//"Glue WebInspect -> Ounce Finding (Sql Injection)";
public static List <IO2Finding> glueOnTraceNames(IO2AssessmentLoad o2AssessmentLoad, String ozasmtWithSinks, String ozasmtWithSoures, string gluedFindingVulnType)
{
var o2AssessmentOfOzasmtWithSinks = new O2Assessment(o2AssessmentLoad, ozasmtWithSinks);
var o2AssessmentOfOzasmtWithSources = new O2Assessment(o2AssessmentLoad, ozasmtWithSoures);
return(glueOnTraceNames(o2AssessmentOfOzasmtWithSinks.o2Findings, o2AssessmentOfOzasmtWithSources.o2Findings, gluedFindingVulnType));
}
public Thread loadO2Assessment(IO2AssessmentLoad o2AssessmentLoad, string pathToFileToLoad)
{
if (o2AssessmentLoad == null || false == File.Exists(pathToFileToLoad))
{
this.invokeOnThread(() => laLoadingDroppedFile.Visible = false);
return(null);
}
return(O2Thread.mtaThread(() =>
{
this.invokeOnThread(() => laLoadingDroppedFile.Visible = true);
var o2Assemment = new O2Assessment(o2AssessmentLoad, pathToFileToLoad);
// load this on another thread
var sync = new AutoResetEvent(false);
this.invokeOnThread(() => // and then complete it on the controls thread
{
loadO2Assessment(o2Assemment);
tbSavedFileName.Text =
(cbClearOnOzasmtDrop.Checked)
? pathToFileToLoad
: PublicDI.config.TempFileNameInTempDirectory + "_" + Path.GetFileName(pathToFileToLoad);
laLoadingDroppedFile.Visible = false;
sync.Set();
});
sync.WaitOne();
}));
}
public Task_LoadAssessmentFiles(IO2AssessmentLoad _o2AssessmentLoad, List<string> ozasmtFiles)
{
o2AssessmentLoad = _o2AssessmentLoad;
sourceType = typeof (List<string>);
resultsType = typeof (O2Assessment);
sourceObject = ozasmtFiles;
taskName = "Load Asssessment File";
}
public Task_LoadAssessmentFiles(IO2AssessmentLoad _o2AssessmentLoad, List <string> ozasmtFiles)
{
o2AssessmentLoad = _o2AssessmentLoad;
sourceType = typeof(List <string>);
resultsType = typeof(O2Assessment);
sourceObject = ozasmtFiles;
taskName = "Load Asssessment File";
}
public static bool addO2AssessmentLoadEngine_static(IO2AssessmentLoad o2AssessmentLoad)
{
foreach (var loadedEngine in o2AssessmentLoadEngines)
if (loadedEngine.typeFullName() == o2AssessmentLoad.typeFullName())
return false;
o2AssessmentLoadEngines.Add(o2AssessmentLoad);
return true;
}
public static bool addO2AssessmentLoadEngine_static(IO2AssessmentLoad o2AssessmentLoad)
{
foreach (var loadedEngine in o2AssessmentLoadEngines)
{
if (loadedEngine.typeFullName() == o2AssessmentLoad.typeFullName())
{
return(false);
}
}
o2AssessmentLoadEngines.Add(o2AssessmentLoad);
return(true);
}
public bool loadOzastFilesUsingEngine(IO2AssessmentLoad o2LoadEngineToUse, string fileToLoad, bool expectLoadFail)
{
DI.log.info("Loading file {0} using engine {1}",Path.GetFileName(fileToLoad), o2LoadEngineToUse.engineName);
var timer = new O2Timer("File loaded").start();
var o2Assessment = o2LoadEngineToUse.loadFile(fileToLoad);
if (expectLoadFail)
Assert.That(o2Assessment == null ,"on this file for this engine the, o2Assessment was expected to be null");
else
{
Assert.That(o2Assessment != null, "o2Assessment was null");
Assert.That(o2Assessment.o2Findings.Count > 0, "o2Assessment.o2Findings.Count == 0");
DI.log.info("There were {0} findings in file loaded: {0}", o2Assessment.o2Findings.Count);
}
timer.stop();
return true;
}
public static List <IO2Finding> glueTraceSinkWithSources(IO2AssessmentLoad o2AssessmentLoad, String ozasmtWithSinks, String ozasmtWithSoures)
{
