Revert to 0.3.1 on master to avoid complaints until dev is released.

octopus-platform · Dec 26, 2016 · 642e2c1 · 642e2c1
1 parent d928ff1
commit 642e2c1
Show file tree

Hide file tree

Showing 1,610 changed files with 28,913 additions and 76,746 deletions.
diff --git a/.classpath b/.classpath
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" path="src"/>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
+	<classpathentry kind="con" path="org.eclipse.jdt.junit.JUNIT_CONTAINER/4"/>
+	<classpathentry kind="lib" path="lib/commons-cli-1.2.jar"/>
+	<classpathentry kind="lib" path="lib/lucene-core-3.6.2.jar"/>
+	<classpathentry kind="lib" path="lib/geronimo-jta_1.1_spec-1.1.1.jar"/>
+	<classpathentry kind="lib" path="lib/antlr4-annotations-4.2.1-SNAPSHOT.jar"/>
+	<classpathentry kind="lib" path="lib/antlr4-runtime-4.2.1-SNAPSHOT.jar"/>
+	<classpathentry kind="lib" path="lib/neo4j-kernel-2.1.5.jar"/>
+	<classpathentry kind="lib" path="lib/neo4j-lucene-index-2.1.5.jar"/>
+	<classpathentry kind="lib" path="lib/neo4j-primitive-collections-2.1.5.jar"/>
+	<classpathentry kind="output" path="bin"/>
+</classpath>
diff --git a/.gitignore b/.gitignore
diff --git a/.project b/.project
@@ -0,0 +1,17 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<projectDescription>
+	<name>joern</name>
+	<comment></comment>
+	<projects>
+	</projects>
+	<buildSpec>
+		<buildCommand>
+			<name>org.eclipse.jdt.core.javabuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+	</buildSpec>
+	<natures>
+		<nature>org.eclipse.jdt.core.javanature</nature>
+	</natures>
+</projectDescription>
diff --git a/AUTHORS b/AUTHORS
@@ -1,5 +1,5 @@
+Fabian Yamaguchi <fabian.yamaguchi@cs.uni-goettingen.de>
+
 Contributors:
 
-Fabian Yamaguchi <fabian.yamaguchi@cs.uni-goettingen.de> (main developer)
 Alwin Maier <alwin.maier@stud.uni-goettingen.de>
-Malte Skoruppa <skoruppa@cs.uni-saarland.de> (php support)
diff --git a/LICENSE b/LICENSE
diff --git a/build.gradle b/build.gradle
diff --git a/build.sh b/build.sh
diff --git a/build.xml b/build.xml
@@ -0,0 +1,86 @@
+<?xml version="1.0"?>
+<project name="Joern" default="jar" basedir=".">
+
+  <property name="src.dir" location="src" />
+  <property name="build.dir" location="bin" />
+  <property name="lib.dir" location="lib" />
+  <property name="test.dir" location="src" />
+  <property name="test.report.dir" location="testreport" />
+
+  <!-- Junit class path -->
+  <path id="junit.class.path">
+    <pathelement location="lib/junit.jar" />
+    <pathelement location="${build.dir}" />
+  </path>
+
+  <!-- Add jars to the classpath -->
+  <path id="joern.classpath">
+        <pathelement location="bin"/>
+        <path refid="junit.class.path"/>
+        <pathelement location="${lib.dir}/antlr4-runtime-4.2.1-SNAPSHOT.jar"/>
+	<pathelement location="${lib.dir}/antlr4-annotations-4.2.1-SNAPSHOT.jar"/>
+	<pathelement location="${lib.dir}/commons-cli-1.2.jar"/>
+        <pathelement location="${lib.dir}/lucene-core-3.6.2.jar"/>
+        <pathelement location="${lib.dir}/neo4j-kernel-2.1.5.jar"/>
+        <pathelement location="${lib.dir}/neo4j-lucene-index-2.1.5.jar"/>
+	<pathelement location="${lib.dir}/neo4j-primitive-collections-2.1.5.jar"/>
+    </path>
+
+  <target name="clean">
+    <delete dir="${build.dir}" />
+    <delete dir="${test.report.dir}" />
+  </target>
+
+  <target name="makedir">
+    <mkdir dir="${build.dir}" />
+    <mkdir dir="${test.report.dir}" />
+  </target>
+
+  <target name="compile">
+    <javac srcdir="${src.dir}" destdir="${build.dir}" includeantruntime="false">
+	<src path="src"/> 
+	<classpath refid="joern.classpath"/>
+    </javac>
+  </target>
+
+  <target name="jar" depends="clean,makedir,compile">
+    <jar destfile="${build.dir}/joern.jar"
+         basedir="${build.dir}"
+         includes="**/*.class">
+      <manifest>
+        <attribute name="Main-Class" value="tools.index.IndexMain" />
+      </manifest>
+    <fileset dir="${build.dir}" includes="**/*.class" />
+    <zipgroupfileset dir="${lib.dir}" includes="**/*.jar" />
+    </jar>
+  </target>
+
+  <target name="tools" depends="icfg,argumentTainter">
+  </target>
+
+  <target name="icfg" depends="compile">
+    <jar destfile="${build.dir}/icfg.jar"
+         basedir="${build.dir}"
+         includes="**/*.class">
+      <manifest>
+        <attribute name="Main-Class" value="tools.icfg.ICFGMain" />
+      </manifest>
+    <fileset dir="${build.dir}" includes="**/*.class" />
+    <zipgroupfileset dir="${lib.dir}" includes="**/*.jar" />
+    </jar>
+  </target>
+
+  <target name="argumentTainter" depends="compile">
+    <jar destfile="${build.dir}/argumentTainter.jar"
+         basedir="${build.dir}"
+         includes="**/*.class">
+      <manifest>
+        <attribute name="Main-Class" value="tools.argumentTainter.ArgumentTainterMain" />
+      </manifest>
+    <fileset dir="${build.dir}" includes="**/*.class" />
+    <zipgroupfileset dir="${lib.dir}" includes="**/*.jar" />
+    </jar>
+  </target>
+
+
+</project>
diff --git a/docs/Makefile b/docs/Makefile
@@ -3,7 +3,7 @@
 
