using System.Collections.Immutable;
namespace StellaOps.BinaryIndex.GoldenSet;
///
/// Service for looking up known sinks and their metadata.
///
public interface ISinkRegistry
{
///
/// Checks if a sink is known in the registry.
///
/// The sink function name.
/// True if the sink is known; otherwise, false.
bool IsKnownSink(string sinkName);
///
/// Gets detailed information about a sink.
///
/// The sink function name.
/// Cancellation token.
/// Sink information or null if not found.
Task GetSinkInfoAsync(string sinkName, CancellationToken ct = default);
///
/// Gets all sinks in a category.
///
/// The category to filter by.
/// Cancellation token.
/// List of sinks in the category.
Task> GetSinksByCategoryAsync(string category, CancellationToken ct = default);
///
/// Gets all sinks associated with a CWE ID.
///
/// The CWE ID to filter by.
/// Cancellation token.
/// List of sinks associated with the CWE.
Task> GetSinksByCweAsync(string cweId, CancellationToken ct = default);
}
///
/// Information about a known sink function.
///
/// Sink function name.
/// Category (e.g., "memory", "command_injection").
/// Human-readable description.
/// Associated CWE IDs.
/// Severity level (low, medium, high, critical).
public sealed record SinkInfo(
string Name,
string Category,
string? Description,
ImmutableArray CweIds,
string Severity);
///
/// Well-known sink categories.
///
public static class SinkCategory
{
/// Memory corruption sinks (memcpy, strcpy, etc.).
public const string Memory = "memory";
/// Command injection sinks (system, exec, etc.).
public const string CommandInjection = "command_injection";
/// Code injection sinks (dlopen, LoadLibrary, etc.).
public const string CodeInjection = "code_injection";
/// Path traversal sinks (fopen, open, etc.).
public const string PathTraversal = "path_traversal";
/// Network-related sinks (connect, send, etc.).
public const string Network = "network";
/// SQL injection sinks.
public const string SqlInjection = "sql_injection";
/// Cryptographic sinks.
public const string Crypto = "crypto";
}