var results = new List <IO2Finding>();
Dictionary <string, List <IO2Trace> > o2TracesWithSources = OzasmtUtils.getDictionaryWithO2AllSubTraces(o2AssessmentLoad, ozasmtWithSoures);
foreach (IO2Finding o2FindingWithSink in new O2Assessment(o2AssessmentLoad, ozasmtWithSinks).o2Findings)
{
string sinkToFind = OzasmtUtils.getKnownSink(o2FindingWithSink.o2Traces).signature;
if (o2TracesWithSources.ContainsKey(sinkToFind))
{
foreach (IO2Trace o2TraceWithSourcre in o2TracesWithSources[sinkToFind])
{
results.Add(createCopyAndGlueTraceSinkWithSource(o2FindingWithSink, o2TraceWithSourcre));
}
}
}
return(results);
}
public bool loadOzastFilesUsingEngine(IO2AssessmentLoad o2LoadEngineToUse, string fileToLoad, bool expectLoadFail)
{
DI.log.info("Loading file {0} using engine {1}", Path.GetFileName(fileToLoad), o2LoadEngineToUse.engineName);
var timer = new O2Timer("File loaded").start();
var o2Assessment = o2LoadEngineToUse.loadFile(fileToLoad);
if (expectLoadFail)
{
Assert.That(o2Assessment == null, "on this file for this engine the, o2Assessment was expected to be null");
}
else
{
Assert.That(o2Assessment != null, "o2Assessment was null");
Assert.That(o2Assessment.o2Findings.Count > 0, "o2Assessment.o2Findings.Count == 0");
DI.log.info("There were {0} findings in file loaded: {0}", o2Assessment.o2Findings.Count);
}
timer.stop();
return(true);
}
public static void addO2AssessmentLoadEngine_static(IO2AssessmentLoad o2AssessmentLoad)
{
o2AssessmentLoadEngines.Add(o2AssessmentLoad);
}
//"Glue WebInspect -> Ounce Finding (Sql Injection)";
public static List<IO2Finding> glueOnTraceNames(IO2AssessmentLoad o2AssessmentLoad, String ozasmtWithSinks, String ozasmtWithSoures, string gluedFindingVulnType)
{
var o2AssessmentOfOzasmtWithSinks = new O2Assessment(o2AssessmentLoad,ozasmtWithSinks);
var o2AssessmentOfOzasmtWithSources = new O2Assessment (o2AssessmentLoad,ozasmtWithSoures);
return glueOnTraceNames(o2AssessmentOfOzasmtWithSinks.o2Findings, o2AssessmentOfOzasmtWithSources.o2Findings, gluedFindingVulnType);
}
public static List<IO2Finding> glueTraceSinkWithSources(IO2AssessmentLoad o2AssessmentLoad,String ozasmtWithSinks, String ozasmtWithSoures)
{
var results = new List<IO2Finding>();
Dictionary<string, List<IO2Trace>> o2TracesWithSources = OzasmtUtils.getDictionaryWithO2AllSubTraces(o2AssessmentLoad,ozasmtWithSoures);
foreach (IO2Finding o2FindingWithSink in new O2Assessment(o2AssessmentLoad, ozasmtWithSinks).o2Findings)
{
string sinkToFind = OzasmtUtils.getKnownSink(o2FindingWithSink.o2Traces).signature;
if (o2TracesWithSources.ContainsKey(sinkToFind))
{
foreach (IO2Trace o2TraceWithSourcre in o2TracesWithSources[sinkToFind])
results.Add(createCopyAndGlueTraceSinkWithSource(o2FindingWithSink, o2TraceWithSourcre));
}
}
return results;
}
public Task_LoadAssessmentFiles(IO2AssessmentLoad _o2AssessmentLoad, string ozasmtFile)
: this(_o2AssessmentLoad, new List<string>(new[] { ozasmtFile }))
{
o2AssessmentLoad = _o2AssessmentLoad;
}
public O2Assessment(IO2AssessmentLoad o2AssessmentLoad, string sPathToAssessmentToOpen)
: this()
{
o2AssessmentLoad.importFile(sPathToAssessmentToOpen, this);
}
public static void mapXmlFilesToFindings(string pathToClassFiles, string pathToRootClassFolder, string pathToOzasmtFile, IO2AssessmentLoad o2AssessmentLoad)
{
var attributeXmlFiles = getAttributeXmlFiles(pathToClassFiles, pathToRootClassFolder);
var o2Assessment = new O2Assessment(o2AssessmentLoad, pathToOzasmtFile);
