/** * @fileoverview Enhanced Taint Analyzer with interprocedural analysis * @module @nahisaho/musubix-security/analysis/enhanced-taint-analyzer * @trace REQ-SEC-001 (EARS: THE system SHALL provide interprocedural taint analysis) * @trace TSK-SEC-008 */ import type { TaintResult, TaintAnalysisOptions } from '../types/index.js'; import type { DataFlowGraph } from '@nahisaho/musubix-dfg'; import { type CallGraph, type CallGraphStatistics } from './interprocedural/call-graph-builder.js'; import { type TaintFinding } from './interprocedural/taint-propagator.js'; import { type DFGTaintResult, type DFGTaintStatistics } from './interprocedural/dfg-adapter.js'; import type { SourceDefinition } from './sources/types.js'; import type { SinkDefinition } from './sinks/types.js'; /** * Options for enhanced taint analysis */ export interface EnhancedTaintOptions extends TaintAnalysisOptions { /** Enable interprocedural analysis */ interprocedural?: boolean; /** Enable DFG-based analysis */ useDFG?: boolean; /** Include call graph building */ buildCallGraph?: boolean; /** Maximum call depth for interprocedural analysis */ maxCallDepth?: number; /** Track implicit flows (control dependencies) */ trackImplicitFlows?: boolean; /** Custom source definitions */ customSourceDefinitions?: SourceDefinition[]; /** Custom sink definitions */ customSinkDefinitions?: SinkDefinition[]; } /** * Result from enhanced taint analysis */ export interface EnhancedTaintResult extends TaintResult { /** Call graph (if built) */ callGraph?: CallGraph; /** Call graph statistics */ callGraphStats?: CallGraphStatistics; /** Interprocedural findings */ interproceduralFindings?: TaintFinding[]; /** DFG-based results (if enabled) */ dfgResults?: DFGTaintResult[]; /** DFG statistics */ dfgStats?: DFGTaintStatistics; /** Analysis mode used */ analysisMode: 'intraprocedural' | 'interprocedural' | 'dfg' | 'combined'; } /** * Enhanced Taint Analyzer with interprocedural capabilities * @trace REQ-SEC-001, TSK-SEC-008 */ export declare class EnhancedTaintAnalyzer { private baseAnalyzer; private callGraphBuilder; private taintPropagator; private dfgAdapter; private options; private sourceDefinitions; private sinkDefinitions; constructor(options?: EnhancedTaintOptions); /** * Reset analysis state (for testing) */ static resetState(): void; /** * Analyze a directory with enhanced taint analysis */ analyze(rootPath: string): Promise; /** * Analyze with DFG */ analyzeWithDFG(rootPath: string, dfgs: DataFlowGraph[]): Promise; /** * Extract source locations from base analysis */ private extractSourceLocations; /** * Merge intraprocedural and interprocedural findings */ private mergeFindings; /** * Convert TaintFinding to TaintPath */ private convertFindingToPath; /** * Map TaintFlowType to TaintFlowStep operation */ private mapFlowTypeToOperation; /** * Convert DFG results to TaintPath format */ private convertDFGPaths; /** * Build summary from results */ private buildSummary; /** * Get source definitions */ getSourceDefinitions(): SourceDefinition[]; /** * Get sink definitions */ getSinkDefinitions(): SinkDefinition[]; /** * Add custom source definition */ addSourceDefinition(source: SourceDefinition): void; /** * Add custom sink definition */ addSinkDefinition(sink: SinkDefinition): void; } /** * Create enhanced taint analyzer */ export declare function createEnhancedTaintAnalyzer(options?: EnhancedTaintOptions): EnhancedTaintAnalyzer; //# sourceMappingURL=enhanced-taint-analyzer.d.ts.map