diffsense 2.2.12__py3-none-any.whl

sdk/cpp_adapter.py

@@ -0,0 +1,238 @@
+"""
+C++ Language Adapter for DiffSense
+
+Provides C++-specific patterns and constructs for rule development.
+"""
+
+import re
+from typing import List, Set, Pattern, Dict
+from .language_adapter import LanguageAdapter
+
+
+class CppAdapter(LanguageAdapter):
+    """
+    Language adapter for C++.
+
+    Provides C++-specific patterns for resource management, memory safety,
+    concurrency, and other language constructs.
+    """
+
+    def __init__(self):
+        super().__init__("cpp")
+        self._compile_patterns()
+
+    def _compile_patterns(self):
+        """Pre-compile commonly used patterns."""
+        # Thread Safety / Concurrency Patterns
+        self._lock_patterns = [
+            re.compile(r'std::lock_guard\s*<'),
+            re.compile(r'std::unique_lock\s*<'),
+            re.compile(r'std::shared_lock\s*<'),
+            re.compile(r'pthread_mutex_lock\s*\('),
+            re.compile(r'boost::mutex'),
+            re.compile(r'std::mutex'),
+        ]
+
+        self._unlock_patterns = [
+            re.compile(r'std::lock_guard.*release\('),
+            re.compile(r'std::unique_lock.*release\('),
+            re.compile(r'pthread_mutex_unlock\s*\('),
+            re.compile(r'\.unlock\(\)'),
+        ]
+
+        self._volatile_patterns = [
+            re.compile(r'std::atomic<'),
+            re.compile(r'volatile\s+\w+'),
+            re.compile(r'atomic_\w+\s*\('),
+        ]
+
+        # Resource Management Patterns (RAII)
+        self._resource_creation = [
+            re.compile(r'new\s+\w+'),
+            re.compile(r'fopen\s*\('),
+            re.compile(r'ifstream\s*\('),
+            re.compile(r'ofstream\s*\('),
+            re.compile(r'socket\s*\('),
+            re.compile(r'connect\s*\('),
+            re.compile(r'std::make_unique'),
+            re.compile(r'std::make_shared'),
+            re.compile(r'std::move'),
+        ]
+
+        # Error Handling Patterns
+        self._error_check = [
+            re.compile(r'catch\s*\(\s*\w+.*\)\s*\{'),
+            re.compile(r'if\s*\(\s*errno'),
+            re.compile(r'if\s*\(\s*!'),
+            re.compile(r'if\s*\(\s*nullptr'),
+            re.compile(r'if\s*\(\s*\w+\s*==\s*NULL'),
+        ]
+
+        self._error_ignore = [
+            re.compile(r'catch\s*\([^)]*\)\s*\{\s*\}'),
+            re.compile(r'catch\s*\(\s*\w+\s*&\s*\w+\s*\)\s*\{\s*\}'),
+        ]
+
+        # Memory Management Patterns
+        self._memory_patterns = [
+            re.compile(r'delete\s+\w+'),
+            re.compile(r'delete\[\]\s+\w+'),
+            re.compile(r'free\s*\('),
+            re.compile(r'malloc\s*\('),
+            re.compile(r'realloc\s*\('),
+            re.compile(r'std::unique_ptr'),
+            re.compile(r'std::shared_ptr'),
+            re.compile(r'std::weak_ptr'),
+        ]
+
+        # Security Patterns
+        self._security = {
+            'buffer_overflow': [
+                re.compile(r'strcpy\s*\('),
+                re.compile(r'strcat\s*\('),
+                re.compile(r'sprintf\s*\('),
+                re.compile(r'gets\s*\('),
+                re.compile(r'scanf\s*\([^)]*%s'),
+            ],
+            'hardcoded_secret': [
+                re.compile(r'password\s*=\s*["\'][^"\']+["\']'),
+                re.compile(r'api[_-]?key\s*=\s*["\'][^"\']+["\']'),
+                re.compile(r'secret\s*=\s*["\'][^"\']+["\']'),
+                re.compile(r'token\s*=\s*["\'][^"\']+["\']'),
+            ],
+            'command_injection': [
+                re.compile(r'system\s*\('),
+                re.compile(r'exec\s*\('),
+                re.compile(r'popen\s*\('),
+                re.compile(r'shell_exec\s*\('),
+            ],
+            'format_string': [
