MethodSteams are a code representation of an entire call-tree, i.e. one file that contains the original method and all the methods it calls (recursively).
CodeSteams are all the possible 'taint follow' paths that exist on a particular MethodSteam
Here are they in action in the HacmeBank's source code:
Part 1 : The MethodStream
A MethodStream is a file which contains all methods that are called from a particular source method.
For example the HacmeBank's WebService method:
who calls the DataFactory method:
who calls the SqlEngine method:
So, in this case the MethodStream for the CreateUser WebService method looks like this:
and
(the above auto generated methods are methods that the engine was able to resolve but the source code was not available)
Part 2: The CodeStream
The CodeStream is a unique data-flow path created from a starting point inside a provided MethodStream, for example here is an SQL Injection:
Part 3: Following Taint Step by Step
step 1:
step 2:
step 3:
step 4:
step 5:
step 6:
step 7:
step 8:
step 9:
Part 4: Graph with trace
