public override bool applyFilterAndPopulateList(AssessmentRun arAssessmentRun, AssessmentAssessmentFileFinding fFinding, List <AssessmentAssessmentFileFinding> lfFindingsThatMatchCriteria, List <AssessmentAssessmentFile> lafFilteredAssessmentFiles) { if (fFinding.Trace != null) { if (bChangeFindingData) // if required changed the name of this finding { applyFindingNameFormat(arAssessmentRun, fFinding, ffnFindingNameFormat); } if (bDropDuplicateSmartTraces) { return(filterDuplicateFindings(lafFilteredAssessmentFiles, lfFindingsThatMatchCriteria, fFinding, bIgnoreRootCallInvocation)); } else { lfFindingsThatMatchCriteria.Add(fFinding); return(true); } } return(false); }
public void addTreeNodeToComboxWithNodesToPlot(TreeNode tnTreeNodeToAdd, AssessmentAssessmentFileFinding fFinding, O2AssessmentData_OunceV6 fadAssessmentDataOunceV6) { try { if (false == cbGLEE_MultiNodes.Checked) { tvGLEE_NodesToGraph.Nodes.Clear(); } foreach (TreeNode tnTreeNode in tvGLEE_NodesToGraph.Nodes) { if (tnTreeNode.Tag == tnTreeNodeToAdd.Tag) { DI.log.debug("Trace was already in list of nodes to graph"); return; } } //lfFindingsToGraph.Add(fFinding); tvGLEE_NodesToGraph.Nodes.Add((TreeNode)tnTreeNodeToAdd.Clone()); // loadSmartTraceGraphInGleeViewer(fadO2AssessmentData); } catch (Exception ex) { DI.log.ex(ex, "in addTreeNodeToComboxWithNodesToPlot"); } }
public override bool applyFilterAndPopulateList(AssessmentRun arAssessmentRun, AssessmentAssessmentFileFinding fFinding, List <AssessmentAssessmentFileFinding> lfFindingsThatMatchCriteria, List <AssessmentAssessmentFile> lafFilteredAssessmentFiles) { if (fFinding.Trace != null) { int iLostSinkId = AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnSigId(fFinding.Trace, TraceType. Lost_Sink); if (iLostSinkId > 0) // need to figure out what happens when iLostSinkId =0 { if (false == iLostSinksProcessed.Contains(iLostSinkId)) { if (bChangeFindingData) // if required changed the name of this finding { applyFindingNameFormat(arAssessmentRun, fFinding, ffnFindingNameFormat); } lfFindingsThatMatchCriteria.Add(fFinding); iLostSinksProcessed.Add(iLostSinkId); return(true); } } } return(false); }
public static void addFindingAsGlueTrace(O2TraceBlock_OunceV6 otbO2TraceBlockOunceV6WithTracesToGlue, AssessmentAssessmentFileFinding fFinding, O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6, TreeView tvRawData, bool bAddGluedTracesAsRealTraces) { String sUniqueSignature = analyzer.getUniqueSignature(fFinding, TraceType.Known_Sink, oadO2AssessmentDataOunceV6, true); var otbO2TraceBlockWithTracesToReceiveTraces = (O2TraceBlock_OunceV6)tvRawData.Nodes[sUniqueSignature].Tag; foreach (AssessmentAssessmentFileFinding fFindingToGlue in otbO2TraceBlockOunceV6WithTracesToGlue.dSinks.Keys) { if (false == otbO2TraceBlockWithTracesToReceiveTraces.dGluedSinks.ContainsKey(fFindingToGlue)) { otbO2TraceBlockWithTracesToReceiveTraces.dGluedSinks.Add(fFindingToGlue, otbO2TraceBlockOunceV6WithTracesToGlue.dSinks[ fFindingToGlue]); } if (bAddGluedTracesAsRealTraces) // so that the traces show in the Raw View list { if (false == otbO2TraceBlockWithTracesToReceiveTraces.dSinks.ContainsKey(fFindingToGlue)) { otbO2TraceBlockWithTracesToReceiveTraces.dSinks.Add(fFindingToGlue, otbO2TraceBlockOunceV6WithTracesToGlue.dSinks[ fFindingToGlue]); } } } }