+                re.compile(r'printf\s*\([^,]+%s'),
+                re.compile(r'sprintf\s*\([^,]+%s'),
+            ],
+            'unsafe_pointer': [
+                re.compile(r'new\s+\w+\s*\(\s*\)'),
+                re.compile(r'\*\s*\w+\s*='),
+                re.compile(r'&(?!\w)'),
+            ],
+        }
+
+    # ==================== Thread Safety ====================
+
+    def get_thread_safe_types(self) -> Set[str]:
+        return {
+            'std::mutex', 'std::recursive_mutex', 'std::shared_mutex',
+            'std::lock_guard', 'std::unique_lock', 'std::shared_lock',
+            'std::atomic', 'std::atomic_flag',
+            'pthread_mutex_t', 'pthread_rwlock_t',
+            'concurrent_queue', 'thread',
+        }
+
+    def get_unsafe_types(self) -> Set[str]:
+        return {
+            'raw pointer', 'char*', 'void*', 'int*',
+            'std::vector', 'std::list', 'std::map', 'std::set',
+        }
+
+    def get_lock_patterns(self) -> List[Pattern]:
+        return self._lock_patterns
+
+    def get_unlock_patterns(self) -> List[Pattern]:
+        return self._unlock_patterns
+
+    def get_volatile_patterns(self) -> List[Pattern]:
+        return self._volatile_patterns
+
+    # ==================== Resource Management ====================
+
+    def get_cleanup_keywords(self) -> Set[str]:
+        return {
+            'delete', 'delete[]', 'free', 'close',
+            'fclose', 'shutdown', 'disconnect',
+            'std::unique_ptr', 'std::shared_ptr',
+            'RAII', 'destructor', '~'
+        }
+
+    def get_resource_creation_patterns(self) -> List[Pattern]:
+        return self._resource_creation
+
+    # ==================== Error Handling ====================
+
+    def get_error_types(self) -> Set[str]:
+        return {
+            'std::exception', 'std::runtime_error', 'std::logic_error',
+            'std::bad_alloc', 'std::bad_cast', 'std::out_of_range',
+            'std::invalid_argument', 'errno', 'NULL', 'nullptr'
+        }
+
+    def get_error_check_patterns(self) -> List[Pattern]:
+        return self._error_check
+
+    def get_error_ignore_patterns(self) -> List[Pattern]:
+        return self._error_ignore
+
+    # ==================== Null Safety ====================
+
+    def get_null_checks(self) -> Set[str]:
+        return {
+            '== nullptr', '!= nullptr', '!ptr',
+            'if (ptr)', 'if (!ptr)', 'if (ptr == nullptr)',
+            'NULL', 'nullptr', 'assert()'
+        }
+
+    def get_null_pointer_types(self) -> Set[str]:
+        return {
+            'nullptr', 'NULL', 'void*', 'char*', 'T*'
+        }
+
+    # ==================== Concurrency Primitives ====================
+
+    def get_concurrency_primitives(self) -> Set[str]:
+        return {
+            'std::thread', 'std::mutex', 'std::lock_guard',
+            'std::atomic', 'std::future', 'std::promise',
+            'pthread', 'pthread_mutex', 'pthread_cond',
+            'boost::thread', 'boost::mutex'
+        }
+
+    def get_thread_creation_patterns(self) -> List[Pattern]:
+        return [
+            re.compile(r'std::thread\s*\('),
+            re.compile(r'pthread_create\s*\('),
+            re.compile(r'boost::thread\s*\('),
+        ]
+
+    # ==================== Security ====================
+
+    def get_dangerous_patterns(self) -> Dict[str, List[Pattern]]:
+        return self._security
+
+    # ==================== Additional C++ specific ====================
+
+    def get_memory_management_patterns(self) -> List[Pattern]:
+        """Get patterns for memory management (smart vs raw pointers)."""
+        return self._memory_patterns
+
+    def get_raii_patterns(self) -> List[Pattern]:
+        """Get patterns for RAII (Resource Acquisition Is Initialization)."""
