public static void proccessLoadedFilesIntoO2TraceBlockDictionary(Dictionary <String, O2TraceBlock_OunceV6> dO2TraceBlock,
List <O2AssessmentData_OunceV6> lO2AssessmentData,
bool bMakeAllLostSinksIntoKnownSinks)
{
foreach (O2AssessmentData_OunceV6 oadO2AssessmentData in lO2AssessmentData)
{
if (bMakeAllLostSinksIntoKnownSinks)
{
onSavedAssessmentData.MakeAllLostSinksIntoKnownSinks(oadO2AssessmentData);
}
foreach (AssessmentAssessmentFileFinding fFinding in oadO2AssessmentData.dFindings.Keys)
{
O2TraceBlock_OunceV6 tbToGlueSource = getTraceBlockToGlueFinding(fFinding, TraceType.Source,
oadO2AssessmentData, dO2TraceBlock);
if (tbToGlueSource != null)
{
tbToGlueSource.dSinks.Add(fFinding, oadO2AssessmentData);
}
O2TraceBlock_OunceV6 tbToGlueSink = getTraceBlockToGlueFinding(fFinding, TraceType.Known_Sink,
oadO2AssessmentData, dO2TraceBlock);
if (tbToGlueSink != null)
{
tbToGlueSink.dSources.Add(fFinding, oadO2AssessmentData);
}
}
}
}
public static void addFindingAsGlueTrace(O2TraceBlock_OunceV6 otbO2TraceBlockOunceV6WithTracesToGlue,
AssessmentAssessmentFileFinding fFinding,
O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6, TreeView tvRawData,
bool bAddGluedTracesAsRealTraces)
{
String sUniqueSignature = analyzer.getUniqueSignature(fFinding, TraceType.Known_Sink,
oadO2AssessmentDataOunceV6, true);
var otbO2TraceBlockWithTracesToReceiveTraces = (O2TraceBlock_OunceV6)tvRawData.Nodes[sUniqueSignature].Tag;
foreach (AssessmentAssessmentFileFinding fFindingToGlue in otbO2TraceBlockOunceV6WithTracesToGlue.dSinks.Keys)
{
if (false == otbO2TraceBlockWithTracesToReceiveTraces.dGluedSinks.ContainsKey(fFindingToGlue))
{
otbO2TraceBlockWithTracesToReceiveTraces.dGluedSinks.Add(fFindingToGlue,
otbO2TraceBlockOunceV6WithTracesToGlue.dSinks[
fFindingToGlue]);
}
if (bAddGluedTracesAsRealTraces) // so that the traces show in the Raw View list
{
if (false == otbO2TraceBlockWithTracesToReceiveTraces.dSinks.ContainsKey(fFindingToGlue))
{
otbO2TraceBlockWithTracesToReceiveTraces.dSinks.Add(fFindingToGlue,
otbO2TraceBlockOunceV6WithTracesToGlue.dSinks[
fFindingToGlue]);
}
}
}
}
public static void calculateO2TraceBlocksIntoTreeView(Dictionary <String, O2TraceBlock_OunceV6> dO2TraceBlock,
ref TreeView tvTargetTreeView)
{
DI.log.info("incalculateO2TraceBlocksIntoTreeView: {0}", dO2TraceBlock.Keys.Count);
O2Timer tTimer = new O2Timer("Calculating Raw Data TreeView").start();
tvTargetTreeView = new TreeView();
var itemsProcessed = 0;
var itemsToProcess = dO2TraceBlock.Keys.Count;
var updateInterval = 1000;
foreach (var sSignature in dO2TraceBlock.Keys)
{
if (itemsProcessed++ % updateInterval == 0)
{
DI.log.info("[{0}/{1}]", itemsProcessed, itemsToProcess);
}
O2TraceBlock_OunceV6 otdO2TraceBlockOunceV6 = dO2TraceBlock[sSignature];
//String sRootNodeText = String.Format("{0} {1} {2}", otdO2TraceBlockOunceV6.sSignature, System.IO.Path.GetFileName(otdO2TraceBlockOunceV6.sFile),otdO2TraceBlockOunceV6.sLineNumber);
String sRootNodeText = String.Format("{0} {1} {2}", otdO2TraceBlockOunceV6.sSignature,
otdO2TraceBlockOunceV6.sFile, otdO2TraceBlockOunceV6.sLineNumber);
TreeNode tnRootNode = O2Forms.newTreeNode(sRootNodeText, sRootNodeText, 0, otdO2TraceBlockOunceV6);
// handle Sinks
TreeNode tnSinks = O2Forms.newTreeNode("Sinks", "Sinks", 0, null);
foreach (AssessmentAssessmentFileFinding fFinding in otdO2TraceBlockOunceV6.dSinks.Keys)
{
String sSink = getUniqueSignature(fFinding, TraceType.Known_Sink,
otdO2TraceBlockOunceV6.dSinks[fFinding], true);
// analysis.Analysis.getSink(fFinding, otdO2TraceBlockOunceV6.dSinks[fFinding]);
if (!string.IsNullOrEmpty(sSink) || sSink != sRootNodeText)
{
TreeNode tnSink = O2Forms.newTreeNode(sSink, sSink, 0, null);
tnSinks.Nodes.Add(tnSink);
}
}
tnRootNode.Nodes.Add(tnSinks);
