).toLong(),
+            locations = node?.let { listOf(node.getSarifLocation(artifacts)) },
+            relatedLocations = relatedNodes?.map { node ->
+                node.getSarifLocation(artifacts)
+            }
+        )
+}
diff --git a/...kotlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/CPGQueryOptionGroup.kt b/...kotlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/CPGQueryOptionGroup.kt
@@ -0,0 +1,12 @@
+package de.fraunhofer.aisec.codyze.specificationLanguage.cpg.native
+
+import de.fraunhofer.aisec.codyze.core.executor.ExecutorOptions
+import io.github.oshai.kotlinlogging.KotlinLogging
+
+private val logger = KotlinLogging.logger {}
+
+/**
+ * Contains all the options specific to the [CPGQueryExecutor]. For now this option group is an empty dummy.
+ */
+@Suppress("UNUSED")
+class CPGQueryOptionGroup : ExecutorOptions("CPG Query Options") { }
diff --git a/...otlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/CPGQuerySarifBuilder.kt b/...otlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/CPGQuerySarifBuilder.kt
@@ -0,0 +1,50 @@
+package de.fraunhofer.aisec.codyze.specificationLanguage.cpg.native
+
+import de.fraunhofer.aisec.codyze.core.VersionProvider
+import de.fraunhofer.aisec.codyze.core.backend.Backend
+import de.fraunhofer.aisec.codyze.specificationLanguage.cpg.native.queries.CPGQuery
+import io.github.detekt.sarif4k.*
+import kotlin.reflect.full.findAnnotation
+
+private fun CPGQuery.toReportingDescriptor() = ReportingDescriptor(
+    id = id,
+    name = javaClass.simpleName,
+    shortDescription =  MultiformatMessageString(text = shortDescription),
+    fullDescription = MultiformatMessageString(text = description),
+    defaultConfiguration = ReportingConfiguration(level = level),
+    help = MultiformatMessageString(text = help)
+    ,
+    properties =
+        PropertyBag(
+            tags = tags.toSet(),
+            map = emptyMap()
+        )
+    ,
+)
+
+class CPGQuerySarifBuilder(val queries: List<CPGQuery>, val backend: Backend) {
+    val reportingDescriptors = queries.map { it.toReportingDescriptor() }
+    val toolComponent = ToolComponent(
+        name = "CPGQueryExecutor",
+        product = "Codyze",
+        organization = "Fraunhofer AISEC",
+        semanticVersion = VersionProvider.getVersion("cpg-queries"),
+        downloadURI = "https://github.com/Fraunhofer-AISEC/codyze/releases",
+        informationURI = "https://www.codyze.io",
+        rules = reportingDescriptors,
+    )
+
+    fun buildRun(findings: Map<CPGQuery, List<CpgQueryFinding>>): Run {
+        // build the SARIF run based on the received results
+        return Run(
+            tool = Tool(
+                driver = toolComponent,
+                extensions = listOf(backend.toolInfo)
+            ),
+            artifacts = backend.artifacts.values.toList(),
+            results = findings.entries.flatMap { entry ->
+                entry.value.map { it.toSarif(entry.key, queries, backend.artifacts) }
+            }
+        )
+    }
+}
diff --git a/.../kotlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/CPGQuerySubcommand.kt b/.../kotlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/CPGQuerySubcommand.kt
@@ -0,0 +1,20 @@
+package de.fraunhofer.aisec.codyze.specificationLanguage.cpg.native
+
+import com.github.ajalt.clikt.parameters.groups.provideDelegate
+import de.fraunhofer.aisec.codyze.backends.cpg.CPGBackend
+import de.fraunhofer.aisec.codyze.core.backend.Backend
+import de.fraunhofer.aisec.codyze.core.executor.ExecutorCommand
+
+@Suppress("UNUSED")
+class CPGQuerySubcommand: ExecutorCommand<CPGQueryExecutor>("runNativeQueries") {
+    val executorOptions by CPGQueryOptionGroup()
+
+    init {
+        // allow only the backends that implement the [CokoBackend] interface as subcommands
+        registerBackendOptions<CPGBackend>()
+    }
+
+    override fun getExecutor(goodFindings: Boolean, pedantic: Boolean, backend: Backend?) = with(executorOptions) {
+        CPGQueryExecutor(CPGQueryConfiguration(true), backend as CPGBackend)
+    }
+}
diff --git a/...in/kotlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/queries/CPGQuery.kt b/...in/kotlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/queries/CPGQuery.kt
@@ -0,0 +1,19 @@
+package de.fraunhofer.aisec.codyze.specificationLanguage.cpg.native.queries
+
+import de.fraunhofer.aisec.codyze.backends.cpg.CPGBackend
+import de.fraunhofer.aisec.codyze.specificationLanguage.cpg.native.CpgQueryFinding
+import io.github.detekt.sarif4k.Level
+
+open abstract class CPGQuery {
+
+
+    abstract val id: String
+    abstract val shortDescription: String
+    abstract val description: String
+    val level: Level = Level.Note
+    var help: String = ""
+    val tags: Set<String> = mutableSetOf()
+
+    abstract fun query(backend: CPGBackend): List<CpgQueryFinding>
+
+}
diff --git a/...otlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/queries/ExampleQuery.kt b/...otlin/de/fraunhofer/aisec/codyze/specificationLanguage/cpg/native/queries/ExampleQuery.kt
@@ -0,0 +1,30 @@
+package de.fraunhofer.aisec.codyze.specificationLanguage.cpg.native.queries
+
+import de.fraunhofer.aisec.codyze.backends.cpg.CPGBackend
+import de.fraunhofer.aisec.codyze.specificationLanguage.cpg.native.CpgQueryFinding
+import de.fraunhofer.aisec.cpg.graph.Annotation
+import de.fraunhofer.aisec.cpg.query.all
+import de.fraunhofer.aisec.cpg.query.allExtended
+
+class ExampleQuery: CPGQuery() {
+
+    override val id: String = "0"
+    override val shortDescription: String = "A short Query Example"
+    override val description: String = "This query is an example of a native cpg query that can use the cpg structure to " +
+            "identify relevant nodes"
+    val message = "An implementation for cryptographic functionality was found: "
+    val crypoUses:List<String> = listOf("ENCRYPT", "DECRYPT", "SIGN","VERIFY", "RANDOM", "RNG", "RAND")
+
+    override fun query(backend: CPGBackend): List<CpgQueryFinding> {
+
+        val findings: MutableList<CpgQueryFinding> = mutableListOf()
+
+        backend.cpg.all<Annotation>
+            { crypoUses.contains(it.name.localName.toUpperCase()) }
+            .second.forEach {
+                findings.add(CpgQueryFinding(message + it.name.localName, node = it, relatedNodes = listOf(it)))
+            }
+
+        return findings
+    }
+}
diff --git a/settings.gradle.kts b/settings.gradle.kts
@@ -16,6 +16,9 @@ include(":codyze-backends:cpg")
 include(":codyze-specification-languages:coko:coko-core")
 include(":codyze-specification-languages:coko:coko-dsl")
 
+// Including the nativ cpg dsl queries
+include(":codyze-specification-languages:cpg-native")
+
 /*
  * Optional and experimental features
  */