 # You can set these variables from the command line.
 SPHINXOPTS    =
-SPHINXBUILD   = sphinx-build
+SPHINXBUILD   = sphinx-build2
 PAPER         =
 BUILDDIR      = build
 

diff --git a/docs/source/access.rst b/docs/source/access.rst
@@ -0,0 +1,92 @@
+Accessing Code with python-joern
+=================================
+
+Once code has been imported into a Neo4j database, it can be accessed
+using a number of different interfaces and programming languages. One
+of the simplest possibilities is to create a standalone Neo4J server
+instance as described in the previous section and connect to this
+server using ``python-joern``, the python interface to joern.
+
+**General Note:** It is highly recommended to test your installation on a
+small code base first. The same is true for early attempts of creating
+search queries, as erroneous queries will often run for a very long
+time on large code bases, making a trial-and-error approach
+unfeasible.
+
+Basic Usage
+-----------
+
+Python-joern currently provides a single class, JoernSteps, that
+allows to connect to the database server and run queries. The
+following is a simple sample script that employs JoernSteps to
+configure the database connection, connect to the server and run a
+Gremlin query.
+
+::
+
+	from joern.all import JoernSteps
+
+	j = JoernSteps()
+
+	j.setGraphDbURL('http://localhost:7474/db/data/')
+
+	# j.addStepsDir('Use this to inject utility traversals')
+
+	j.connectToDatabase()
+
+	res =  j.runGremlinQuery('getFunctionsByName("main")')
+	# res =  j.runCypherQuery('...')
+
+	for r in res: print r
+
+
+python-joern API
+----------------
+
+The sample script described in the previous section employs all
+methods offered by JoernSteps. We now discuss each of these methods in
+detail.
+
+setGraphDbURL(url)
+"""""""""""""""""""
+
+**Sets the URL of the graph database server.** The REST API of the
+Neo4J Database server is exposed on port 7474 by default. If your
+server runs on a different port or server, you can use setGraphDbURL
+to specify the alternate URL.
+
+addStepsDir(dirname)
+""""""""""""""""""""
+
+**Add a source directory for utility traversals.** By default,
+python-joern will inject all utility traversals contained in any of
+the source files in joern/joernsteps into the database before running
+scripts. Additional traversals specific to your application or
+analysis are best placed in a separate directory. python-joern can be
+instructed to honor this additional directory using addStepsDir.
+
+connectToDatabase()
+"""""""""""""""""""
+
+**Connect to the database.** Call this method once the connection has
+been configured to connect to the database server. A connection is
+required before queries can be executed.
+
+runGremlinQuery(query)
+""""""""""""""""""""""
+
+**Run the specified Gremlin query.** The supplied query is executed
+and the result is returned. Depending on the query, the result may
+have a different data type, however, it is typically an iterable
+containing nodes that match the query.
+
+
+runCypherQuery(query)
+"""""""""""""""""""""
+
+**Run the specified Cypher query.** The supplied query is executed
+and the result is returned. Depending on the query, the result may
+have a different data type, however, it is typically an iterable
+containing nodes that match the query.
+
+
diff --git a/docs/source/databaseOverview.rst b/docs/source/databaseOverview.rst
@@ -84,3 +84,11 @@ of global variables are saved in declaration statement nodes and
 connected to the source file they are contained in using
 ``IS_FILE_OF`` edges.
 
