@clear-capabilities/agentic-security-scanner 0.74.0

package/src/ir/parser-py.js

@@ -0,0 +1,312 @@
+// Python IR frontend (P2.2).
+//
+// Emits the same IR node shape as parser-js.js so the existing dataflow
+// engine consumes both transparently.
+//
+// v1: a pragmatic indentation-aware parser. We avoid bundling tree-sitter
+// (a 4–10MB WASM blob) and instead recognize the core Python shapes we
+// actually need for taint analysis:
+//
+//   def f(args):           → function header (new fn, CFG)
+//   x = expr               → assign node
+//   call(args)             → call node
+//   return expr            → return node
+//   if cond:               → if node
+//   while cond:            → loop-header node
+//   for v in expr:         → loop-header node + implicit assign
+//   raise expr             → throw node
+//   try / except / finally → exception-flow scaffolding (P3.4 will model)
+//
+// Out of scope for v1: comprehensions (treated as opaque), decorators
+// (parsed but not used for taint), match statements, async / await
+// modeled as transparent unwrap. lambda bodies collapsed to expr.
+//
+// The output matches the parser-js.js shape:
+//
+//   {
+//     file, functions: [{
+//       qid, name, line, params, cfg: { entry, exit, nodes }
+//     }],
+//     topLevel
+//   }
+
+import { blankComments } from '../sast/_comment-strip.js';
+
+let _nodeIdSeq = 0;
+function nextNodeId() { return 'pyn' + (++_nodeIdSeq); }
+
+// ── Lightweight expression parser ───────────────────────────────────────
+
+const _IDENT = /^[A-Za-z_][A-Za-z_0-9]*/;
+
+function parseExpr(text) {
+  if (!text) return { kind: 'unknown' };
+  text = text.trim();
+  if (!text) return { kind: 'unknown' };
+  // String literal
+  if (/^['"]/.test(text)) {
+    return { kind: 'literal', value: text };
+  }
+  // Number literal
+  if (/^-?\d/.test(text)) {
+    return { kind: 'literal', value: Number(text) || text };
+  }
+  // True / False / None
+  if (/^(?:True|False|None)$/.test(text)) {
+    return { kind: 'literal', value: text };
+  }
+  // F-string (template literal)
+  if (/^f['"]/.test(text)) {
+    const inner = text.slice(2, -1);
+    const parts = [];
+    let m;
+    const fre = /\{([^{}]+)\}/g;
+    while ((m = fre.exec(inner))) {
+      parts.push(parseExpr(m[1]));
+    }
+    return { kind: 'tpl', parts };
+  }
+  // Call: name(args) or name.method(args) — premortem #14: accept arbitrary
+  // nesting of parens/brackets/braces in args, not just one level. The old
+  // regex `[^()]*` rejected anything with a nested paren, silently dropping
+  // most idiomatic Python (`db.execute(sanitize(x))`, `f(g(y))`).
+  const calleeMatch = /^([A-Za-z_][\w.]*)\s*\(/.exec(text);
+  if (calleeMatch) {
+    const callee = calleeMatch[1];
+    const openIdx = calleeMatch[0].length - 1;
+    // Walk forward from openIdx, tracking balanced (), [], {}, with quote
+    // awareness so a `)` inside a string doesn't close the call.
+    let depth = 1, i = openIdx + 1, inStr = false, q = '';
+    for (; i < text.length; i++) {
+      const c = text[i];
+      if (inStr) {
+        if (c === '\\') { i++; continue; }
+        if (c === q) { inStr = false; }
+        continue;
+      }
+      if (c === '"' || c === "'") { inStr = true; q = c; continue; }
+      if (c === '(' || c === '[' || c === '{') depth++;
+      else if (c === ')' || c === ']' || c === '}') {
+        depth--;
+        if (depth === 0) break;
+      }
+    }
+    // Whole text must end right at the matching close-paren for this to
+    // be a plain call expression; otherwise it's a sub-expression.
