public static void mapFunctionInUrlToAscx(List <IO2Finding> findingsToProcess)
{
foreach (var o2Finding in findingsToProcess)
{
var source = OzasmtUtils.getSource(o2Finding.o2Traces);
var indexOfFunction = source.signature.IndexOf("function=");
if (indexOfFunction > 0)
{
var functionCalled = source.signature.Substring(indexOfFunction + 9);
functionCalled = functionCalled.ToLower();
var currentSink = OzasmtUtils.getKnownSink(o2Finding.o2Traces);
currentSink.traceType = TraceType.Root_Call;
string newSinkSignature = String.Format("ASP.ascx_{0}_ascx_{1}", functionCalled.Replace('\\', '_'),
currentSink.signature);
currentSink.childTraces.Add(new O2Trace(newSinkSignature, TraceType.Known_Sink));
}
}
}
public static List <IO2Finding> mapTextBoxWebControlsAsSinks(List <IO2Finding> findingsToMap)
{
var signatureToFind = "System.Web.UI.WebControls.TextBox.get_Text():string";
var results = new List <IO2Finding>();
foreach (var o2Finding in findingsToMap)
{
var o2Match = OzasmtSearch.findO2TraceSignature(o2Finding.o2Traces, signatureToFind);
if (o2Match != null)
{
var variable = o2Match.context.Substring(0, o2Match.context.IndexOf(' '));
variable = variable.Replace("this->", "");
var source = OzasmtUtils.getSource(o2Finding.o2Traces);
source.signature += "_" + variable;
//var o2NewO2Trace = new O2Trace(variable);
//o2NewO2Trace.childTraces.Add(o2Finding.o2Trace);
//o2Finding.o2Trace = o2NewO2Trace;
results.Add(o2Finding);
}
}
return(results);
}
public void CreateFinding_WithTrace()
{
string sFileToCreate = DI.config.TempFileNameInTempDirectory;
const uint line_number = 2;
const uint column_number = 3;
const uint ordinal = 1;
const string context = "TraceContext";
const string signature = "TraceSignature";
const string clazz = "class.this.trace.is.in";
const string file = @"c:\o2\temp\file\trace\is\in.cs";
const string method = "methodExectuted";
const uint taintPropagation = 0;
var text = new List <string> {
"this is a text inside a trace"
};
var o2Assessment = new O2Assessment();
// Finding #1
var o2Finding1 = new O2Finding("vulnName.Testing.TraceCreation", "vulnType.CustomType",
"This is the Context",
"This is the caller");
o2Finding1.o2Traces.Add(new O2Trace
{
clazz = clazz,
columnNumber = column_number,
context = context,
file = file,
lineNumber = line_number,
method = method,
ordinal = ordinal,
signature = signature,
taintPropagation = taintPropagation,
text = text,
});
o2Assessment.o2Findings.Add(o2Finding1);
// Finding #1
const string sinkText = "this is a sink";
const string methodOnSinkPath = "method call on sink path";
const string methodOnSourcePath = "method call on source path";
const string sourceText = "this is a source";
var o2Finding2 = new O2Finding("Vulnerability.Name", "Vulnerability.Type");
var o2Trace = new O2Trace("Class.Signature", "Method executed");
var o2TraceOnSinkPath = new O2Trace(methodOnSinkPath, TraceType.Type_0);
o2TraceOnSinkPath.childTraces.Add(new O2Trace(sinkText, TraceType.Known_Sink));
var o2TraceOnSourcePath = new O2Trace(methodOnSourcePath, TraceType.Type_0);
o2TraceOnSourcePath.childTraces.Add(new O2Trace(sourceText, TraceType.Source));
o2Trace.childTraces.Add(o2TraceOnSourcePath);
o2Trace.childTraces.Add(o2TraceOnSinkPath);
o2Finding2.o2Traces = new List <IO2Trace> {
o2Trace
};
o2Assessment.o2Findings.Add(o2Finding2);
// save assessment file
o2Assessment.save(o2AssessmentSave, sFileToCreate);
// check if data was saved correctly
var loadedO2Assessment = new O2Assessment(o2AssessmentLoad, sFileToCreate);
List <IO2Finding> loadedO2Findings = loadedO2Assessment.o2Findings;
Assert.IsTrue(loadedO2Assessment.o2Findings.Count == 2, "There should be 2 findings in the Assessment File");
// in o2Findings1
Assert.IsTrue(loadedO2Assessment.o2Findings[0].o2Traces.Count == 1,
"There should be 1 Trace in the Finding #1");
IO2Trace loadedO2Trace = loadedO2Findings[0].o2Traces[0];
Assert.IsTrue(loadedO2Trace.clazz == clazz, "clazz");
Assert.IsTrue(loadedO2Trace.columnNumber == column_number, "columnNumber");
Assert.IsTrue(loadedO2Trace.context == context, "context");
Assert.IsTrue(loadedO2Trace.file == file, "file");
Assert.IsTrue(loadedO2Trace.lineNumber == line_number, "lineNumber");
Assert.IsTrue(loadedO2Trace.method == method, "method");
Assert.IsTrue(loadedO2Trace.ordinal == ordinal, "ordinal");
Assert.IsTrue(loadedO2Trace.signature == signature, "signature");
Assert.IsTrue(loadedO2Trace.taintPropagation == taintPropagation, "taintPropagation");
Assert.IsTrue(loadedO2Trace.text[0] == text[0], "text");
// in o2Findings2
Assert.IsTrue(loadedO2Assessment.o2Findings[1].o2Traces.Count == 1,
"There should be 1 Trace in the Finding #2");
Assert.IsTrue(loadedO2Assessment.o2Findings[1].o2Traces[0].childTraces.Count == 2,
"There should be 2 child traces in this trace");
Assert.IsNotNull(OzasmtUtils.getKnownSink(loadedO2Assessment.o2Findings[1].o2Traces), "Could not find Sink");
Assert.IsTrue(OzasmtUtils.getKnownSink(loadedO2Assessment.o2Findings[1].o2Traces).clazz == sinkText,
"Sink text didn't match");
Assert.IsTrue(OzasmtUtils.getSource(loadedO2Assessment.o2Findings[1].o2Traces).clazz == sourceText,
"Source text didn't match");
}