+The Node Index
+---------------
+
+In addition to the graphs stored in the Neo4J database, Joern makes an
+Apache Lucene Index available that allows nodes to be quickly
+retrieved based on their properties. This is particularly useful to
+select start nodes for graph database traversals. For examples of node
+index usage, refer to :doc:`querying`.
diff --git a/docs/source/development.rst b/docs/source/development.rst
@@ -10,28 +10,55 @@ clone the git repository by issuing the following command:
 
 .. code-block:: none
 
-	git clone https://github.com/ocotopus-platform/joern.git
+	git clone https://github.com/fabsx00/joern.git
+
+Optionally, change to the branch of interest. For example, to test the
+development version, issue the following:
+
+.. code-block:: none
+
+	git checkout dev
 
 If you want to report issues or suggest new features, please do so via
-https://github.com/octopus-platform/joern . For fixes, please fork the
-repository and issue a pull request.
+https://github.com/fabsx00/joern . For fixes, please fork the
+repository and issue a pull request or alternatively send a diff to
+the developers by mail. 
 
-Build system and IDEs
+Modifying Grammar Definitions
 ------------------------------
 
-Joern is a multi-module Gradle project where Java/Groovy sub-projects
-are located in the directory 'projects', while python projects reside
-in the directory 'python'.
+When building Joern, pre-generated versions of the parsers will be
+used by default. This is fine in most cases, however, if you want to
+make changes to the grammar definition files, you will need to
+regenerate parsers using the antlr4 tool. For this purpose, it is
+highly recommended to use the optimized version of ANTLR4 to gain
+maximum performance.
+
+To build the optimized version of ANTLR4, do the following:
+
+.. code-block:: none
+
+	git clone https://github.com/sharwell/antlr4/
+	cd antlr4
+	mvn -N install
+	mvn -DskipTests=true -Dgpg.skip=true -Psonatype-oss-release -Djava6.home=$PATH_TO_JRE install
+
+
+If the last step gives you an error, try building without
+``-Psonatype-oss-release``.
+
+.. code-block:: none
+
+	mvn -DskipTests=true -Dgpg.skip=true -Djava6.home=$PATH_TO_JRE install
+
+Next, copy the antlr4 tool and runtime to the following locations:
+
+.. code-block:: none
 
-To start hacking on Joern, make sure you can build it using the
-supplied build script `build.sh`. For small modifications, it may be
-sufficient to edit the source files using a simple text editor, and
-subsequently invoking this script.
+	cp tool/target/antlr4-$VERSION-complete.jar $JOERN/
+	cp runtime/Java/target/antlr4-runtime-$VERSION-SNAPSHOT.jar $JOERN/lib
 
-For larger changes, please consider using a JAVA IDE such as IntelliJ
-or Eclipse. We use both of these IDEs for Joern-development on a
-regular basis, so the import should hopefully be possible without
-trouble using the corresponding Gradle plugin. IntelliJ typically
-comes with a gradle plugin pre-installed, and Eclipse offers a plugin
-in its "Marketplace".
+where $JOERN is the directory containing the $JOERN installation.
 
+Parsers can then be regenerated by executing the script
+``$JOERN/genParsers.sh``.