+        return [
+            re.compile(r'class\s+\w+.*\{'),
+            re.compile(r'~?\w+\s*\(\s*\).*\{'),
+            re.compile(r'std::unique_ptr'),
+            re.compile(r'std::shared_ptr'),
+        ]
+
+    def get_smart_pointer_patterns(self) -> List[Pattern]:
+        """Get patterns for smart pointers (preferred over raw)."""
+        return [
+            re.compile(r'std::unique_ptr'),
+            re.compile(r'std::shared_ptr'),
+            re.compile(r'std::weak_ptr'),
+            re.compile(r'std::make_unique'),
+            re.compile(r'std::make_shared'),
+        ]
+
+
+def get_adapter():
+    """Get C++ adapter instance."""
+    return CppAdapter()

sdk/go_adapter.py

@@ -0,0 +1,199 @@
+"""
+Go Language Adapter for DiffSense
+
+Provides Go-specific patterns and constructs for rule development.
+"""
+
+import re
+from typing import List, Set, Pattern, Dict
+from .language_adapter import LanguageAdapter
+
+
+class GoAdapter(LanguageAdapter):
+    """
+    Language adapter for Go.
+    
+    Provides Go-specific patterns for concurrency, channel management,
+    error handling, and other language constructs.
+    """
+    
+    def __init__(self):
+        super().__init__("go")
+        self._compile_patterns()
+    
+    def _compile_patterns(self):
+        """Pre-compile commonly used patterns."""
+        # Thread Safety / Concurrency Patterns
+        self._lock_patterns = [
+            re.compile(r'\.Lock\(\)'),
+            re.compile(r'\.RLock\(\)'),
+            re.compile(r'sync\.Mutex'),
+            re.compile(r'sync\.RWMutex'),
+            re.compile(r'sync\.Once\.Do'),
+        ]
+        
+        self._unlock_patterns = [
+            re.compile(r'\.Unlock\(\)'),
+            re.compile(r'\.RUnlock\(\)'),
+        ]
+        
+        self._volatile_patterns = [
+            re.compile(r'atomic\.(?:Load|Store|Add|Swap|CompareAndSwap)'),
+            re.compile(r'sync\/atomic\.'),
+        ]
+        
+        # Resource Management Patterns
+        self._resource_creation = [
+            re.compile(r'make\('),
+            re.compile(r'os\.Open\('),
+            re.compile(r'os\.Create\('),
+            re.compile(r'http\.(?:ListenAndServe|NewRequest)'),
+            re.compile(r'database\.Open\('),
+            re.compile(r'grpc\.Dial'),
+            re.compile(r'conn\.Open\('),
+        ]
+        
+        # Error Handling Patterns
+        self._error_check = [
+            re.compile(r'if\s+err\s*!=\s*nil'),
+            re.compile(r'if\s+err\s*==\s*nil'),
+        ]
+        
+        self._error_ignore = [
+            re.compile(r'_\s*=\s*\w+'),  # _ = function()
+            re.compile(r'_\s*:='),       # _ := function()
+        ]
+        
+        # Goroutine/Thread Creation Patterns
+        self._thread_creation = [
+            re.compile(r'\bgo\s+(?:func|\w+)'),
+            re.compile(r'go\s+\w+\('),
+            re.compile(r'go\s+func\('),
+        ]
+        
+        # Security Patterns
+        self._security = {
+            'command_injection': [
+                re.compile(r'exec\.Command'),
+                re.compile(r'syscall\.Exec'),
+                re.compile(r'syscall\.Spawn'),
+                re.compile(r'os\.Exec'),
+            ],
+            'hardcoded_secret': [
+                re.compile(r'password\s*:=\s*"[^"]+"'),
+                re.compile(r'api[_-]?key\s*:=\s*"[^"]+"'),
+                re.compile(r'secret\s*:=\s*"[^"]+"'),
+                re.compile(r'token\s*:=\s*"[^"]+"'),
+                re.compile(r'aws[_-]?secret'),
+            ],
+            'sql_injection': [
+                re.compile(r'Query\([^)]*\+[^)]*\)'),
+                re.compile(r'Exec\([^)]*\+[^)]*\)'),
+                re.compile(r'\.QueryRow\([^)]*\+'),
+            ],
+            'deserialization': [
+                re.compile(r'gob\.Decode'),
+                re.compile(r'gob\.NewDecoder'),