public override bool applyFilterAndPopulateList(AssessmentRun arAssessmentRun, AssessmentAssessmentFileFinding fFinding, List <AssessmentAssessmentFileFinding> lfFindingsThatMatchCriteria, List <AssessmentAssessmentFile> lafFilteredAssessmentFiles) { if (fFinding.Trace != null) { int iLostSinkId = AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnSigId(fFinding.Trace, TraceType. Lost_Sink); if (iLostSinkId > 0) // need to figure out what happens when iLostSinkId =0 { if (bChangeFindingData) // if required changed the name of this finding { applyFindingNameFormat(arAssessmentRun, fFinding, ffnFindingNameFormat); } if (bDropDuplicateSmartTraces) { return(filterDuplicateFindings(lafFilteredAssessmentFiles, lfFindingsThatMatchCriteria, fFinding, bIgnoreRootCallInvocation)); } else { lfFindingsThatMatchCriteria.Add(fFinding); return(true); } } } return(false); }
public static O2TraceBlock_OunceV6 getTraceBlockToGlueFinding(AssessmentAssessmentFileFinding fFinding, TraceType ttTraceType, O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6, Dictionary <String, O2TraceBlock_OunceV6> dO2TraceBlock) { CallInvocation ciCallInvocation = AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnCallInvocation(fFinding.Trace, ttTraceType); if (ciCallInvocation == null) { return(null); } String sSourceSignature = OzasmtUtils_OunceV6.getStringIndexValue(ciCallInvocation.sig_id, oadO2AssessmentDataOunceV6); String sFile = OzasmtUtils_OunceV6.getFileIndexValue(ciCallInvocation.fn_id, oadO2AssessmentDataOunceV6); String sLineNumber = ciCallInvocation.line_number.ToString(); String sTraceRootText = OzasmtUtils_OunceV6.getStringIndexValue(fFinding.Trace[0].sig_id, oadO2AssessmentDataOunceV6); String sUniqueName = String.Format("{0} {1} {2}", sSourceSignature, sFile, sLineNumber); // need to find a better way to clue the final sinks since at the moment I am getting a couple sinks trown by the cases when a sink also become a source of tainted data //String sUniqueName = String.Format("{0} {1} {2} {3}", sSourceSignature, sFile, sLineNumber, sTraceRootText); if (false == dO2TraceBlock.ContainsKey(sUniqueName)) { dO2TraceBlock.Add(sUniqueName, new O2TraceBlock_OunceV6()); dO2TraceBlock[sUniqueName].sSignature = sSourceSignature; dO2TraceBlock[sUniqueName].sFile = sFile; dO2TraceBlock[sUniqueName].sLineNumber = sLineNumber; dO2TraceBlock[sUniqueName].sTraceRootText = sTraceRootText; dO2TraceBlock[sUniqueName].sUniqueName = sUniqueName; } return(dO2TraceBlock[sUniqueName]); }
public virtual bool applyFilterAndPopulateList(AssessmentRun arAssessmentRun, AssessmentAssessmentFileFinding fFinding, List <AssessmentAssessmentFileFinding> lfFindingsThatMatchCriteria, List <AssessmentAssessmentFile> lafFilteredAssessmentFiles) { return(false); }
public static String getSource(AssessmentAssessmentFileFinding fFinding, O2AssessmentData_OunceV6 oadF1AssessmentDataOunceV6) { CallInvocation ciCallInvocation = AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnCallInvocation(fFinding.Trace, TraceType.Source); if (ciCallInvocation != null) { return(OzasmtUtils_OunceV6.getStringIndexValue(ciCallInvocation.sig_id, oadF1AssessmentDataOunceV6)); } return(""); }
//public static createNewO2AssessmentDataAndFindingFrom public static FindingViewItem createNewFindingViewItemFromFindingViewItem( FindingViewItem fviFindingViewItemToDuplicate) { var nfviNewFindingViewItem = new NewFindingViewItem(); AssessmentAssessmentFileFinding fNewFinding = nfviNewFindingViewItem.AddNewFindingFromExistingOne(fviFindingViewItemToDuplicate.fFinding, fviFindingViewItemToDuplicate.oadO2AssessmentDataOunceV6); nfviNewFindingViewItem.updateOadStringLists(); return(nfviNewFindingViewItem.getFindingViewItemForLastFindingAdded()); }