+    if (depth === 0 && i === text.length - 1) {
+      const argsText = text.slice(openIdx + 1, i);
+      const args = _splitArgs(argsText).map(a => parseExpr(a));
+      return { kind: 'call', callee, args };
+    }
+  }
+  // Binary op
+  for (const op of [' or ', ' and ', '==', '!=', '<=', '>=', '<', '>', '+', '-', '*', '/', '%']) {
+    const idx = _findTopLevel(text, op);
+    if (idx > 0) {
+      const left = parseExpr(text.slice(0, idx));
+      const right = parseExpr(text.slice(idx + op.length));
+      return { kind: op === ' or ' || op === ' and ' ? 'logical' : 'binary', op: op.trim(), left, right };
+    }
+  }
+  // Member access x.y.z
+  if (/\./.test(text) && _IDENT.test(text.split('.')[0])) {
+    const parts = text.split('.');
+    let cur = { kind: 'ident', name: parts[0] };
+    for (let i = 1; i < parts.length; i++) {
+      cur = { kind: 'member', object: cur, prop: parts[i].replace(/\(.*\)$/, '') };
+    }
+    return cur;
+  }
+  // Plain ident
+  if (_IDENT.test(text)) {
+    return { kind: 'ident', name: text.match(_IDENT)[0] };
+  }
+  // List / dict literal
+  if (/^\[/.test(text)) {
+    const inner = text.slice(1, -1);
+    const elements = _splitArgs(inner).map(parseExpr);
+    return { kind: 'array', elements };
+  }
+  if (/^\{/.test(text)) {
+    const inner = text.slice(1, -1);
+    const pairs = _splitArgs(inner).map(p => {
+      const colon = _findTopLevel(p, ':');
+      if (colon < 0) return null;
+      return { value: parseExpr(p.slice(colon + 1)) };
+    }).filter(Boolean);
+    return { kind: 'object', props: pairs };
+  }
+  return { kind: 'unknown' };
+}
+
+function _splitArgs(s) {
+  if (!s) return [];
+  const out = [];
+  let depth = 0, last = 0;
+  for (let i = 0; i < s.length; i++) {
+    const c = s[i];
+    if (c === '(' || c === '[' || c === '{') depth++;
+    else if (c === ')' || c === ']' || c === '}') depth--;
+    else if (c === ',' && depth === 0) { out.push(s.slice(last, i).trim()); last = i + 1; }
+  }
+  const tail = s.slice(last).trim();
+  if (tail) out.push(tail);
+  return out;
+}
+
+function _findTopLevel(s, sep) {
+  let depth = 0;
+  for (let i = 0; i < s.length - sep.length + 1; i++) {
+    const c = s[i];
+    if (c === '(' || c === '[' || c === '{') depth++;
+    else if (c === ')' || c === ']' || c === '}') depth--;
+    if (depth === 0 && s.startsWith(sep, i)) return i;
+  }
+  return -1;
+}
+
+// ── Indentation-aware function extraction ───────────────────────────────
+
+function extractFunctions(text, file) {
+  const lines = blankComments(text, 'py').split('\n');
+  const fns = [];
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    // Premortem #14: balanced-paren signature parse to handle default values
+    // that contain parens (e.g. `def f(x=Foo(1, 2)) -> None:`). The old regex
+    // `\(([^)]*)\)` couldn't see past the first ')' and would either miss the
+    // function entirely or capture only the leading args.
+    const head = /^(\s*)(?:async\s+)?def\s+(\w+)\s*\(/.exec(line);
+    if (!head) continue;
+    const indent = head[1].length;
+    const name = head[2];
+    let p = head[0].length, depth = 1, inStr = false, q = '';
+    for (; p < line.length; p++) {
+      const c = line[p];
+      if (inStr) { if (c === '\\') { p++; continue; } if (c === q) inStr = false; continue; }
+      if (c === '"' || c === "'") { inStr = true; q = c; continue; }
+      if (c === '(' || c === '[' || c === '{') depth++;
+      else if (c === ')' || c === ']' || c === '}') { depth--; if (depth === 0) break; }
+    }
+    if (depth !== 0) continue;
+    const paramsText = line.slice(head[0].length, p);
+    // After the close paren, require a `:` (possibly via `-> X:`)
+    const after = line.slice(p + 1);
+    if (!/^\s*(?:->\s*[^:]+)?:\s*(?:#.*)?$/.test(after)) continue;
+    const params = _splitArgs(paramsText).map(s => s.trim().split(/[:=]/)[0].trim()).filter(Boolean);
+    // Collect body lines: anything indented strictly more than `indent`
+    // until we hit a line with same-or-less indent.