+                re.compile(r'json\.Unmarshal'),
+                re.compile(r'xml\.Unmarshal'),
+            ],
+            'unsafe_usage': [
+                re.compile(r'unsafe\.Pointer'),
+                re.compile(r'unsafe\.Sizeof'),
+                re.compile(r'unsafe\.Alignof'),
+                re.compile(r'unsafe\.Offsetof'),
+            ],
+            'path_traversal': [
+                re.compile(r'http\.(?:Get|Post)\s*\([^)]*\+[^)]*\)'),
+                re.compile(r'ioutil\.ReadFile\([^)]*\+[^)]*\)'),
+            ],
+        }
+    
+    # ==================== Thread Safety ====================
+    
+    def get_thread_safe_types(self) -> Set[str]:
+        return {
+            'sync.Mutex', 'sync.RWMutex', 'sync.WaitGroup', 'sync.Once',
+            'sync.Cond', 'sync.Pool', 'sync.Map', 'sync.Locker',
+            'chan', 'sync.AtomicInt32', 'sync.AtomicInt64',
+            'atomic.Int32', 'atomic.Int64', 'atomic.Uint32', 'atomic.Uint64',
+            'atomic.Pointer', 'context.Context', 'errgroup.Group'
+        }
+    
+    def get_unsafe_types(self) -> Set[str]:
+        return {
+            'map', 'slice', '[]',
+            'interface{}',  # empty interface
+            'string',  # but safe for read
+        }
+    
+    def get_lock_patterns(self) -> List[Pattern]:
+        return self._lock_patterns
+    
+    def get_unlock_patterns(self) -> List[Pattern]:
+        return self._unlock_patterns
+    
+    def get_volatile_patterns(self) -> List[Pattern]:
+        return self._volatile_patterns
+    
+    # ==================== Resource Management ====================
+    
+    def get_cleanup_keywords(self) -> Set[str]:
+        return {
+            'defer', 'close()', 'defer close()',
+            'defer func()', 'defer wg.Done()',
+            'defer cancel()'  # context cancellation
+        }
+    
+    def get_resource_creation_patterns(self) -> List[Pattern]:
+        return self._resource_creation
+    
+    # ==================== Error Handling ====================
+    
+    def get_error_types(self) -> Set[str]:
+        return {
+            'error', 'error interface',
+            'io.EOF', 'io.ErrUnexpectedEOF',
+            'syscall.Errno'
+        }
+    
+    def get_error_check_patterns(self) -> List[Pattern]:
+        return self._error_check
+    
+    def get_error_ignore_patterns(self) -> List[Pattern]:
+        return self._error_ignore
+    
+    # ==================== Null Safety ====================
+    
+    def get_null_checks(self) -> Set[str]:
+        return {
+            '== nil', '!= nil', 'if err != nil', 'if err == nil',
+            'if ctx == nil', 'if ch == nil', 'if m == nil',
+        }
+    
+    def get_null_pointer_types(self) -> Set[str]:
+        return {
+            'pointer', 'interface', 'slice', 'map', 'chan', 'func',
+            'error'  # error is nil-checkable
+        }
+    
+    # ==================== Concurrency Primitives ====================
+    
+    def get_concurrency_primitives(self) -> Set[str]:
+        return {
+            'go', 'chan', 'select', 'defer',
+            'sync.Mutex', 'sync.RWMutex', 'sync.WaitGroup',
+            'sync.Once', 'sync.Cond', 'sync.Pool', 'sync.Map',
+            'context.Context', 'context.WithCancel',
+            'context.WithTimeout', 'context.WithDeadline',
+            'errgroup.Group', 'golang.org/x/sync/errgroup',
+            'atomic', 'runtime.GOMAXPROCS'
+        }
+    
+    def get_thread_creation_patterns(self) -> List[Pattern]:
+        return self._thread_creation
+    
+    # ==================== Security ====================
+    
+    def get_dangerous_patterns(self) -> Dict[str, List[Pattern]]:
+        return self._security

sdk/java_adapter.py

@@ -0,0 +1,199 @@
+"""
+Java Language Adapter for DiffSense
+
+Provides Java-specific patterns and constructs for rule development.