public static AssessmentAssessmentFileFinding createNewFindingFromExistingOne( AssessmentAssessmentFileFinding fOriginalFinding, Dictionary <String, UInt32> dNewStringIndex, Dictionary <String, UInt32> dNewFileIndex, O2AssessmentData_OunceV6 fadOriginalO2AssessmentDataOunceV6) { if (fOriginalFinding != null && fOriginalFinding.Trace != null) { var fFinding = new AssessmentAssessmentFileFinding(); fFinding.actionobject_id = fOriginalFinding.actionobject_id; fFinding.caller_name = fOriginalFinding.caller_name; //fFinding.caller_name_id = fOriginalFinding.caller_name_id; fFinding.caller_name_id = (fOriginalFinding.caller_name_id == null) ? null : updateNewAssessmentRunWithStringID( UInt32.Parse(fOriginalFinding.caller_name_id), dNewStringIndex, fadOriginalO2AssessmentDataOunceV6).ToString(); fFinding.confidence = fOriginalFinding.confidence; fFinding.context = fOriginalFinding.context; fFinding.exclude = fOriginalFinding.exclude; fFinding.line_number = fOriginalFinding.line_number; fFinding.ordinal = fOriginalFinding.ordinal; fFinding.project_name = fOriginalFinding.project_name; fFinding.property_ids = fOriginalFinding.property_ids; fFinding.record_id = fOriginalFinding.record_id; fFinding.severity = fOriginalFinding.severity; fFinding.Text = fOriginalFinding.Text; fFinding.vuln_name = fOriginalFinding.vuln_name; fFinding.vuln_name_id = (fOriginalFinding.vuln_name_id == null) ? null : updateNewAssessmentRunWithStringID( UInt32.Parse(fOriginalFinding.vuln_name_id), dNewStringIndex, fadOriginalO2AssessmentDataOunceV6).ToString(); fFinding.vuln_type = fOriginalFinding.vuln_type; fFinding.vuln_type_id = (fOriginalFinding.vuln_type_id == null) ? null : updateNewAssessmentRunWithStringID( UInt32.Parse(fOriginalFinding.vuln_type_id), dNewStringIndex, fadOriginalO2AssessmentDataOunceV6).ToString(); //fFinding.vuln_name = (fOriginalFinding.vuln_name != null) ? fOriginalFinding.vuln_name : Analysis.getStringIndexValue(UInt32.Parse(fOriginalFinding.vuln_name_id), fadOriginalO2AssessmentDataOunceV6); //fFinding.vuln_type = (fOriginalFinding.vuln_type != null) ? fOriginalFinding.vuln_type : Analysis.getStringIndexValue(UInt32.Parse(fOriginalFinding.vuln_type_id), fadOriginalO2AssessmentDataOunceV6); var lciNewCallInvocation = new List <CallInvocation>(); // fOriginalFinding.Trace = updateAssessmentRunWithTraceReferences_recursive(lciNewCallInvocation, fOriginalFinding.Trace, dNewStringIndex, dNewFileIndex, fadOriginalO2AssessmentDataOunceV6); fFinding.Trace = updateAssessmentRunWithTraceReferences_recursive(lciNewCallInvocation, fOriginalFinding.Trace, dNewStringIndex, dNewFileIndex, fadOriginalO2AssessmentDataOunceV6); return(fFinding); } return(fOriginalFinding); }
public bool filterDuplicateFindings(List <AssessmentAssessmentFile> lafFilteredAssessmentFiles, List <AssessmentAssessmentFileFinding> lfFindingsThatMatchCriteria, AssessmentAssessmentFileFinding fNewFinding, bool bIgnoreRootCallInvocation) { // search the current temp list of Findings (for the current file foreach (AssessmentAssessmentFileFinding fFinding in lfFindingsThatMatchCriteria) { if (fFinding.Trace != null && fFinding.Trace != null) { if (areCallInvoctionObjectsEqual(fFinding.Trace[0], fNewFinding.Trace[0], bIgnoreRootCallInvocation)) { // bIgnoreRootCallInvocation this will remove all SmartTraces where only the root item (at the top) is different return(false); // we found an equal so return } } } // and if there are other AssessmentFiles already process it, also analyze them if (lafFilteredAssessmentFiles != null && lafFilteredAssessmentFiles.Count > 0) { foreach (AssessmentAssessmentFile afAssessmentFile in lafFilteredAssessmentFiles) { foreach (AssessmentAssessmentFileFinding fFinding in afAssessmentFile.Finding) { if (fFinding.Trace != null && fFinding.Trace != null) { if (areCallInvoctionObjectsEqual(fFinding.Trace[0], fNewFinding.Trace[0], bIgnoreRootCallInvocation)) { // bIgnoreRootCallInvocation this will remove all SmartTraces where only the root item (at the top) is different return(false); } } } } // we found an equal so return } // if we make it this far, means that the current smart trace is unique lfFindingsThatMatchCriteria.Add(fNewFinding); // only add the different ones*/ return(true); }
public void applyFindingNameFormat(AssessmentRun arAssessmentRun, AssessmentAssessmentFileFinding fFinding, Analysis.FindingNameFormat ffnFindingNameFormat) { switch (ffnFindingNameFormat) { case Analysis.FindingNameFormat.FindingType: // do nothing in these cases break; case Analysis.FindingNameFormat.FindingType_Sink: fFinding.vuln_type += " " + resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1); break; case Analysis.FindingNameFormat.FindingType_Source: fFinding.vuln_type += " " + resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1); break; case Analysis.FindingNameFormat.Sink: fFinding.vuln_type = " " + resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1); break; case Analysis.FindingNameFormat.Source: fFinding.vuln_type = " " + resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1); break; case Analysis.FindingNameFormat.Sink_Source: fFinding.vuln_type = resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1) + " " + resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1); break; case Analysis.FindingNameFormat.Source_Sink: fFinding.vuln_type = resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1) + " " + resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1); break; } }
public AssessmentAssessmentFileFinding AddNewFindingFromExistingOne( AssessmentAssessmentFileFinding fFinding, O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6) { AssessmentAssessmentFileFinding fNewFinding = createNewFindingFromExistingOne(fFinding, dNewStringIndex, dNewFileIndex, oadO2AssessmentDataOunceV6); lfNewFindinds.Add(fNewFinding); //AssessmentAssessmentFile fNewFile = AnalysisSearch.createNewAssessmentFileFromExistingOne(fviJoinAtSink.oadO2AssessmentDataOunceV6.dFindings[fviJoinAtSink.fFinding]); AssessmentAssessmentFile fNewFile = createNewAssessmentFileFromExistingOne(oadO2AssessmentDataOunceV6.dFindings[fFinding]); fNewFile.Finding = new[] { fNewFinding }; oadNewO2AssessmentDataOunceV6.dFindings = new Dictionary <AssessmentAssessmentFileFinding, AssessmentAssessmentFile>(); oadNewO2AssessmentDataOunceV6.dFindings.Add(fNewFinding, fNewFile); fLastFindingAdded = fNewFinding; return(fNewFinding); }
public override bool applyFilterAndPopulateList(AssessmentRun arAssessmentRun, AssessmentAssessmentFileFinding fFinding, List <AssessmentAssessmentFileFinding> lfFindingsThatMatchCriteria, List <AssessmentAssessmentFile> lafFilteredAssessmentFiles) { if (sActionObjectIdToFind == fFinding.actionobject_id.ToString()) // and the actionObject matches the filter { if (false == bDropFindingsWithNoTraces) { lfFindingsThatMatchCriteria.Add(fFinding); // always add to the list when bDropFindingsWithNoTraces is false return(true); } else if (null != fFinding.Trace) // when bDropFindingsWithNoTraces only add the ones with traces { if (bChangeFindingData) // if required changed the name of this finding { applyFindingNameFormat(arAssessmentRun, fFinding, ffnFindingNameFormat); } if (bFilterDuplicateFindings) { // and if bFilterDuplicateFindings is true, consolidate the Trace into similar ones return(filterDuplicateFindings(lafFilteredAssessmentFiles, lfFindingsThatMatchCriteria, fFinding, bIgnoreRootCallInvocation)); } else { lfFindingsThatMatchCriteria.Add(fFinding); return(true); } } } return(false); }
