| public CheckForStoredVulnerabilities ( ) : void | ||
| Результат | void | |
public void CheckForStoredVulnerabilities()
{
foreach (var storedVulnOut in PossibleOutStoredVulns)
{
var inExpr = PossibleInStoredVulns.FirstOrDefault(x => x.PossibleStoredVuln.StorageEquals(storedVulnOut.PossibleStoredVuln)
&& x.VulnerabilityType == storedVulnOut.VulnerabilityType);
if (inExpr == null)
{
continue;
}
reporter.ReportStoredVulnerability(new IVulnerabilityInfo[] {
new VulnerabilityInfo()
{
Message = inExpr.Message,
IncludeStack = inExpr.IncludeStack,
CallStack = inExpr.CallStack,
},
new VulnerabilityInfo()
{
Message = storedVulnOut.Message,
IncludeStack = storedVulnOut.IncludeStack,
CallStack = storedVulnOut.CallStack,
}});
}
}
public void StoredVulns_TempSanitize(string phpCode, int vulns)
{
var reporter = new Mock<IVulnerabilityReporter>();
var vulnStorage = new ReportingVulnerabilityStorage(reporter.Object);
ParseAndAnalyze(phpCode, vulnStorage);
vulnStorage.CheckForStoredVulnerabilities();
reporter.Verify(x => x.ReportStoredVulnerability(It.IsAny<IVulnerabilityInfo[]>()), Times.Exactly(vulns));
}