+"""
+
+import re
+from typing import List, Set, Pattern, Dict
+from .language_adapter import LanguageAdapter
+
+
+class JavaAdapter(LanguageAdapter):
+    """
+    Language adapter for Java.
+    
+    Provides Java-specific patterns for thread safety, resource management,
+    error handling, and other language constructs.
+    """
+    
+    def __init__(self):
+        super().__init__("java")
+        self._compile_patterns()
+    
+    def _compile_patterns(self):
+        """Pre-compile commonly used patterns."""
+        # Thread Safety Patterns
+        self._lock_patterns = [
+            re.compile(r'synchronized'),
+            re.compile(r'\.lock\(\)'),
+            re.compile(r'\.tryLock\(\)'),
+            re.compile(r'\.wait\(\)'),
+        ]
+        
+        self._unlock_patterns = [
+            re.compile(r'\.unlock\(\)'),
+            re.compile(r'\.notify\(\)'),
+            re.compile(r'\.notifyAll\(\)'),
+        ]
+        
+        self._volatile_patterns = [
+            re.compile(r'\bvolatile\b'),
+            re.compile(r'AtomicInteger'),
+            re.compile(r'AtomicLong'),
+            re.compile(r'AtomicBoolean'),
+            re.compile(r'AtomicReference'),
+        ]
+        
+        # Resource Management Patterns
+        self._resource_creation = [
+            re.compile(r'new\s+(?:File|Input|Output)?Stream\('),
+            re.compile(r'new\s+Connection\('),
+            re.compile(r'DriverManager\.getConnection'),
+            re.compile(r'new\s+(?:Socket|ServerSocket)\('),
+            re.compile(r'new\s+Thread\('),
+            re.compile(r'Executors\.new'),
+        ]
+        
+        # Error Handling Patterns
+        self._error_check = [
+            re.compile(r'catch\s*\(\s*(\w+\s+)?\w+Exception'),
+            re.compile(r'if\s+\w+\s*==\s*null'),
+            re.compile(r'if\s+\w+\s*!=\s*null'),
+            re.compile(r'Objects\.isNull'),
+            re.compile(r'Objects\.nonNull'),
+        ]
+        
+        self._error_ignore = [
+            re.compile(r'catch\s*\(\s*Exception\s*\)'),
+            re.compile(r'catch\s*\(\s*\s*\)'),
+            re.compile(r'catch\s*\(\s*Throwable\s*\)'),
+        ]
+        
+        # Thread Creation Patterns
+        self._thread_creation = [
+            re.compile(r'new\s+Thread\('),
+            re.compile(r'executor\.submit'),
+            re.compile(r'CompletableFuture\.runAsync'),
+            re.compile(r'CompletableFuture\.supplyAsync'),
+            re.compile(r'new\s+(?:Fixed|Cached|Single)ThreadPool'),
+        ]
+        
+        # Security Patterns
+        self._security = {
+            'sql_injection': [
+                re.compile(r'Statement.*\+'),
+                re.compile(r'executeQuery.*\+'),
+                re.compile(r'createStatement\(\).*\+'),
+            ],
+            'hardcoded_secret': [
+                re.compile(r'password\s*=\s*"[^"]+"'),
+                re.compile(r'api[_-]?key\s*=\s*"[^"]+"'),
+                re.compile(r'secret\s*=\s*"[^"]+"'),
+                re.compile(r'token\s*=\s*"[^"]+"'),
+            ],
+            'command_injection': [
+                re.compile(r'Runtime\.getRuntime\(\)\.exec'),
+                re.compile(r'ProcessBuilder'),
+            ],
+            'deserialization': [
+                re.compile(r'ObjectInputStream'),
+                re.compile(r'XMLDecoder'),
+                re.compile(r'YAML\.load'),
+            ],
+        }
+    
+    # ==================== Thread Safety ====================
+    
+    def get_thread_safe_types(self) -> Set[str]:
+        return {
+            'ConcurrentHashMap', 'ConcurrentMap', 'ConcurrentLinkedQueue',
