Beispiel #1
0
        public static Color getTraceColorBasedOnRuleType(IO2Rule o2Rule)
        {
            switch (o2Rule.RuleType)
            {
            case O2RuleType.Source:
                return(SourceColor);

            case O2RuleType.Sink:
                return(KnownSinkColor);

            case O2RuleType.LostSink:
                return(LostSinkColor);

            case O2RuleType.Callback:
                return(Color.Salmon);

            case O2RuleType.PropageTaint:
                return(Color.DarkGreen);

            case O2RuleType.DontPropagateTaint:
                return(Color.Purple);

            case O2RuleType.NotMapped:
                return(Color.DarkGray);

            default:
                return(NotMappedColor);
            }
        }
Beispiel #2
0
 public void EditRules(List <IO2Rule> o2RulesToEdit, O2Thread.FuncVoidT1 <IO2Rule> _onSave)
 {
     this.invokeOnThread(
         () =>
     {
         onSave = _onSave;
         newRule();
         laDataSaved.Visible             = false;
         btSaveRuleChanges.Enabled       = false;
         btSaveChangesToAllRules.Enabled = true;
         laNumberOfRulesLoaded.Text      = o2RulesToEdit.Count + " rule loaded";
         o2LoadedRules = o2RulesToEdit;
         o2LoadedRule  = null;
     });
 }
Beispiel #3
0
 public void editRule(IO2Rule ruleToEdit, O2Thread.FuncVoidT1 <IO2Rule> _onSave)
 {
     this.invokeOnThread(
         () =>
     {
         laDataSaved.Visible             = false;
         btSaveRuleChanges.Enabled       = true;
         btSaveChangesToAllRules.Enabled = false;
         laUnsavedChanges.Visible        = false;
         laNumberOfRulesLoaded.Text      = "1 rule loaded";
         onSave       = _onSave;
         o2LoadedRule = ruleToEdit;
         loadRuleIntoEditor(o2LoadedRule);
         o2LoadedRules.Clear();
         o2LoadedRules.Add(o2LoadedRule);
     });
 }
Beispiel #4
0
 private void loadRuleIntoEditor(IO2Rule ruleToEdit)
 {
     this.invokeOnThread(
         () =>
     {
         cbRuleType.Text          = ruleToEdit.RuleType.ToString();
         tbDbId.Text              = ruleToEdit.DbId;
         tbComment.Text           = ruleToEdit.Comments;
         tbFromParam.Text         = ruleToEdit.FromArgs;
         tbParam.Text             = ruleToEdit.Param;
         tbReturn.Text            = ruleToEdit.Return;
         cbSeverity.Text          = ruleToEdit.Severity;
         tbSignature.Text         = ruleToEdit.Signature;
         tbToParam.Text           = ruleToEdit.ToArgs;
         tbVulnerabilityType.Text = ruleToEdit.VulnType;
     });
 }
Beispiel #5
0
 public void editRule(IO2Rule ruleToEdit, O2Thread.FuncVoidT1<IO2Rule> _onSave)
 {
     this.invokeOnThread(
         () =>
             {
                 laDataSaved.Visible = false;
                 btSaveRuleChanges.Enabled = true;
                 btSaveChangesToAllRules.Enabled = false;
                 laUnsavedChanges.Visible = false;
                 laNumberOfRulesLoaded.Text = "1 rule loaded";
                 onSave = _onSave;
                 o2LoadedRule = ruleToEdit;
                 loadRuleIntoEditor(o2LoadedRule);
                 o2LoadedRules.Clear();
                 o2LoadedRules.Add(o2LoadedRule);       
             });
 }
Beispiel #6
0
 private void loadRuleIntoEditor(IO2Rule ruleToEdit)
 {
     this.invokeOnThread(
         () =>
             {
                 cbRuleType.Text = ruleToEdit.RuleType.ToString();
                 tbDbId.Text = ruleToEdit.DbId;
                 tbComment.Text = ruleToEdit.Comments;
                 tbFromParam.Text = ruleToEdit.FromArgs;
                 tbParam.Text = ruleToEdit.Param;
                 tbReturn.Text = ruleToEdit.Return;
                 cbSeverity.Text = ruleToEdit.Severity;
                 tbSignature.Text = ruleToEdit.Signature;
                 tbToParam.Text = ruleToEdit.ToArgs;
                 tbVulnerabilityType.Text = ruleToEdit.VulnType;
             });
 }
Beispiel #7
0
        internal static IO2Rule cloneRule(IO2Rule o2RuleToClone)
        {
            var clonedRule = new O2Rule
            {
                Comments  = o2RuleToClone.Comments,
                DbId      = o2RuleToClone.DbId,
                FromArgs  = o2RuleToClone.FromArgs,
                Param     = o2RuleToClone.Param,
                Return    = o2RuleToClone.Return,
                FromDb    = o2RuleToClone.FromDb,
                RuleType  = o2RuleToClone.RuleType,
                Severity  = o2RuleToClone.Severity,
                Signature = o2RuleToClone.Signature,
                Tagged    = o2RuleToClone.Tagged,
                ToArgs    = o2RuleToClone.ToArgs,
                VulnType  = o2RuleToClone.VulnType
            };

