sola-st
diff --git a/‎src/dylin/analyses/Arrays_Comparable.py‎
Lines changed: 56 additions & 0 deletions b/‎src/dylin/analyses/Arrays_Comparable.py‎
Lines changed: 56 additions & 0 deletions
diff --git a/‎src/dylin/analyses/Console_CloseErrorWriter.py‎
Lines changed: 43 additions & 0 deletions b/‎src/dylin/analyses/Console_CloseErrorWriter.py‎
Lines changed: 43 additions & 0 deletions
diff --git a/‎src/dylin/analyses/Console_CloseReader.py‎
Lines changed: 43 additions & 0 deletions b/‎src/dylin/analyses/Console_CloseReader.py‎
Lines changed: 43 additions & 0 deletions
diff --git a/‎src/dylin/analyses/Console_CloseWriter.py‎
Lines changed: 43 additions & 0 deletions b/‎src/dylin/analyses/Console_CloseWriter.py‎
Lines changed: 43 additions & 0 deletions
diff --git a/‎src/dylin/analyses/CreateWidgetOnSameFrameCanvas.py‎
Lines changed: 64 additions & 0 deletions b/‎src/dylin/analyses/CreateWidgetOnSameFrameCanvas.py‎
Lines changed: 64 additions & 0 deletions
diff --git a/‎src/dylin/analyses/HostnamesTerminatesWithSlash.py‎
Lines changed: 47 additions & 0 deletions b/‎src/dylin/analyses/HostnamesTerminatesWithSlash.py‎
Lines changed: 47 additions & 0 deletions
diff --git a/‎src/dylin/analyses/NLTK_RegexpTokenizerCapturingParentheses.py‎
Lines changed: 74 additions & 0 deletions b/‎src/dylin/analyses/NLTK_RegexpTokenizerCapturingParentheses.py‎
Lines changed: 74 additions & 0 deletions
@@ -0,0 +1,56 @@
+# ============================== Define spec ==============================
+from .base_analysis import BaseDyLinAnalysis
+from dynapyt.instrument.filters import only
+
+from typing import Callable, Tuple, Dict
+
+
+"""
+    This specification ensures that the elements of an array are comparable before sorting them.
+    Source: https://docs.python.org/3/library/functions.html#sorted.
+"""
+
+
+class Arrays_Comparable(BaseDyLinAnalysis):
+
+    def __init__(self, **kwargs) -> None:
+        super().__init__(**kwargs)
+        self.analysis_name = "Arrays_Comparable"
+
+    @only(patterns=["sorted"])
+    def pre_call(
+        self, dyn_ast: str, iid: int, function: Callable, pos_args: Tuple, kw_args: Dict
+    ) -> None:
+        # The target class names for monitoring
+        targets = ["builtins"]
+
+        # Get the class name
+        if hasattr(function, '__module__'):
+            class_name = function.__module__
+        else:
+            class_name = None
+
+        # Check if the class name is the target ones
+        if class_name in targets:
+
+            # Spec content
+            objs = pos_args[0]
+            if isinstance(objs, list):
+                new_objs = objs[:]  # Shallow copy the elements in the list inputted.
+                if kw_args.get('key'):  # If a key method for comparison is provided.
+                    key = kw_args['key']  # Store the key method.
+                    for i in range(len(new_objs)):  # Convert the elements using the inputted key method.
+                        new_objs[i] = key(new_objs[i])
+                try:  # Check if the object is comparable.
+                    for i in range(len(new_objs)):
+                        for j in range(i + 1, len(new_objs)):
+                            # This will raise a TypeError if elements at i and j are not comparable.
+                            _ = new_objs[i] < new_objs[j]
+                except TypeError:
+                    self.add_finding(
+                        iid,
+                        dyn_ast,
+                        "B-1",
+                        f"Array with non-comparable elements is about to be sorted at {dyn_ast}."
+                    )
+# =========================================================================
@@ -0,0 +1,43 @@
+# ============================== Define spec ==============================
+from .base_analysis import BaseDyLinAnalysis
+from dynapyt.instrument.filters import only
+
+from typing import Callable, Tuple, Dict
+
+
+"""
+    This specification warns if close() is invoked on sys.stderr which is a useless invocation.
+    Source: https://docs.python.org/3/faq/library.html#why-doesn-t-closing-sys-stdout-stdin-stderr-really-close-it.
+"""
+
+
+class Console_CloseErrorWriter(BaseDyLinAnalysis):
+
+    def __init__(self, **kwargs) -> None:
+        super().__init__(**kwargs)
+        self.analysis_name = "Console_CloseErrorWriter"
+
+    @only(patterns=["close"])
+    def pre_call(
+        self, dyn_ast: str, iid: int, function: Callable, pos_args: Tuple, kw_args: Dict
+    ) -> None:
+        # The target class names for monitoring
+        targets = ["<stderr>"]
+
+        # Get the class name
+        if hasattr(function, '__self__') and hasattr(function.__self__, 'name'):
+            class_name = function.__self__.name
+        else:
+            class_name = None
+
+        # Check if the class name is the target ones
+        if class_name in targets:
+
+            # Spec content
+            self.add_finding(
+                iid,
+                dyn_ast,
+                "B-2",
+                f"close() is invoked on sys.stderr which is a useless invocation at {dyn_ast}."