+    const body = [];
+    let j = i + 1;
+    while (j < lines.length) {
+      const l = lines[j];
+      if (l.trim() === '') { body.push({ line: j + 1, text: '' }); j++; continue; }
+      const li = l.match(/^(\s*)/)[1].length;
+      if (li <= indent) break;
+      body.push({ line: j + 1, text: l.slice(indent + 4) });   // strip one indent
+      j++;
+    }
+    fns.push({
+      qid: `${file}::module::${name}`,
+      name,
+      line: i + 1,
+      params,
+      body,
+    });
+  }
+  return fns;
+}
+
+// ── Build CFG from a function's body lines ──────────────────────────────
+
+function buildCfg(fn) {
+  const nodes = {};
+  const entry = nextNodeId();
+  const exit = nextNodeId();
+  nodes[entry] = { id: entry, kind: 'entry', succ: [] };
+  nodes[exit] = { id: exit, kind: 'exit', succ: [] };
+
+  let prev = entry;
+  for (const { line, text } of fn.body) {
+    if (!text.trim()) continue;
+    const node = _classifyLine(text, line);
+    if (!node) continue;
+    const id = nextNodeId();
+    node.id = id;
+    nodes[id] = node;
+    if (nodes[prev]) {
+      nodes[prev].succ = nodes[prev].succ || [];
+      nodes[prev].succ.push(id);
+    }
+    prev = id;
+  }
+  if (nodes[prev]) {
+    nodes[prev].succ = nodes[prev].succ || [];
+    nodes[prev].succ.push(exit);
+  }
+  return { entry, exit, nodes };
+}
+
+function _classifyLine(text, line) {
+  text = text.trim();
+  if (!text) return null;
+  // return expr
+  let m;
+  if ((m = /^return\s*(.*)$/.exec(text))) {
+    return { kind: 'return', value: m[1] ? parseExpr(m[1]) : null, line, succ: [] };
+  }
+  // raise expr
+  if ((m = /^raise\s*(.*)$/.exec(text))) {
+    return { kind: 'throw', value: m[1] ? parseExpr(m[1]) : null, line, succ: [] };
+  }
+  // if cond:
+  if ((m = /^(?:el)?if\s+(.+):\s*$/.exec(text))) {
+    return { kind: 'if', cond: parseExpr(m[1]), line, succ: [] };
+  }
+  // for v in expr:
+  if ((m = /^for\s+(\w+)\s+in\s+(.+):\s*$/.exec(text))) {
+    return { kind: 'assign', target: m[1], source: parseExpr(m[2]), line, succ: [] };
+  }
+  // while cond:
+  if ((m = /^while\s+(.+):\s*$/.exec(text))) {
+    return { kind: 'loop-header', cond: parseExpr(m[1]), line, succ: [] };
+  }
+  // x = expr  (avoid matching `==`)
+  if ((m = /^([A-Za-z_][\w.]*)\s*=(?!=)\s*(.+)$/.exec(text))) {
+    const target = m[1];
+    const source = parseExpr(m[2]);
+    return { kind: 'assign', target, source, line, succ: [] };
+  }
+  // bare call: func(args)
+  if ((m = /^([A-Za-z_][\w.]*)\s*\(([^()]*)\)\s*$/.exec(text))) {
+    return { kind: 'call', callee: m[1], args: _splitArgs(m[2]).map(parseExpr), line, succ: [] };
+  }
+  // unhandled: noop
+  return { kind: 'noop', line, succ: [] };
+}
+
+/**
+ * Public entry point — produces the same shape as parser-js.js's output.