            return(clonedRule);
        }
Beispiel #8
0
        public bool addRuleToDatabase(IO2Rule rRule, bool bVerbose)
        {
            var sVulnId = "0"; // make it 0 since it doesn't matter this value

            switch (rRule.RuleType)
            {
            case O2RuleType.Source:
                var sActionObjectSignatureForSource = "InputAnyTainted";
                Lddb_OunceV6.action_makeMethod_Source(rRule.DbId, rRule.Signature, sVulnId,
                                                      sActionObjectSignatureForSource, rRule.Severity, rRule.VulnType,
                                                      bVerbose);
                break;

            case O2RuleType.Sink:
                var sActionObjectSignatureForSink = "OutputAnyNotValidated";
                Lddb_OunceV6.action_makeMethod_Sink(rRule.DbId, rRule.Signature, sVulnId, sActionObjectSignatureForSink,
                                                    rRule.Severity, rRule.VulnType, bVerbose);
                break;

            case O2RuleType.Callback:
                Lddb_OunceV6.action_makeMethodACallback(UInt32.Parse(rRule.DbId), rRule.Signature,
                                                        true /*bDeletePreviousRulesForSignature*/, bVerbose);
                break;

            case O2RuleType.PropageTaint:
                Lddb_OunceV6.action_makeMethod_TaintPropagator(UInt32.Parse(rRule.DbId), rRule.Signature, rRule.FromArgs, rRule.ToArgs, rRule.Return.ToString());
                break;

            case O2RuleType.DontPropagateTaint:
                Lddb_OunceV6.action_makeMethod_NotPropagateTaint(UInt32.Parse(rRule.DbId), rRule.Signature);
                break;