TreeNode tnSources = O2Forms.newTreeNode("Sources", "Sources", 0, null);
foreach (AssessmentAssessmentFileFinding fFinding in otdO2TraceBlockOunceV6.dSources.Keys)
{
String sSource = getUniqueSignature(fFinding, TraceType.Source,
otdO2TraceBlockOunceV6.dSources[fFinding], true);
if (sSource == "" || sSource == null || sSource != sRootNodeText)
{
TreeNode tnSource = O2Forms.newTreeNode(sSource, sSource, 0, null);
tnSources.Nodes.Add(tnSource);
}
}
tnRootNode.Nodes.Add(tnSources);
tvTargetTreeView.Nodes.Add(tnRootNode);
}
DI.log.info("[{0}/{1}]", itemsProcessed, itemsToProcess);
//tvTargetTreeView.Sort(); // removed for performance reasons
//tvAllTraces.Nodes.AddRange(tvRawData.Nodes);
//tvAllTraces = tvRawData;
tTimer.stop();
DI.log.info("Tree View with Raw Data Calculated: It has {0} ({1}) Nodes (SubNodes)",
tvTargetTreeView.GetNodeCount(false), tvTargetTreeView.GetNodeCount(true));
}
public static List <String> GetTracesThatAreFromTheSameTraceSequence(O2TraceBlock_OunceV6 otbO2TraceBlockOunceV6Root,
O2TraceBlock_OunceV6 otbO2TraceBlockOunceV6Child,
String sKeyword)
{
var lsTracesFromSameSequence = new List <string>();
// TreeNode tnTreeForTrace_Root = new TreeNode();
// o2.analysis.Analysis.SmartTraceFilter stfSmartTraceFilter = o2.analysis.Analysis.SmartTraceFilter.MethodName;
// o2.analysis.Analysis.addCallsToNode_Recursive(otbO2TraceBlockOunceV6Root, tnTreeForTrace_Root, fviFindingViewItem.oadO2AssessmentDataOunceV6, stfSmartTraceFilter);
return(lsTracesFromSameSequence);
}
public static TreeNode getRootNodeToView(O2TraceBlock_OunceV6 otbO2TraceBlockOfRootNode, String sMode)
{
//var tnTreeNode = new TreeNode(sRootFunction);
var tnTreeNode = new TreeNode(otbO2TraceBlockOfRootNode.sUniqueName);
if (sMode == "Sinks")
{
Dictionary <AssessmentAssessmentFileFinding, O2AssessmentData_OunceV6> dSinks = otbO2TraceBlockOfRootNode.dSinks;
foreach (AssessmentAssessmentFileFinding fFinding in dSinks.Keys)
{
var fviFindingViewItem = new FindingViewItem(fFinding, fFinding.vuln_name, null, dSinks[fFinding]);
String sNodeText = analyzer.getUniqueSignature(fFinding, TraceType.Known_Sink,
dSinks[fFinding], true);
if (sNodeText != null)
{
TreeNode tnChildNode = O2Forms.newTreeNode(sNodeText, sNodeText, 0, fviFindingViewItem);
tnTreeNode.Nodes.Add(tnChildNode);
}
}
}
return(tnTreeNode);
}
public static bool addCompatibleTracesToNode_recursive(TreeNode tnTargetNode, FindingViewItem fviFindingViewItem,
O2TraceBlock_OunceV6 otbO2TraceBlockOunceV6OfToProcess,
String sMode,
Dictionary <String, O2TraceBlock_OunceV6> dRawData)
//TreeView tvRawData)
{
//TreeNode tnParentNode = O2Forms.getRootNode(tnTargetNode);
//int iNumberOfNodes = tnParentNode.GetNodeCount(true);
var iNumberOfNodes = O2Forms.getRootNode(tnTargetNode).GetNodeCount(true);
if (O2Forms.getRootNode(tnTargetNode).GetNodeCount(true) > 1500)
{
DI.log.info(String.Format("Max number of subnodes reached (250), aborting this root node: {0}",
O2Forms.getRootNode(tnTargetNode).Text));
return(false);
}
if (new StackTrace().FrameCount > 50)
{
DI.log.info(String.Format("Max StackTrace reached (50), aborting this leaf:{0}", tnTargetNode.Text));
return(false);
}
var tnTreeFor_Root = new TreeNode();
AnalysisUtils.addCallsToNode_Recursive(fviFindingViewItem.fFinding.Trace, tnTreeFor_Root,
fviFindingViewItem.oadO2AssessmentDataOunceV6,
Analysis.SmartTraceFilter.MethodName);
if (sMode == "Sinks")
{
// first add the normal sinks
foreach (AssessmentAssessmentFileFinding fFinding in otbO2TraceBlockOunceV6OfToProcess.dSinks.Keys)
{
var tnTreeFor_ChildTrace = new TreeNode();
var fviFindingViewItemForChildTrace = new FindingViewItem(fFinding,
fFinding.vuln_name ?? OzasmtUtils_OunceV6.getStringIndexValue(
UInt32.Parse(
fFinding.vuln_name_id),
otbO2TraceBlockOunceV6OfToProcess.
