public static IO2Finding createCopy(IO2Finding o2Finding, bool processChildTraces)
{
var newO2Finding = new O2Finding();
newO2Finding.vulnType = o2Finding.vulnType;
newO2Finding.vulnName = o2Finding.vulnName;
newO2Finding.text = createCopy(o2Finding.text);
newO2Finding.severity = o2Finding.severity;
newO2Finding.recordId = o2Finding.recordId;
newO2Finding.propertyIds = o2Finding.propertyIds;
newO2Finding.projectName = o2Finding.projectName;
newO2Finding.ordinal = o2Finding.ordinal;
newO2Finding.lineNumber = o2Finding.lineNumber;
newO2Finding.file = o2Finding.file;
newO2Finding.exclude = o2Finding.exclude;
newO2Finding.confidence = o2Finding.confidence;
newO2Finding.columnNumber = o2Finding.actionObject;
newO2Finding.context = o2Finding.context;
newO2Finding.callerName = o2Finding.callerName;
newO2Finding.actionObject = o2Finding.actionObject;
if (processChildTraces)
{
newO2Finding.o2Traces = createCopy(o2Finding.o2Traces);
}
return(newO2Finding);
}
public static List <IO2Trace> getListWithAllTraces(O2Finding o2Finding)
{
var allTraces = new List <IO2Trace>();
try
{
getListWithAllTraces(o2Finding.o2Traces, allTraces);
}
catch (Exception ex)
{
PublicDI.log.error("in getListWithAllTraces: {0}", ex.Message);
}
return(allTraces);
}
public static IO2Finding createO2FindingFromTrace(IO2Trace o2Trace)
{
var o2Finding = new O2Finding();
o2Finding.vulnType = "FindingFromTrace";
o2Finding.vulnName = o2Trace.signature;
o2Finding.text = OzasmtCopy.createCopy(o2Trace.text);
o2Finding.ordinal = o2Trace.ordinal;
o2Finding.o2Traces = new List <IO2Trace>().add(OzasmtCopy.createCopy(o2Trace));
o2Finding.lineNumber = o2Trace.lineNumber;
o2Finding.file = o2Trace.file;
o2Finding.columnNumber = o2Trace.columnNumber;
o2Finding.context = o2Trace.context;
o2Finding.callerName = o2Trace.signature;
return(o2Finding);
}
public static void fixExternalSourceSourceMappingProblem(O2Finding o2Finding)
{
try
{
// fix the external_source callback generated finding problem since the source should be the callback back methods and not the <external_source>(...) rule
if (o2Finding.Source.IndexOf("<external_source>") > -1)
{
o2Finding.getSource().traceType = TraceType.Root_Call;
o2Finding.o2Traces[0].childTraces[1].traceType = TraceType.Source;
}
}
catch (Exception ex)
{
PublicDI.log.ex(ex, "in getO2Finding, while trying to fix the external_source callback generated finding problem");
}
}
public static List <IO2Finding> findWebControlSources(List <IO2Finding> o2Findings)
{
var methodsToFind = new RegEx("System.Web.UI.WebControls.*get_Text");
//var methodsToFind = new RegEx("HttpRequest");
var results = new List <IO2Finding>();
foreach (IO2Finding o2Finding in o2Findings)
{
IO2Trace source = ((O2Finding)o2Finding).getSource();
if (source != null && methodsToFind.find(source.ToString()))
// && o2Finding.getSource.ToString() != "")
{
if (source.context.Contains("txt"))
{
// PublicDI.log.info(source + " -> " + (o2Finding.getSink != null ? o2Finding.getSink.ToString() : ""));
string variableName = OzasmtContext.getVariableNameFromThisObject(source);
// PublicDI.log.info(o2Finding.o2Trace + " ::: " + );// + " : " + source.context);
foreach (IO2Trace o2Trace in o2Finding.o2Traces)
{
List <string> wordsFromSignature =
OzasmtUtils.getListWithWordsFromSignature(o2Trace.signature);
foreach (string word in wordsFromSignature)
{
// var sourceO2Trace = new O2Trace("OunceLabs: " + word);
// var sinkO2Trace = new O2Trace("OunceLabs: " + variableName);
// sinkO2Trace.childTraces.Add(o2Finding.o2Trace);
// sourceO2Trace.childTraces.Add(sinkO2Trace);
var newO2Finding = new O2Finding();
newO2Finding.o2Traces = o2Finding.o2Traces;
newO2Finding.vulnName = word + "_" + variableName;
newO2Finding.vulnType = "ASP.NET Attack Surface";
results.Add(newO2Finding);
}
}
}
// PublicDI.log.info(" " + o2Finding.getSource + " -> " + o2Finding.getSource.context + "\n\n");
}
}
return(results);
}
public static void showO2FindingInDataGridView(O2Finding o2Finding, DataGridView dataGridView)
{
}