Skip to main content

discover_sources_and_sinks_default

sqlitegraph::algo

Function discover_sources_and_sinks_default 

Source 
pub fn discover_sources_and_sinks_default(
    graph: &SqliteGraph,
) -> Result<(Vec<i64>, Vec<i64>), SqliteGraphError>
Expand description

Discovers sources and sinks using default metadata-based detectors.

Convenience function that uses MetadataSourceDetector and MetadataSinkDetector to find sources and sinks based on entity metadata annotations.

§Arguments

  • graph - The graph to analyze

§Returns

Tuple of (sources, sinks) where each is Vec of node IDs.

§Metadata Format

Sources are detected by:

  • "kind": "source" or "kind": "untrusted" or "kind": "user_input"
  • "taint": "source"

Sinks are detected by:

  • "kind": "sink" or "kind": "sql_query" or "kind": "html_output" or "kind": "command"
  • "operation": "execute" or "operation": "query" or "operation": "render" or "operation": "write"

§Complexity

  • Time: O(V) - visits each node once
  • Space: O(V) for storing sources and sinks lists

§Example

use sqlitegraph::{SqliteGraph, algo::discover_sources_and_sinks_default};

let graph = SqliteGraph::open_in_memory()?;

// Add source with metadata
graph.insert_entity(&GraphEntity {
    id: 1,
    kind: "variable".to_string(),
    name: "user_input".to_string(),
    file_path: None,
    data: json!({"kind": "source", "taint": "untrusted"}),
})?;

// Add sink with metadata
graph.insert_entity(&GraphEntity {
    id: 2,
    kind: "operation".to_string(),
    name: "sql_execute".to_string(),
    file_path: None,
    data: json!({"kind": "sql_query", "operation": "execute"}),
})?;

// Auto-discover sources and sinks
let (sources, sinks) = discover_sources_and_sinks_default(&graph)?;

assert_eq!(sources, vec![1]);
assert_eq!(sinks, vec![2]);