public ImmutableVariableStorage GetTaint()
{
var superglobals = new List<Variable> {
new Variable("_GET", VariableScope.SuperGlobal),
new Variable("_POST", VariableScope.SuperGlobal),
new Variable("_REQUEST", VariableScope.SuperGlobal),
new Variable("_COOKIE", VariableScope.SuperGlobal),
DefaultServerVariable()
};
var globals = new List<Variable> {
new Variable("HTTP_GET_VARS", VariableScope.File),
new Variable("HTTP_POST_VARS", VariableScope.File),
new Variable("HTTP_SERVER_VARS", VariableScope.File),
new Variable("HTTP_COOKIE_VARS", VariableScope.File),
};
Action<Variable> setDefaultTaint = x =>
{
x.Info.NestedVariableDefaultTaintFactory = _taintedTaintFactory;
x.Info.DefaultDimensionTaintFactory = _taintedTaintFactory;
x.Info.NestedVariablePossibleStoredDefaultTaintFactory = _untaintedTaintFactory;
};
globals.ForEach(setDefaultTaint);
superglobals.ForEach(setDefaultTaint);
superglobals.AddRange(new[]
{
new Variable("GLOBALS", VariableScope.SuperGlobal),
new Variable("_FILES", VariableScope.SuperGlobal),
new Variable("_SESSION", VariableScope.SuperGlobal),
new Variable("_ENV", VariableScope.SuperGlobal),
});
var rawPost = new Variable("HTTP_RAW_POST_DATA", VariableScope.File) { Info = { Taints = _taintedTaintFactory() } };
var argv = new Variable("argv", VariableScope.File);
// Docs: "The first argument $argv[0] is always the name that was used to run the script." - goo.gl/hrek2V
argv.Info.Variables.Add(new VariableTreeDimension() { Index = 0, Key = "0" }, new Variable("0", VariableScope.Instance));
globals.AddRange(new[] {rawPost, argv});
var varStorage = new VariableStorage();
varStorage.SuperGlobals.AddRange(superglobals.ToDictionary(s => s.Name, s => s));
varStorage.GlobalVariables.AddRange(globals.ToDictionary(g => g.Name, g => g));
return ImmutableVariableStorage.CreateFromMutable(varStorage);
}