            default:
                DI.log.error("Rule type not supported: {0}  Rule changed not processed: {1}",
                             rRule.RuleType, rRule.Signature);
                return(false);
            }
            return(true);
        }
Beispiel #9
0
 public static void action_deleteRuleFromDatabase(IO2Rule ruleToDelete)
 {
     var vulnIDSql = String.Format("Select vuln_id from rec where db_id ={0} and signature ='{1}'",
                              ruleToDelete.DbId, ruleToDelete.Signature);
     var vulnId = OunceMySql.executeSqlQuery(vulnIDSql, true);
     if (vulnId == null)
         DI.log.error("in action_deleteRuleFromDatabase, could not find entry for signature {0} in database {1}",
             ruleToDelete.Signature, ruleToDelete.DbId);
     else          
         if (vulnId is uint)
             action_deleteSignatureAndActionObject((uint)vulnId);
 }
Beispiel #10
0
 public static Color getTraceColorBasedOnRuleType(IO2Rule o2Rule)
 {
     switch (o2Rule.RuleType)
     {
         case O2RuleType.Source:
             return SourceColor;
         case O2RuleType.Sink:
             return KnownSinkColor;
         case O2RuleType.LostSink:
             return LostSinkColor;
         case O2RuleType.Callback:
             return Color.Salmon;
         case O2RuleType.PropageTaint:
             return Color.DarkGreen;
         case O2RuleType.DontPropagateTaint:
             return Color.Purple;
         case O2RuleType.NotMapped:
             return Color.DarkGray;
         default:
             return NotMappedColor;
     }
 }
Beispiel #11
0
 private static bool doesO2RuleMatchTypeAndFilter(IO2Rule o2Rule, O2RuleType o2RuleType, string signatureFilter)
 {
     if (o2RuleType == O2RuleType.All || o2Rule.RuleType == o2RuleType)
         if (signatureFilter == "" || RegEx.findStringInString(o2Rule.Signature, signatureFilter) || o2Rule.Signature.IndexOf(signatureFilter) > -1)
             return true;
     return false;
 }
Beispiel #12
0
 private IO2Rule addRuleToChangedRulesList(IO2Rule o2RuleToAdd)
 {
     return addRuleToChangedRulesList(o2RuleToAdd, true);
 }
Beispiel #13
0
 private IO2Rule addRuleToChangedRulesList(IO2Rule o2RuleToAdd, bool checkIfRuleIsAlreadyInList)
 {
     // see if this rule has already been added            
     if (false == checkIfRuleIsAlreadyInList || false == isRuleAllreadyOnChangedRulesList(o2RuleToAdd))
     {
         var listViewItem = new ListViewItem(new[] {o2RuleToAdd.RuleType.ToString(), o2RuleToAdd.Signature})
                                {Tag = o2RuleToAdd};
         lvChangedRules.Items.Add(listViewItem);
         // handle special case of deleting rules
         if (o2RuleToAdd.RuleType == O2RuleType.ToBeDeleted)
         {
             foreach (var o2RuleWithSameSignatureAsRuleToDelete in indexedCurrentO2Rules[o2RuleToAdd.Signature])
                 if (o2RuleWithSameSignatureAsRuleToDelete.FromDb &&
                     o2RuleWithSameSignatureAsRuleToDelete.RuleType != O2RuleType.ToBeDeleted &&
                     false == isRuleAllreadyOnChangedRulesList(o2RuleWithSameSignatureAsRuleToDelete))
                     addRuleToChangedRulesList(o2RuleWithSameSignatureAsRuleToDelete);
         }
         // handle special case of DontPropagateTaint & Propagate Taint
         /*else if (o2RuleToAdd.RuleType == O2RuleType.DontPropagateTaint)
         {
             foreach (var o2RuleToChange in indexedCurrentO2Rules[o2RuleToAdd.Signature])
                 if (o2RuleToChange.RuleType != o2RuleToAdd.RuleType && false == isRuleAllreadyOnChangedRulesList(o2RuleToChange))
                 {
                     o2RuleToChange.RuleType = O2RuleType.ToBeDeleted;
                     addRuleToChangedRulesList(o2RuleToChange);
                 }
                 //addRuleToChangedRulesList(o2RuleWithSameSignatureAsRuleToDelete);
         }*/
         updateLabelWithNumberOfChangedRules();
     }
     return o2RuleToAdd;
 }
Beispiel #14
0
 // this is not a very optimized way of doing this, so changed it if there are performance issues when adding too many rules
 private bool isRuleAllreadyOnChangedRulesList(IO2Rule o2RuleToAdd)
 {
     foreach (ListViewItem listViewItem in lvChangedRules.Items)
         if (listViewItem.Tag is IO2Rule && (IO2Rule)listViewItem.Tag == o2RuleToAdd)
             return true;
     return false;
 }
Beispiel #15
0
 public static void addRule(IO2Rule rRule, O2RulePack o2rulePack)
 {
     o2rulePack.o2Rules.Add((O2Rule)rRule);
 }
Beispiel #16
0
 private static object[] getRowDataFromO2Fule(IO2Rule o2Rule)
 {
     return new object[]
                {
                    o2Rule.RuleType, 
                    o2Rule.VulnType, 
                    o2Rule.Severity, 
                    o2Rule.Signature,                                                                          
                    o2Rule.Param, 
                    o2Rule.Return, 
                    o2Rule.FromArgs, 
                    o2Rule.ToArgs, 
                    o2Rule.DbId,
                    o2Rule.Comments,
                    o2Rule.FromDb,
                    o2Rule.Tagged
                };
 }
Beispiel #17
0
 public void deleteRuleFromDatabase(IO2Rule ruleToDelete)
 {
     Lddb_OunceV6.action_deleteRuleFromDatabase(ruleToDelete);
 }
Beispiel #18
0
 public bool addRuleToDatabase(IO2Rule rRule)
 {
     return(addRuleToDatabase(rRule, O2RulePackUtils.bVerbose));
 }
Beispiel #19
0
 private void onRuleSave(IO2Rule o2SavedRule, DataGridViewRow currentRow)
 {
     if (currentRow!= null)
         currentRow.SetValues(getRowDataFromO2Fule(o2SavedRule));
     addRuleToChangedRulesList(o2SavedRule);
 }
Beispiel #20
0
 public void EditRules(List<IO2Rule> o2RulesToEdit, O2Thread.FuncVoidT1<IO2Rule> _onSave)
 {
     this.invokeOnThread(
         () =>
             {
                 onSave = _onSave;
                 newRule();
                 laDataSaved.Visible = false;
                 btSaveRuleChanges.Enabled = false;
                 btSaveChangesToAllRules.Enabled = true;
                 laNumberOfRulesLoaded.Text = o2RulesToEdit.Count +  " rule loaded";
                 o2LoadedRules = o2RulesToEdit;
                 o2LoadedRule = null;
             });
 }
Beispiel #21
0
        //rename this method since we do more than just Source or Sinks here
        private static void updateSourceOrSinkRule(O2RulePack o2RulePack, IDictionary <string, List <IO2Rule> > indexedO2Rules, string ruleSignature, string languageDBId, TraceType traceType)
        {
            if (indexedO2Rules != null && ruleSignature != null)
            {
                //bool createNotMappedRule = false;
                var createRuleWithType = O2RuleType.NotMapped;
                // only proccess Sources, Sinks and Lost Sinks
                if (traceType == TraceType.Source || traceType == TraceType.Known_Sink || traceType == TraceType.Lost_Sink)
                {
                    O2RuleType o2NewRuleType = O2RulePackUtils.getO2RuleTypeFromRuleType(traceType);
                    createRuleWithType = o2NewRuleType;