+ *
+ *   file: repo-relative .py path
+ *   raw:  file contents
+ */
+export function parsePythonFile(file, raw) {
+  if (!file || !raw || typeof raw !== 'string') return null;
+  if (!/\.py$/i.test(file)) return null;
+  if (raw.length > 1_000_000) return null;
+  const fnRecs = extractFunctions(raw, file);
+  const functions = fnRecs.map(fn => ({
+    qid: fn.qid,
+    name: fn.name,
+    line: fn.line,
+    params: fn.params,
+    cfg: buildCfg(fn),
+    file,
+  }));
+  return {
+    file,
+    functions,
+    topLevel: null,
+  };
+}

package/src/ir/ssa.js

@@ -0,0 +1,315 @@
+// Static Single Assignment transform (P2.4).
+//
+// Renames every variable in the IR so each definition gets a unique name
+// (`x_0`, `x_1`, `x_2`, ...). At control-flow joins, places a φ-node that
+// merges the incoming definitions.
+//
+// Why this matters for taint:
+//   let x = req.body;     // x_0 := tainted
+//   x = sanitize(x);      // x_1 := clean
+//   doSink(x);            // sink reads x_1 → clean
+//
+// Without SSA, the engine sees one variable `x`. The sanitize-then-use
+// pattern looks like a "still tainted" finding because the same name was
+// tainted earlier in the function. SSA turns this into two separate
+// variables, eliminating the conflation.
+//
+// Algorithm (Cytron-Ferrante 1991):
+//
+//   1. Compute the dominator tree of the CFG.
+//   2. Compute dominance frontiers for each node.
+//   3. For each variable `v` defined in node `n`, place a φ(v) at every
+//      node in DF(n) — these are the join points where v's def reaches.
+//   4. Rename each definition `v` to `v_<count>` (increment per def).
+//      Each use of `v` is rewritten to the most-recent dominating def.
+//
+// v1 in this module: we expose the SSA transform as a standalone pass that
+// the engine can opt into via AGENTIC_SECURITY_SSA=1. Default-off because
+// it changes IR shape and the existing engine must consume the new shape.
+//
+// Public API:
+//   computeSSA(cfg)   → mutates cfg in place; each variable is now suffixed
+//                       _0/_1/_2..., φ-nodes inserted at join points.
+//   isSSAEnabled()    → bool from env
+
+import { accessPathOf } from '../dataflow/access-paths.js';
+
+export function isSSAEnabled() {
+  return process.env.AGENTIC_SECURITY_SSA === '1';
+}
+
+/**
+ * Compute dominators for a CFG using the iterative algorithm.
+ *
+ * Returns Map<nodeId, Set<nodeId>>  — dom[n] = set of nodes that dominate n.
+ */
+function computeDominators(cfg) {
+  const nodes = Object.keys(cfg.nodes || {});
+  const entry = cfg.entry;
+  const dom = new Map();
+  for (const n of nodes) dom.set(n, new Set(nodes));
+  dom.set(entry, new Set([entry]));
+  // Reverse adjacency for predecessor lookup.
+  const preds = new Map();
+  for (const n of nodes) preds.set(n, []);
+  for (const n of nodes) {
+    for (const s of (cfg.nodes[n]?.succ || [])) {
+      if (preds.has(s)) preds.get(s).push(n);
+    }
+  }
+  let changed = true;
+  let safety = 1000;
+  while (changed && safety-- > 0) {
+    changed = false;
+    for (const n of nodes) {
+      if (n === entry) continue;
+      const ps = preds.get(n) || [];
+      if (!ps.length) continue;
+      let newDom = null;
+      for (const p of ps) {
+        const pDom = dom.get(p);
+        if (!pDom) continue;
+        if (newDom === null) newDom = new Set(pDom);
+        else {
+          // Intersect
+          for (const x of [...newDom]) if (!pDom.has(x)) newDom.delete(x);
+        }
+      }
+      if (!newDom) newDom = new Set();
+      newDom.add(n);
+      const cur = dom.get(n);
+      if (!cur || cur.size !== newDom.size || [...newDom].some(x => !cur.has(x))) {
+        dom.set(n, newDom);
+        changed = true;
+      }
+    }
+  }
+  return dom;
+}
+
+/**
+ * Compute the immediate dominator of each node.