dSinks[fFinding]), null,
otbO2TraceBlockOunceV6OfToProcess.dSinks[fFinding
]);
AnalysisUtils.addCallsToNode_Recursive(fviFindingViewItemForChildTrace.fFinding.Trace,
tnTreeFor_ChildTrace,
fviFindingViewItemForChildTrace.oadO2AssessmentDataOunceV6,
Analysis.SmartTraceFilter.MethodName);
TreeNode tnRootNode_Sink = getTreeNodeOfTraceType_recursive(tnTreeFor_Root,
TraceType.Known_Sink);
TreeNode tnRootNode_Source = getTreeNodeOfTraceType_recursive(tnTreeFor_ChildTrace,
TraceType.Source);
if (AreNodesCompatible(tnRootNode_Sink, tnRootNode_Source))
{
String sNodeText = getUniqueSignature(fFinding, TraceType.Known_Sink,
otbO2TraceBlockOunceV6OfToProcess.dSinks[fFinding], true);
// ensures we don't add the same source more that once per line (needs to be more optimized
List <String> ltnAllNodesAddedSofar = O2Forms.getStringListWithAllParentNodesText(tnTargetNode);
if (false == ltnAllNodesAddedSofar.Contains(sNodeText))
{
if (sNodeText != tnTargetNode.Text) // don't add if the child call is the same as the parent
{
tnTargetNode.Nodes.Add(O2Forms.newTreeNode(sNodeText, sNodeText, 0,
fviFindingViewItemForChildTrace));
}
if (sNodeText == null)
{
return(false);
}
}
}
}
// then add the Glued Sinks
foreach (AssessmentAssessmentFileFinding fFinding in otbO2TraceBlockOunceV6OfToProcess.dGluedSinks.Keys)
{
var fviFindingViewItemForChildTrace = new FindingViewItem(fFinding,
fFinding.vuln_name ?? OzasmtUtils_OunceV6.getStringIndexValue(
UInt32.Parse(
fFinding.vuln_name_id),
otbO2TraceBlockOunceV6OfToProcess.
dGluedSinks[fFinding]), null,
otbO2TraceBlockOunceV6OfToProcess.dGluedSinks[
fFinding]);
String sNodeText = getUniqueSignature(fFinding, TraceType.Known_Sink,
otbO2TraceBlockOunceV6OfToProcess.dGluedSinks[fFinding], true);
tnTargetNode.Nodes.Add(O2Forms.newTreeNode(sNodeText, sNodeText, 0, fviFindingViewItemForChildTrace));
}
}
foreach (TreeNode tnChildNode in tnTargetNode.Nodes)
{
// int iNodeCount = tnChildNode.GetNodeCount(true);
// DI.log.info(iNodeCount + " " + tnChildNode.Text);
//if (tvRawData.Nodes[tnChildNode.Text] != null)
if (dRawData.ContainsKey(tnChildNode.Text))
{
// (now back to false) was true (check side effects)
if (false ==
addCompatibleTracesToNode_recursive(tnChildNode, (FindingViewItem)tnChildNode.Tag,
dRawData[tnChildNode.Text],
// (O2TraceBlock_OunceV6) tvRawData.Nodes[tnChildNode.Text].Tag,
"Sinks", dRawData))
{
//tvRawData))
return(false);
}
}
}
return(true);
}