                    /*       if (indexedO2Rules != null && false == string.IsNullOrEmpty(ruleSignature))
                     *         if (indexedO2Rules.ContainsKey(ruleSignature))
                     *         {
                     *             bool thereIsAlreadyARuleWithTheSameRuleType = false;
                     *             foreach (var o2Rule in indexedO2Rules[ruleSignature])
                     *             {
                     *                 if (o2Rule.RuleType == O2RuleType.NotMapped)
                     *                 // if it is not mapped change it to o2NewRuleType
                     *                 {
                     *                     o2Rule.RuleType = o2NewRuleType;
                     *                     return;
                     *                 }
                     *                 if (o2Rule.RuleType == o2NewRuleType)
                     *                     // if it is already a rule of type o2NewRuleType, mark it so we can ignore it below
                     *                     thereIsAlreadyARuleWithTheSameRuleType = true;
                     *             }
                     *             if (false == thereIsAlreadyARuleWithTheSameRuleType)
                     *             // if we got this far, create a new rule of o2NewRuleType
                     *             {
                     *                 var newRule = O2RulePackUtils.createRule(o2NewRuleType, ruleSignature, languageDBId);
                     *                 indexedO2Rules[ruleSignature].Add(newRule);
                     *                 // add it to the index so that we don't have to calculate it again
                     *                 o2RulePack.o2Rules.Add(newRule);
                     *             }
                     *         }
                     */
                }
                bool    createNewRule = true;
                IO2Rule notMappedRule = null;

                if (indexedO2Rules.ContainsKey(ruleSignature))
                {
                    foreach (var o2Rule in indexedO2Rules[ruleSignature])
                    {
                        if (o2Rule.RuleType == createRuleWithType)          // dont create if there is already a rule of this type
                        {
                            o2Rule.Tagged = true;
                            createNewRule = false;
                        }
                        if (o2Rule.RuleType == O2RuleType.NotMapped)
                        {
                            notMappedRule = o2Rule;
                        }
                    }
                }
                // handle the case where we have already added a signature but it is not a NotMapped one
                if (createRuleWithType == O2RuleType.NotMapped && createNewRule && notMappedRule == null && indexedO2Rules.ContainsKey(ruleSignature))
                {
                    createNewRule = false;
                }

