DevBug – PHP Static Code Analysis -
20 May, 2012 by ethicalhack3r

My final year university dissertation was on the topic of Static Code Analysis, specifically the integration of IDEs (Integrated Development Environments) with Static Code Analysis. The idea was to make Static Code Analysis accesible to the developer, without them having to install and use additional specialist Static Code Analysis software.

Due to my familiarity with PHP and its lack of interpreter taint analysis I decided that I would write a PHP Static Code Analysis application. The PHP Static Code Analysis tool I developed is called DevBug, it is an online PHP Static Code Analysis tool written mostly in JavaScript (jQuery). The Static Code Analysis engine uses the sources, securing functions and sinks data from the awesome RIPS Static Code Analysis tool to identify specific PHP functions that can cause or remediate user input caused vulnerabilities. DevBug uses Taint Analysis to identify tainted variables, follows the tainted variables through the code, untaints the variables if they are secured and finally detects whether or not tainted variables end up in in sensitive sinks.

The IDE used is called CodeMirror that provides a code editing area, syntax highlighting, line numbering and an API. CodeMirror was slightly modified to detect deprecated PHP functions and highlight them.

DevBug has some known bugs and limitations at present which I will address in the near future. For now it is still useful as a quick and easy place to run some PHP functions or pages through to check for potential issues. As far as I know DevBug is the only free online PHP Static Code Analysis tool available.

The Taint Analysis takes part in the browser with JavaScript after the PHP source code has been tokenized by the server. This was my first real JavaScript related project so the code may not be as good as it could be, for this reason, I may make the project open source in future so that it can be improved upon and users benefit from the knowledge of the open source community.

I’m still interested in bug reports or feature requests, DevBug can be found here:
http://www.devbug.co.uk

4 Responses


  1. DevBug | Gianni Amato

    [...] questa volta Ryan Dewhurst ha sfornato qualcosa di buono. Prima [...]


    Comment posted on May 20, 2012 at 14:10:28 BST

  2. bob

    bug.


    Comment posted on May 22, 2012 at 02:42:26 BST

  3. bob

    just a quick test of mine.
    http://pastebin.com/XivTDKdv


    Comment posted on May 22, 2012 at 02:45:00 BST

  4. ethicalhack3r

    Thanks bob, I will address these the next time I am developing it.


    Comment posted on May 23, 2012 at 11:59:49 BST

Leave a Reply