private static string fromAssessmentRunFileCreateNewFileWithUniqueTraces(string sPathToNewAssessmentFile, bool bDropDuplicateSmartTraces, bool bIgnoreRootCallInvocation) { string sTargetFilename; DI.log.debug("Create file with unique traces"); // O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6NewFile = null; Analysis.loadAssessmentFile(sPathToNewAssessmentFile, false, ref oadO2AssessmentDataOunceV6NewFile); Analysis.FindingNameFormat ffnFindingNameFormat = Analysis.FindingNameFormat.FindingType; bool bChangeFindingData = false; var ffsmFilter = new AnalysisFilters.filter_FindSmartTraces(bDropDuplicateSmartTraces, bIgnoreRootCallInvocation, ffnFindingNameFormat, bChangeFindingData); AssessmentRun arFilteredAssessmentRun = Analysis.createFilteredAssessmentRunObjectBasedOnCriteria(ffsmFilter, oadO2AssessmentDataOunceV6NewFile); DI.log.debug("Completed process of filtering to remove duplicate findings"); sTargetFilename = sPathToNewAssessmentFile + "_UniqueTraces.ozasmt"; Analysis.saveFilteredAssessmentRun(arFilteredAssessmentRun, sTargetFilename, oadO2AssessmentDataOunceV6NewFile); return(sTargetFilename); }
public filter_FindSmartTraces(bool bDropDuplicateSmartTraces, bool bIgnoreRootCallInvocation, Analysis.FindingNameFormat ffnFindingNameFormat, bool bChangeFindingData) { this.bDropDuplicateSmartTraces = bDropDuplicateSmartTraces; this.bIgnoreRootCallInvocation = bIgnoreRootCallInvocation; this.ffnFindingNameFormat = ffnFindingNameFormat; this.bChangeFindingData = bChangeFindingData; }
public filter_FindSmartTrace_byID(UInt32 uSmartTraceCallID, TraceType tTraceType, bool bDropDuplicateSmartTraces, bool bIgnoreRootCallInvocation, Analysis.FindingNameFormat ffnFindingNameFormat, bool bChangeFindingData) { this.uSmartTraceCallID = uSmartTraceCallID; this.bDropDuplicateSmartTraces = bDropDuplicateSmartTraces; this.bIgnoreRootCallInvocation = bIgnoreRootCallInvocation; this.ffnFindingNameFormat = ffnFindingNameFormat; this.bChangeFindingData = bChangeFindingData; this.tTraceType = tTraceType; }
public filter_FindActionObject(String sActionObjectIdToFind, bool bDropFindingsWithNoTraces, bool bFilterDuplicateFindings, bool bIgnoreRootCallInvocation, Analysis.FindingNameFormat ffnFindingNameFormat, bool bChangeFindingData) { this.sActionObjectIdToFind = sActionObjectIdToFind; this.bDropFindingsWithNoTraces = bDropFindingsWithNoTraces; this.bFilterDuplicateFindings = bFilterDuplicateFindings; this.bIgnoreRootCallInvocation = bIgnoreRootCallInvocation; this.ffnFindingNameFormat = ffnFindingNameFormat; this.bChangeFindingData = bChangeFindingData; }
public static void createSavedAssessmentFileWith_LostSinks_Unique(String sPathToFindingsXmlFile_Source, String sPathToFindingsXmlFile_Target) { O2AssessmentData_OunceV6 fadO2AssessmentDataOunceV6 = null; bool bChangeFindingData = true; bool bVerbose = false; Analysis.loadAssessmentFile(sPathToFindingsXmlFile_Source, bVerbose, ref fadO2AssessmentDataOunceV6); Analysis.FindingNameFormat ffnFindingNameFormat = Analysis.FindingNameFormat.Sink; Analysis.createAssessmentFileWithLostSinks_OneExampleEach(sPathToFindingsXmlFile_Target, ffnFindingNameFormat, bChangeFindingData, fadO2AssessmentDataOunceV6); }
public void applyFindingNameFormat(AssessmentRun arAssessmentRun, AssessmentAssessmentFileFinding fFinding, Analysis.FindingNameFormat ffnFindingNameFormat) { switch (ffnFindingNameFormat) { case Analysis.FindingNameFormat.FindingType: // do nothing in these cases break; case Analysis.FindingNameFormat.FindingType_Sink: fFinding.vuln_type += " " + resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1); break; case Analysis.FindingNameFormat.FindingType_Source: fFinding.vuln_type += " " + resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1); break; case Analysis.FindingNameFormat.Sink: fFinding.vuln_type = " " + resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1); break; case Analysis.FindingNameFormat.Source: fFinding.vuln_type = " " + resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1); break; case Analysis.FindingNameFormat.Sink_Source: fFinding.vuln_type = resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1) + " " + resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1); break; case Analysis.FindingNameFormat.Source_Sink: fFinding.vuln_type = resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1) + " " + resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1); break; } }
public static List <String> getListOf_LostSinks_Unique(String sPathToSavedXmlFile, ref O2AssessmentData_OunceV6 fadO2AssessmentDataOunceV6) { var lMatches = new List <string>(); bool bChangeFindingData = false; Analysis.FindingNameFormat ffnFindingNameFormat = Analysis.FindingNameFormat.FindingType; var ffulsFilter = new AnalysisFilters.filter_FindUniqueLostSinks(ffnFindingNameFormat, bChangeFindingData); List <AssessmentAssessmentFileFinding> laaffFindings = getListOfFindingsUsingFilter(sPathToSavedXmlFile, ffulsFilter, ref fadO2AssessmentDataOunceV6); foreach (AssessmentAssessmentFileFinding aaffFinding in laaffFindings) { lMatches.Add(Analysis.getSmartTraceNameOfTraceType(aaffFinding.Trace, TraceType.Lost_Sink, fadO2AssessmentDataOunceV6)); } return(lMatches); }
public filter_FindUniqueLostSinks(Analysis.FindingNameFormat ffnFindingNameFormat, bool bChangeFindingData) { this.ffnFindingNameFormat = ffnFindingNameFormat; this.bChangeFindingData = bChangeFindingData; }