+ *
+ *   idom[n] = the unique x in (dom[n] - {n}) that doesn't dominate any
+ *   other node in (dom[n] - {n}).
+ *
+ * Returns Map<nodeId, nodeId | null>.
+ */
+function computeImmediateDominators(dom) {
+  const idom = new Map();
+  for (const [n, ds] of dom) {
+    const candidates = [...ds].filter(x => x !== n);
+    if (candidates.length === 0) { idom.set(n, null); continue; }
+    // pick the one with the largest |dom| (closest to n).
+    let best = null;
+    let bestSize = -1;
+    for (const c of candidates) {
+      const cs = (dom.get(c) || new Set()).size;
+      if (cs > bestSize) { best = c; bestSize = cs; }
+    }
+    idom.set(n, best);
+  }
+  return idom;
+}
+
+/**
+ * Compute dominance frontiers using the standard algorithm:
+ *
+ *   for each join node j (≥2 predecessors):
+ *     for each predecessor p of j:
+ *       runner = p
+ *       while runner !== idom(j):
+ *         DF[runner].add(j)
+ *         runner = idom(runner)
+ *
+ * Returns Map<nodeId, Set<nodeId>>.
+ */
+function computeDominanceFrontiers(cfg, idom) {
+  const DF = new Map();
+  const nodes = Object.keys(cfg.nodes || {});
+  for (const n of nodes) DF.set(n, new Set());
+  const preds = new Map();
+  for (const n of nodes) preds.set(n, []);
+  for (const n of nodes) {
+    for (const s of (cfg.nodes[n]?.succ || [])) {
+      if (preds.has(s)) preds.get(s).push(n);
+    }
+  }
+  for (const j of nodes) {
+    const ps = preds.get(j) || [];
+    if (ps.length < 2) continue;
+    const idomJ = idom.get(j);
+    for (const p of ps) {
+      let runner = p;
+      let safety = nodes.length + 5;
+      while (runner && runner !== idomJ && safety-- > 0) {
+        DF.get(runner).add(j);
+        runner = idom.get(runner) || null;
+      }
+    }
+  }
+  return DF;
+}
+
+/**
+ * Collect, per CFG node, the set of variables defined at that node.
+ */
+function defsPerNode(cfg) {
+  const defs = new Map();
+  for (const id of Object.keys(cfg.nodes || {})) {
+    const n = cfg.nodes[id];
+    const set = new Set();
+    if (n && n.kind === 'assign' && typeof n.target === 'string') {
+      // Use the access path's root (the LHS top-level identifier).
+      const ap = n.target;
+      const root = ap.split('.')[0];
+      set.add(root);
+    }
+    defs.set(id, set);
+  }
+  return defs;
+}
+
+/**
+ * Place φ-nodes for variables. Returns Map<nodeId, Set<varName>> — the
+ * variables that need a φ at each node.
+ */
+function placePhis(cfg, defs, DF) {
+  // For each variable v, collect nodes where v is defined.
+  const allVars = new Set();
+  const defNodesByVar = new Map();
+  for (const [nid, vars] of defs) {
+    for (const v of vars) {
+      allVars.add(v);
+      if (!defNodesByVar.has(v)) defNodesByVar.set(v, new Set());
+      defNodesByVar.get(v).add(nid);
+    }
+  }
+  const phis = new Map();
+  for (const id of Object.keys(cfg.nodes || {})) phis.set(id, new Set());
+  for (const v of allVars) {
+    const work = [...(defNodesByVar.get(v) || [])];
+    const visited = new Set(work);
+    while (work.length) {
+      const n = work.shift();
+      const df = DF.get(n) || new Set();
+      for (const j of df) {
+        if (phis.get(j).has(v)) continue;
+        phis.get(j).add(v);
+        if (!visited.has(j)) { work.push(j); visited.add(j); }
+      }
+    }
+  }
+  return phis;
+}
+
+/**
+ * Apply Cytron-Ferrante SSA renaming to a CFG. Mutates the CFG in place:
+ *   - Every `assign` target gets renamed with `_N` suffix.