mapJavaAttributesToTraces(o2Assessment, attributeXmlFiles);
}
public Thread loadO2Assessment(IO2AssessmentLoad o2AssessmentLoad, string pathToFileToLoad)
{
if (o2AssessmentLoad == null || false == File.Exists(pathToFileToLoad))
{
this.invokeOnThread(() => laLoadingDroppedFile.Visible = false);
return null;
}
return O2Thread.mtaThread(() =>
{
this.invokeOnThread(() => laLoadingDroppedFile.Visible = true);
var o2Assemment = new O2Assessment(o2AssessmentLoad, pathToFileToLoad);
// load this on another thread
var sync = new AutoResetEvent(false);
this.invokeOnThread(() => // and then complete it on the controls thread
{
loadO2Assessment(o2Assemment);
tbSavedFileName.Text =
(cbClearOnOzasmtDrop.Checked)
? pathToFileToLoad
: DI.config.TempFileNameInTempDirectory + "_" + Path.GetFileName(pathToFileToLoad);
laLoadingDroppedFile.Visible = false;
sync.Set();
});
sync.WaitOne();
});
}
public void addO2AssessmentLoadEngine(IO2AssessmentLoad o2AssessmentLoad)
{
o2AssessmentLoadEngines.Add(o2AssessmentLoad);
laNoAssessmentLoadEnginesLoaded.Visible = false;
}
// not working at the moment since the .Net XsmlSerializer doesn't support Interfaces (prob we will need to use the WCF serializer)
/*
public static string createSerializedXmlStringFromO2Finding(IO2Finding o2FindingToSerialize)
{
return Serialize.createSerializedXmlStringFromObject(o2FindingToSerialize, new [] { typeof(O2Trace), typeof(List<O2Trace>)} );
}*/
public static Dictionary<String, List<IO2Trace>> getDictionaryWithO2AllSubTraces(IO2AssessmentLoad o2AssessmentLoad, String assessmentFile)
{
return getDictionaryWithO2AllSubTraces(new O2Assessment(o2AssessmentLoad, assessmentFile), false /*uniqueList*/);
}
public O2Assessment(IO2AssessmentLoad o2AssessmentLoad, string sPathToAssessmentToOpen)
: this()
{
o2AssessmentLoad.importFile(sPathToAssessmentToOpen, this);
}
public Task_LoadAssessmentFiles(IO2AssessmentLoad _o2AssessmentLoad, string ozasmtFile)
: this(_o2AssessmentLoad, new List <string>(new[] { ozasmtFile }))
{
o2AssessmentLoad = _o2AssessmentLoad;
}
// not working at the moment since the .Net XsmlSerializer doesn't support Interfaces (prob we will need to use the WCF serializer)
/*
* public static string createSerializedXmlStringFromO2Finding(IO2Finding o2FindingToSerialize)
* {
* return Serialize.createSerializedXmlStringFromObject(o2FindingToSerialize, new [] { typeof(O2Trace), typeof(List<O2Trace>)} );
* }*/
public static Dictionary <String, List <IO2Trace> > getDictionaryWithO2AllSubTraces(IO2AssessmentLoad o2AssessmentLoad, String assessmentFile)
{
return(getDictionaryWithO2AllSubTraces(new O2Assessment(o2AssessmentLoad, assessmentFile), false /*uniqueList*/));
}
public static void addO2AssessmentLoadEngine_static(IO2AssessmentLoad o2AssessmentLoad)
{
o2AssessmentLoadEngines.Add(o2AssessmentLoad);
}
public static void mapXmlFilesToFindings(string pathToClassFiles, string pathToRootClassFolder, string pathToOzasmtFile, IO2AssessmentLoad o2AssessmentLoad)
{
var attributeXmlFiles = getAttributeXmlFiles(pathToClassFiles, pathToRootClassFolder);
var o2Assessment = new O2Assessment (o2AssessmentLoad,pathToOzasmtFile);
mapJavaAttributesToTraces(o2Assessment, attributeXmlFiles);
}
public void addO2AssessmentLoadEngine(IO2AssessmentLoad o2AssessmentLoad)
{
o2AssessmentLoadEngines.Add(o2AssessmentLoad);
laNoAssessmentLoadEnginesLoaded.Visible = false;
}
