Simple test code, try to parse C script and scan for dangerous function call with Tree sitter

tree_sitter_C_scan.py

"""
Code parser with tree sitter
`sudo pip3 install tree_sitter`
clone parser for each programming language (same dir with code py) `git clone https://github.com/tree-sitter/tree-sitter-c`
create any test code (like vuln.c)
"""


from tree_sitter import Language, Parser

# Compile sources to parser. Compile time only
Language.build_library('build/parser.so', ['tree-sitter-c'])
# Init Parser
C_LANG = Language('build/parser.so', 'c')


def handle_file(path):
	with open(path) as f:
		return f.read()


def analysis_function(name, argv):
	if name.text.decode() in ("gets", "scans"):
		print(f"[!] Dangerous function {name.text} Buffer Overflow")
	else:
		# Calculate buffer?
		pass


def parse_code(cursor):
	if cursor.type == "compound_statement":
		for code_line in cursor.children:
			parse_code(code_line)
	if cursor.type in ("function_definition", "if_statement"):
		parse_code(cursor.children[2])
	elif cursor.type == "expression_statement":
		# Detect function call
		parse_code(cursor.children[0])
	elif cursor.type == "call_expression":
		function_name, function_argv = cursor.children[0], cursor.children[1]
		analysis_function(function_name, function_argv)


def parse_script(script_data):
	if script_data:
		parser = Parser()
		parser.set_language(C_LANG)
		tree = parser.parse(bytes(script_data, "utf-8"))
		cursor = tree.walk()
		cursor.goto_first_child()
		while True:
			if cursor.node.type == "function_definition":
				parse_code(cursor.node.children[2])
			if not cursor.goto_next_sibling():
				return


data = handle_file("/tmp/vuln.c")
parse_script(data)