+            'ConcurrentLinkedDeque', 'ConcurrentSkipListMap', 'ConcurrentSkipListSet',
+            'CopyOnWriteArrayList', 'CopyOnWriteArraySet',
+            'AtomicInteger', 'AtomicLong', 'AtomicBoolean', 'AtomicReference',
+            'AtomicIntegerArray', 'AtomicLongArray',
+            'Collections.synchronizedMap', 'Collections.synchronizedList',
+            'Collections.synchronizedSet', 'Vector', 'Stack', 'Hashtable',
+            'BlockingQueue', 'BlockingDeque', 'LinkedBlockingQueue',
+            'Semaphore', 'CountDownLatch', 'CyclicBarrier', 'Exchanger'
+        }
+    
+    def get_unsafe_types(self) -> Set[str]:
+        return {
+            'HashMap', 'ArrayList', 'HashSet', 'LinkedList',
+            'LinkedHashMap', 'LinkedHashSet', 'TreeMap', 'TreeSet',
+            'Map', 'List', 'Set', 'Collection',
+            'StringBuilder', 'StringBuffer',  # when shared across threads
+        }
+    
+    def get_lock_patterns(self) -> List[Pattern]:
+        return self._lock_patterns
+    
+    def get_unlock_patterns(self) -> List[Pattern]:
+        return self._unlock_patterns
+    
+    def get_volatile_patterns(self) -> List[Pattern]:
+        return self._volatile_patterns
+    
+    # ==================== Resource Management ====================
+    
+    def get_cleanup_keywords(self) -> Set[str]:
+        return {
+            'close()', 'finally', 'try-with-resources',
+            'closeQuietly', 'IOUtils.closeQuietly'
+        }
+    
+    def get_resource_creation_patterns(self) -> List[Pattern]:
+        return self._resource_creation
+    
+    # ==================== Error Handling ====================
+    
+    def get_error_types(self) -> Set[str]:
+        return {
+            'Exception', 'RuntimeException', 'Throwable',
+            'Error', 'IOException', 'SQLException',
+            'NullPointerException', 'IllegalArgumentException',
+            'IllegalStateException', 'ConcurrentModificationException'
+        }
+    
+    def get_error_check_patterns(self) -> List[Pattern]:
+        return self._error_check
+    
+    def get_error_ignore_patterns(self) -> List[Pattern]:
+        return self._error_ignore
+    
+    # ==================== Null Safety ====================
+    
+    def get_null_checks(self) -> Set[str]:
+        return {
+            '== null', '!= null', 'Objects.isNull', 'Objects.nonNull',
+            'Optional.ofNullable', 'Optional.empty', 'isPresent',
+            'if (obj == null)', 'if (obj != null)'
+        }
+    
+    def get_null_pointer_types(self) -> Set[str]:
+        return {
+            'Object', 'String', 'List', 'Map', 'Set', 'Collection',
+            'Array', 'Integer', 'Long', 'Double', 'Float', 'Boolean',
+            'Date', 'BigDecimal', 'Optional'
+        }
+    
+    # ==================== Concurrency Primitives ====================
+    
+    def get_concurrency_primitives(self) -> Set[str]:
+        return {
+            'synchronized', 'volatile', 'Thread', 'Runnable', 'Callable',
+            'ExecutorService', 'Executor', 'ThreadPoolExecutor',
+            'Future', 'CompletableFuture', 'CountDownLatch',
+            'CyclicBarrier', 'Semaphore', 'ReentrantLock', 'ReentrantReadWriteLock',
+            'AtomicInteger', 'AtomicLong', 'AtomicBoolean', 'AtomicReference',
+            'ConcurrentHashMap', 'ConcurrentMap', 'Collections.synchronizedMap'
+        }
+    
+    def get_thread_creation_patterns(self) -> List[Pattern]:
+        return self._thread_creation
+    
+    # ==================== Security ====================
+    
+    def get_dangerous_patterns(self) -> Dict[str, List[Pattern]]:
+        return self._security