+ *   - Every read of a variable gets rewritten to the dominating def's name.
+ *   - φ-nodes are inserted at join points and carry the incoming defs.
+ *
+ * v1: we record the SSA names on a side map (`cfg.ssa.versions: Map<nid, Map<var, newName>>`)
+ * instead of rewriting the existing exprDesc structures — keeps the IR
+ * backward-compatible for engines that don't consume SSA.
+ */
+export function computeSSA(cfg) {
+  if (!cfg || !cfg.nodes || !cfg.entry) return cfg;
+  const dom = computeDominators(cfg);
+  const idom = computeImmediateDominators(dom);
+  const DF = computeDominanceFrontiers(cfg, idom);
+  const defs = defsPerNode(cfg);
+  const phis = placePhis(cfg, defs, DF);
+
+  // Renaming pass: walk dominator tree in pre-order; for each variable
+  // maintain a stack of versions. On entry to a node, push a new version
+  // for each definition; on exit, pop.
+  const ssaInfo = {
+    versions: new Map(),    // nid -> Map<var, current ssa name>
+    phis: new Map(),        // nid -> [{ var, ssaName, incoming: [{predNid, ssaName}] }]
+    nextVersion: new Map(), // var -> next index
+  };
+  // Build children-of-idom map.
+  const idomChildren = new Map();
+  for (const [n, p] of idom) {
+    if (!p) continue;
+    if (!idomChildren.has(p)) idomChildren.set(p, []);
+    idomChildren.get(p).push(n);
+  }
+
+  const counter = ssaInfo.nextVersion;
+  const stacks = new Map();
+
+  function freshName(v) {
+    const i = counter.get(v) || 0;
+    counter.set(v, i + 1);
+    return `${v}_${i}`;
+  }
+  function topOf(v) {
+    const s = stacks.get(v);
+    if (!s || !s.length) return null;
+    return s[s.length - 1];
+  }
+  function rename(nid) {
+    const n = cfg.nodes[nid];
+    if (!n) return;
+    // Materialize φ-functions at this node: each phi-var gets a fresh name.
+    const phisHere = phis.get(nid) || new Set();
+    const phiList = [];
+    for (const v of phisHere) {
+      const name = freshName(v);
+      const pushed = stacks.get(v) || [];
+      pushed.push(name);
+      stacks.set(v, pushed);
+      phiList.push({ var: v, ssaName: name, incoming: [] });
+    }
+    if (phiList.length) ssaInfo.phis.set(nid, phiList);
+
+    // Record per-node versions (read-visible).
+    const vmap = new Map();
+    for (const [v, s] of stacks) {
+      if (s.length) vmap.set(v, s[s.length - 1]);
+    }
+
+    // Handle this node's def — if `assign`, fresh-name the LHS.
+    const myDefs = defs.get(nid) || new Set();
+    for (const v of myDefs) {
+      const name = freshName(v);
+      const pushed = stacks.get(v) || [];
+      pushed.push(name);
+      stacks.set(v, pushed);
+      vmap.set(v, name);
+    }
+    ssaInfo.versions.set(nid, vmap);
+
+    // Recurse into idom children.
+    for (const child of (idomChildren.get(nid) || [])) {
+      rename(child);
+    }
+
+    // Pop the stacks we pushed.
+    for (const v of myDefs) {
+      const s = stacks.get(v);
+      if (s) s.pop();
+    }
+    for (const { var: v } of phiList) {
+      const s = stacks.get(v);
+      if (s) s.pop();
+    }
+  }
+  rename(cfg.entry);
+
+  cfg.ssa = ssaInfo;
+  return cfg;
+}
+
+/**
+ * Public helper: given a CFG with `cfg.ssa` populated, return the SSA name
+ * of `varName` as seen on entry to `nodeId`.
+ */
+export function ssaNameAt(cfg, nodeId, varName) {
+  if (!cfg || !cfg.ssa) return null;
+  const v = cfg.ssa.versions.get(nodeId);
+  if (!v) return null;
+  return v.get(varName) || null;
+}