                // if required, Create  rule
                if (createNewRule)
                {
                    var vulnType = "O2.FindingRule." + createRuleWithType.ToString();
                    var newRule  = new O2Rule(createRuleWithType, vulnType, ruleSignature, languageDBId, true);
                    o2RulePack.o2Rules.Add(newRule);
                    if (false == indexedO2Rules.ContainsKey(ruleSignature))
                    {
                        indexedO2Rules.Add(ruleSignature, new List <IO2Rule>());
                    }
                    indexedO2Rules[ruleSignature].Add(newRule);
                    if (notMappedRule != null)
                    {
                        indexedO2Rules[ruleSignature].Remove(notMappedRule);
                    }
                }
            }
        }
Beispiel #22
0
 public void deleteRuleFromDatabase(IO2Rule ruleToDelete)
 {
     Lddb_OunceV6.action_deleteRuleFromDatabase(ruleToDelete);
 }
Beispiel #23
0
 public static void addRule(IO2Rule rRule, O2RulePack o2rulePack)
 {
     o2rulePack.o2Rules.Add((O2Rule)rRule);
 }
Beispiel #24
0
 public bool addRuleToDatabase(IO2Rule rRule)
 {
     return addRuleToDatabase(rRule,O2RulePackUtils.bVerbose);
 }
Beispiel #25
0
 internal static IO2Rule cloneRule(IO2Rule o2RuleToClone)
 {
     var clonedRule = new O2Rule
                          {
                              Comments = o2RuleToClone.Comments,
                              DbId = o2RuleToClone.DbId,
                              FromArgs = o2RuleToClone.FromArgs,
                              Param = o2RuleToClone.Param,
                              Return = o2RuleToClone.Return,
                              FromDb = o2RuleToClone.FromDb,
                              RuleType = o2RuleToClone.RuleType,
                              Severity = o2RuleToClone.Severity,
                              Signature = o2RuleToClone.Signature,
                              Tagged = o2RuleToClone.Tagged,
                              ToArgs = o2RuleToClone.ToArgs,
                              VulnType = o2RuleToClone.VulnType                                                                          
                          };
     return clonedRule;
 }
Beispiel #26
0
 public bool addRuleToDatabase(IO2Rule rRule, bool bVerbose)
 {            
     var sVulnId = "0"; // make it 0 since it doesn't matter this value
     switch (rRule.RuleType)
     {
         case O2RuleType.Source:
             var sActionObjectSignatureForSource = "InputAnyTainted";
             Lddb_OunceV6.action_makeMethod_Source(rRule.DbId, rRule.Signature, sVulnId,
                                                   sActionObjectSignatureForSource, rRule.Severity, rRule.VulnType,
                                                   bVerbose);
             break;
         case O2RuleType.Sink:
             var sActionObjectSignatureForSink = "OutputAnyNotValidated";
             Lddb_OunceV6.action_makeMethod_Sink(rRule.DbId, rRule.Signature, sVulnId, sActionObjectSignatureForSink,
                                                 rRule.Severity, rRule.VulnType, bVerbose);
             break;
         case O2RuleType.Callback:                    
             Lddb_OunceV6.action_makeMethodACallback(UInt32.Parse(rRule.DbId), rRule.Signature,
                                                     true /*bDeletePreviousRulesForSignature*/, bVerbose);
             break;
         case O2RuleType.PropageTaint:
             Lddb_OunceV6.action_makeMethod_TaintPropagator(UInt32.Parse(rRule.DbId), rRule.Signature,rRule.FromArgs,rRule.ToArgs,rRule.Return.ToString());
             break;
         case O2RuleType.DontPropagateTaint:
             Lddb_OunceV6.action_makeMethod_NotPropagateTaint(UInt32.Parse(rRule.DbId), rRule.Signature);
             break;                
         default:
             DI.log.error("Rule type not supported: {0}  Rule changed not processed: {1}",
                 rRule.RuleType, rRule.Signature);
             return false;
     }
     return true;
 }
Beispiel #27
0
 private DataGridViewRow addO2RuleToDataGridView(IO2Rule o2Rule)
 {
     object[] row = getRowDataFromO2Fule(o2Rule);
                     
     var newRowId = dgvRules.Rows.Add(row);
     var newRow = dgvRules.Rows[newRowId];
     newRow.Tag = o2Rule;
     if (cbColorCodeRules.Checked)
         newRow.DefaultCellStyle.ForeColor = OzasmtUtils.getTraceColorBasedOnRuleType(o2Rule);
     return newRow;
 }