+            )
+# =========================================================================
@@ -0,0 +1,43 @@
+# ============================== Define spec ==============================
+from .base_analysis import BaseDyLinAnalysis
+from dynapyt.instrument.filters import only
+
+from typing import Callable, Tuple, Dict
+
+
+"""
+    This specification warns if close() is invoked on sys.stdin which is a useless invocation.
+    Source: https://docs.python.org/3/faq/library.html#why-doesn-t-closing-sys-stdout-stdin-stderr-really-close-it.
+"""
+
+
+class Console_CloseReader(BaseDyLinAnalysis):
+
+    def __init__(self, **kwargs) -> None:
+        super().__init__(**kwargs)
+        self.analysis_name = "Console_CloseReader"
+
+    @only(patterns=["close"])
+    def pre_call(
+        self, dyn_ast: str, iid: int, function: Callable, pos_args: Tuple, kw_args: Dict
+    ) -> None:
+        # The target class names for monitoring
+        targets = ["<stdin>"]
+
+        # Get the class name
+        if hasattr(function, '__self__') and hasattr(function.__self__, 'name'):
+            class_name = function.__self__.name
+        else:
+            class_name = None
+
+        # Check if the class name is the target ones
+        if class_name in targets:
+
+            # Spec content
+            self.add_finding(
+                iid,
+                dyn_ast,
+                "B-3",
+                f"close() is invoked on sys.stdin which is a useless invocation at {dyn_ast}."
+            )
+# =========================================================================
@@ -0,0 +1,43 @@
+# ============================== Define spec ==============================
+from .base_analysis import BaseDyLinAnalysis
+from dynapyt.instrument.filters import only
+
+from typing import Callable, Tuple, Dict
+
+
+"""
+    This specification warns if close() is invoked on sys.stdout which is a useless invocation.
+    Source: https://docs.python.org/3/faq/library.html#why-doesn-t-closing-sys-stdout-stdin-stderr-really-close-it.
+"""
+
+
+class Console_CloseWriter(BaseDyLinAnalysis):
+
+    def __init__(self, **kwargs) -> None:
+        super().__init__(**kwargs)
+        self.analysis_name = "Console_CloseWriter"
+
+    @only(patterns=["close"])
+    def pre_call(
+        self, dyn_ast: str, iid: int, function: Callable, pos_args: Tuple, kw_args: Dict
+    ) -> None:
+        # The target class names for monitoring
+        targets = ["<stdout>"]
+
+        # Get the class name
+        if hasattr(function, '__self__') and hasattr(function.__self__, 'name'):
+            class_name = function.__self__.name
+        else:
+            class_name = None
+
+        # Check if the class name is the target ones
+        if class_name in targets:
+
+            # Spec content
+            self.add_finding(
+                iid,
+                dyn_ast,
+                "B-4",
+                f"close() is invoked on sys.stdout which is a useless invocation at {dyn_ast}."
+            )
+# =========================================================================
@@ -0,0 +1,64 @@
+# ============================== Define spec ==============================
+from .base_analysis import BaseDyLinAnalysis
+from dynapyt.instrument.filters import only
+
+from typing import Callable, Tuple, Dict
+
+
+"""
+    This specification ensures that canvas widgets are added only to the CanvasFrame's designated canvas
+    source: https://www.nltk.org/api/nltk.draw.util.html#nltk.draw.util.CanvasFrame.add_widget
+"""
+
+
+class CreateWidgetOnSameFrameCanvas(BaseDyLinAnalysis):
+
+    def __init__(self, **kwargs) -> None:
+        super().__init__(**kwargs)
+        self.analysis_name = "CreateWidgetOnSameFrameCanvas"
+
+    @only(patterns=["add_widget"])
+    def pre_call(
+        self, dyn_ast: str, iid: int, function: Callable, pos_args: Tuple, kw_args: Dict
+    ) -> None:
+        # The target class names for monitoring
+        targets = ["nltk.draw.util.CanvasFrame"]
+
+        # Get the class name
+        if hasattr(function, '__self__') and hasattr(function.__self__, '__class__'):
+            cls = function.__self__.__class__
+            class_name = cls.__module__ + "." + cls.__name__
+        else:
+            class_name = None
+
+        # Check if the class name is the target ones
+        if class_name in targets:
+
+            # Spec content
+            args = pos_args
+            kwargs = kw_args
+
+            canvasFrame = function.__self__  # Updated to use the self object
+            canvasWidget = None
+
+            if len(args) > 1:
+                canvasWidget = args[1]
+            else:
+                canvasWidget = kwargs['canvaswidget']
+
+            fCanvas = canvasFrame.canvas()
+            wCanvas = canvasWidget.canvas()
+
+            # TODO: Do we need to recursively check the children of the CanvasWidget?
