Beispiel #1
0
            public static void mapDotNetWebServices(TreeView tvRawData)
            {
                String sDotNetWebServicesSinkToFind =
                    "System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(string;object[]):object[]";
                var ltnNodesWithSink = new List <TreeNode>();

                analyzer.calculateListOfNodesWithSink_recursive(tvRawData.Nodes, sDotNetWebServicesSinkToFind,
                                                                ltnNodesWithSink);
                foreach (TreeNode tnTreeNodeWithInvokeSink in ltnNodesWithSink)
                {
                    var otbO2TraceBlockWithSink = (O2TraceBlock_OunceV6)tnTreeNodeWithInvokeSink.Tag;
                    foreach (AssessmentAssessmentFileFinding fFinding in otbO2TraceBlockWithSink.dSources.Keys)
                    {
                        //FindingViewItem fviFindingViewItem
                        //String sSink = o2.analysis.Analysis.getSink(fFinding,otbO2TraceBlockWithSink.dSources[fFinding]);
                        //String sSource = o2.analysis.Analysis.getSource(fFinding, otbO2TraceBlockWithSink.dSources[fFinding]);
                        var lcaReverseListOfCallInvocation = new List <CallInvocation>();
                        AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnReverseListOfCallInvocation(
                            fFinding.Trace, TraceType.Known_Sink, lcaReverseListOfCallInvocation);
                        if (lcaReverseListOfCallInvocation.Count > 1)
                        {
                            var fsFilteredSignature =
                                new FilteredSignature(
                                    OzasmtUtils_OunceV6.getStringIndexValue(lcaReverseListOfCallInvocation[1].sig_id,
                                                                            otbO2TraceBlockWithSink.dSources[fFinding]));
                            String sSignatureToMatch = fsFilteredSignature.getFilteredSignature(true, false, false, -1);
                            // we really should also check the return class, but there are some diferences in the ways the objects are mapped (object[] on the client and ArrayList() on the server)
                            bool bFoundWebServiceSink = false;
                            foreach (TreeNode tnRawNode in tvRawData.Nodes)
                            {
                                var    otbO2TraceBlock    = (O2TraceBlock_OunceV6)tnRawNode.Tag;
                                String sRawTraceSignature =
                                    new FilteredSignature(otbO2TraceBlock.sSignature).getFilteredSignature(true, false,
                                                                                                           false, -1);
                                if (sRawTraceSignature == sSignatureToMatch)
                                {
                                    if (otbO2TraceBlock.dSources.Count == 0)
                                    {
                                        bFoundWebServiceSink = true;

                                        foreach (
                                            AssessmentAssessmentFileFinding fFindingInMappedSink in
                                            otbO2TraceBlock.dSinks.Keys)
                                        {
                                            String sSource = AnalysisUtils.getSource(fFindingInMappedSink,
                                                                                     otbO2TraceBlock.dSinks[
                                                                                         fFindingInMappedSink]);
                                            String sSink = AnalysisUtils.getSink(fFindingInMappedSink,
                                                                                 otbO2TraceBlock.dSinks[
                                                                                     fFindingInMappedSink]);
                                            DI.log.info("Adding {0} to {1}", sSource,
                                                        otbO2TraceBlockWithSink.sUniqueName);
                                            // add to dGluedSinks
                                            if (false ==
                                                otbO2TraceBlockWithSink.dGluedSinks.ContainsKey(fFindingInMappedSink))
                                            {
                                                otbO2TraceBlockWithSink.dGluedSinks.Add(fFindingInMappedSink,
                                                                                        otbO2TraceBlock.dSinks[
                                                                                            fFindingInMappedSink]);
                                                otbO2TraceBlockWithSink.dSinks.Add(fFindingInMappedSink,
                                                                                   otbO2TraceBlock.dSinks[
                                                                                       fFindingInMappedSink]);
                                            }
                                            // add to dGluedSinks
                                            if (false == otbO2TraceBlock.dGluedSinks.ContainsKey(fFinding))
                                            {
                                                //otbO2TraceBlock.dGluedSinks.Add(fFinding, otbO2TraceBlockWithSink.dSources[fFinding]);
                                                //otbO2TraceBlock.dSinks.Add(fFinding, otbO2TraceBlockWithSink.dSources[fFinding]);
                                            }
                                        }

                                        /*              foreach (AssessmentAssessmentFileFinding fFinding in otbO2TraceBlock.dSinks.Keys)
                                         *            {
                                         *                 DI.log.info("Adding trace to : {0} on Root node: {1}", tnTreeNodeWithInvokeSink.Text, O2Forms.getRootNode(tnTreeNodeWithInvokeSink).Text);
                                         *                TreeNode tnTreeNodeToAdd = tnTreeNodeWithInvokeSink;
                                         *                if (tnTreeNodeToAdd.Nodes.Count >0)
                                         *                    tnTreeNodeToAdd = tnTreeNodeToAdd.Nodes[0];
                                         *                tnTreeNodeToAdd.Nodes.Add(O2Forms.newTreeNode("TEST", "TEST", 0, new FindingViewItem(fFinding, otbO2TraceBlock.dSinks[fFinding])));
                                         *            }
                                         * */
                                        //tnTreeNodeWithInvokeSink
                                        //    DI.log.debug("  Found Possible match : {0}", otbO2TraceBlock.sSignature);
                                    }
                                    else
                                    {
                                        DI.log.debug("  Found FALSE POSITIVE match : {0}", otbO2TraceBlock.sSignature);
                                    }
                                }
                            }
                            if (false == bFoundWebServiceSink)
                            {
                                DI.log.error("in mapDotNetWebServices, could not find a match for: {0}",
                                             sSignatureToMatch);
                            }
                        }
                    }
                }
            }