+            # Logically, it makes sense, but docs don't mention it directly.
+
+            if wCanvas.winfo_id() != fCanvas.winfo_id():
+
+                # Spec content
+                self.add_finding(
+                    iid,
+                    dyn_ast,
+                    "B-5",
+                    f"CanvasWidget must be created on the same canvas as the CanvasFrame it is being added to at {dyn_ast}."
+                )
+# =========================================================================
@@ -0,0 +1,47 @@
+# ============================== Define spec ==============================
+from .base_analysis import BaseDyLinAnalysis
+from dynapyt.instrument.filters import only
+
+from typing import Callable, Tuple, Dict
+
+
+"""
+    It is recommended to terminate full hostnames with a /.
+"""
+
+
+class HostnamesTerminatesWithSlash(BaseDyLinAnalysis):
+
+    def __init__(self, **kwargs) -> None:
+        super().__init__(**kwargs)
+        self.analysis_name = "HostnamesTerminatesWithSlash"
+
+    @only(patterns=["mount"])
+    def pre_call(
+        self, dyn_ast: str, iid: int, function: Callable, pos_args: Tuple, kw_args: Dict
+    ) -> None:
+        # The target class names for monitoring
+        targets = ["requests.sessions.Session"]
+
+        # Get the class name
+        if hasattr(function, '__self__') and hasattr(function.__self__, '__class__'):
+            cls = function.__self__.__class__
+            class_name = cls.__module__ + "." + cls.__name__
+        else:
+            class_name = None
+
+        # Check if the class name is the target ones
+        if class_name in targets:
+
+            # Spec content
+            url = pos_args[0]  # Updated to use the first argument as self is not considered here
+            if not url.endswith('/'):
+
+                # Spec content
+                self.add_finding(
+                    iid,
+                    dyn_ast,
+                    "B-6",
+                    f"The call to method mount in file at {dyn_ast} does not terminate the hostname with a /."
+                )
+# =========================================================================
@@ -0,0 +1,74 @@
+# ============================== Define spec ==============================
+from .base_analysis import BaseDyLinAnalysis
+from dynapyt.instrument.filters import only
+
+from typing import Callable, Tuple, Dict
+import re
+
+
+"""
+    RegexpTokenizer pattern must not contain capturing parentheses
+    src: https://www.nltk.org/api/nltk.tokenize.regexp.html
+"""
+
+
+def contains_capturing_groups(pattern):
+    regex = re.compile(pattern)
+
+    if regex.groups > 0:
+        # Further check to distinguish capturing from non-capturing by examining the pattern
+        # This involves checking all group occurrences in the pattern
+        # We need to avoid matching escaped parentheses \( or \) and non-capturing groups (?: ...)
+        non_capturing = re.finditer(r'\(\?[:=!]', pattern)
+        non_capturing_indices = {match.start() for match in non_capturing}
+        
+        # Finding all parentheses that could start a group
+        all_groups = re.finditer(r'\((?!\?)', pattern)
+        for match in all_groups:
+            if match.start() not in non_capturing_indices:
+                return True  # Found at least one capturing group
+        return False
+    else:
+        return False
+
+
+class NLTK_RegexpTokenizerCapturingParentheses(BaseDyLinAnalysis):
+
+    def __init__(self, **kwargs) -> None:
+        super().__init__(**kwargs)
+        self.analysis_name = "NLTK_RegexpTokenizerCapturingParentheses"
+
+    @only(patterns=["RegexpTokenizer"])
+    def pre_call(
+        self, dyn_ast: str, iid: int, function: Callable, pos_args: Tuple, kw_args: Dict
+    ) -> None:
+        # The target class names for monitoring
+        targets = ["nltk.tokenize.regexp.RegexpTokenizer"]
+
+        # Get the class name
+        if hasattr(function, '__module__') and hasattr(function, '__name__'):
+            class_name = function.__module__ + "." + function.__name__
+        else:
+            class_name = None
+
+        # Check if the class name is the target ones
+        if class_name in targets:
+
+            # Spec content
+            pattern = None
+            if kw_args.get('pattern'):
+                pattern = kw_args['pattern']
+            elif len(pos_args) > 1:
+                pattern = pos_args[1]
+
+            # Check if the regular expression is empty
+            if pattern is not None and contains_capturing_groups(pattern):
+
+                # Spec content
+                self.add_finding(
+                    iid,
+                    dyn_ast,
+                    "B-9",
+                    f"Must use non_capturing parentheses for RegexpTokenizer pattern at {dyn_ast}."
+                )
+# =========================================================================