public static String getUniqueSignature(AssessmentAssessmentFileFinding fFinding, TraceType ttTraceType, O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6, bool bShowFullPathForFileName) { CallInvocation ciCallInvocation = AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnCallInvocation(fFinding.Trace, ttTraceType); if (ciCallInvocation == null) { return(null); } String sSourceSignature = OzasmtUtils_OunceV6.getStringIndexValue(ciCallInvocation.sig_id, oadO2AssessmentDataOunceV6); String sFile = OzasmtUtils_OunceV6.getFileIndexValue(ciCallInvocation.fn_id, oadO2AssessmentDataOunceV6); String sLineNumber = ciCallInvocation.line_number.ToString(); if (bShowFullPathForFileName) { return(String.Format("{0} {1} {2}", sSourceSignature, sFile, sLineNumber)); } else { return(String.Format("{0} {1} {2}", sSourceSignature, Path.GetFileName(sFile), sLineNumber)); } }
public static FindingViewItem connectTwoFindingNewItems(FindingViewItem fviJoinAtSink, FindingViewItem fviJoinAtSource) { var nfviNewFindingViewItem = new NewFindingViewItem(); AssessmentAssessmentFileFinding fNewFinding = nfviNewFindingViewItem.AddNewFindingFromExistingOne(fviJoinAtSink.fFinding, fviJoinAtSink.oadO2AssessmentDataOunceV6); if (false == nfviNewFindingViewItem.appendTrace_FindingSourceToFindingSink(fNewFinding, fviJoinAtSource)) { /* DI.log.info("___ appendTrace_FindingSourceToFindingSink error, happened for Source: {0}", o2.analysis.Analysis.getSource(fNewFinding, fviJoinAtSink.oadO2AssessmentDataOunceV6)); * CallInvocation ciSink = AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnCallInvocation(fNewFinding.Trace, Analysis.TraceType.Known_Sink); * if (ciSink != null) * DI.log.info("appendTrace_FindingSourceToFindingSink error, happened for Sink: {0}", Analysis.getStringIndexValue(ciSink.sig_id,fviJoinAtSink.oadO2AssessmentDataOunceV6)); * return null;*/ } // oadNewO2AssessmentDataOunceV6.arAssessmentRun.Assessment = new AssessmentRunAssessment(); nfviNewFindingViewItem.updateOadStringLists(); return(nfviNewFindingViewItem.getFindingViewItemForLastFindingAdded()); }
//public void addNodeToGraph(TreeNode tnNodeToAdd) public void addNodeToGraph(TreeNode tnNodeToAdd, AssessmentAssessmentFileFinding fFinding) { //lfFindingsToGraph.Add(fFinding); tvGLEE_NodesToGraph.Nodes.Add(tnNodeToAdd); }
public static void showFindingDetailsInDataGridView(DataGridView dgvDataGridView, AssessmentAssessmentFileFinding fSelectedFinding, O2AssessmentData_OunceV6 oadAssessmentDataOunceV6) { try { dgvDataGridView.Columns.Clear(); O2Forms.addToDataGridView_Column(dgvDataGridView, "Name", 90); O2Forms.addToDataGridView_Column(dgvDataGridView, "Value", -1); dgvDataGridView.Rows.Add("vuln Name", fSelectedFinding.vuln_name ?? OzasmtUtils_OunceV6.getStringIndexValue(UInt32.Parse(fSelectedFinding.vuln_name_id), oadAssessmentDataOunceV6)); dgvDataGridView.Rows.Add("Vuln Type", fSelectedFinding.vuln_type ?? OzasmtUtils_OunceV6.getStringIndexValue(UInt32.Parse(fSelectedFinding.vuln_type_id), oadAssessmentDataOunceV6)); dgvDataGridView.Rows.Add("Caller Name", fSelectedFinding.caller_name ?? ((fSelectedFinding.caller_name_id != null) ? OzasmtUtils_OunceV6.getStringIndexValue( UInt32.Parse(fSelectedFinding.caller_name_id), oadAssessmentDataOunceV6) : "")); dgvDataGridView.Rows.Add("Context", fSelectedFinding.context ?? ((fSelectedFinding.cxt_id != null) ? OzasmtUtils_OunceV6.getStringIndexValue( UInt32.Parse(fSelectedFinding.cxt_id), oadAssessmentDataOunceV6) : "")); dgvDataGridView.Rows.Add("Severity", fSelectedFinding.severity.ToString()); dgvDataGridView.Rows.Add("Confidence", fSelectedFinding.confidence.ToString()); dgvDataGridView.Rows.Add("Action Object Id", fSelectedFinding.actionobject_id.ToString()); dgvDataGridView.Rows.Add("Project", (fSelectedFinding.project_name != null) ? fSelectedFinding.project_name : (fSelectedFinding.project_name_id != null) ? OzasmtUtils_OunceV6.getStringIndexValue( UInt32.Parse(fSelectedFinding.project_name_id), oadAssessmentDataOunceV6) : ""); dgvDataGridView.Rows.Add("Column Number", fSelectedFinding.column_number.ToString()); dgvDataGridView.Rows.Add("Line Number", fSelectedFinding.line_number.ToString()); dgvDataGridView.Rows.Add("Ordinal", fSelectedFinding.ordinal.ToString()); dgvDataGridView.Rows.Add("Exclude", fSelectedFinding.exclude.ToString()); dgvDataGridView.Rows.Add("Property IDs", fSelectedFinding.property_ids); dgvDataGridView.Rows.Add("Record ID", fSelectedFinding.record_id.ToString()); if (fSelectedFinding.Text != null) { var sbText = new StringBuilder(); foreach (String sLine in fSelectedFinding.Text) { sbText.AppendLine(sLine); } dgvDataGridView.Rows.Add("Text", sbText.ToString()); } if (fSelectedFinding.Trace != null) { dgvDataGridView.Rows.Add("Trace", "Yes"); } else { dgvDataGridView.Rows.Add("Trace", "No"); } // dgvFindingData.Rows.Add("Action Object", Lddb.getActionObjectName(fSelectedFinding.actionobject_id.ToString())); } catch (Exception ex) { DI.log.error("in showFindingDetailsInDataGridView :{0}", ex.Message); } }
public static void createAssessmentFileWithVirtualTraces_fromTwoSourceAssessmentFiles(String sAssessmentFile1, String sAssessmentFile2, String sTargetFile) { O2AssessmentData_OunceV6 fadF1AssessmentData_sAssessmentFile1 = null; O2AssessmentData_OunceV6 fadF1AssessmentData_sAssessmentFile2 = null; // get list of traces with List <AssessmentAssessmentFileFinding> lfFindingsWithTraces_sAssessmentFile2 = AnalysisUtils.getListOfAllFindingsWithTraces(sAssessmentFile2, ref fadF1AssessmentData_sAssessmentFile2); // calculate traces to join var dTracesToAppend = new Dictionary <String, List <CallInvocation> >(); foreach (AssessmentAssessmentFileFinding fFinding in lfFindingsWithTraces_sAssessmentFile2) { if (fFinding.Trace != null && fFinding.Trace[0] != null && fFinding.Trace[0].CallInvocation1 != null && fFinding.Trace[0].CallInvocation1.Length > 1) { if ( OzasmtUtils_OunceV6.getStringIndexValue(fFinding.Trace[0].CallInvocation1[0].sig_id, fadF1AssessmentData_sAssessmentFile2).IndexOf( sExternalSourceString) > -1) { String sSignatureOfCallbackFunction = OzasmtUtils_OunceV6.getStringIndexValue(fFinding.Trace[0].CallInvocation1[1].sig_id, fadF1AssessmentData_sAssessmentFile2); if (false == dTracesToAppend.ContainsKey(sSignatureOfCallbackFunction)) { dTracesToAppend.Add(sSignatureOfCallbackFunction, new List <CallInvocation>()); } dTracesToAppend[sSignatureOfCallbackFunction].Add(fFinding.Trace[0].CallInvocation1[1]); } } } // get sinks to append traces List <String> lsSinks_sAssessmentFile1 = AnalysisAssessmentFile.getListOf_KnownSinks(sAssessmentFile1, ref fadF1AssessmentData_sAssessmentFile1); Analysis.populateDictionariesWithXrefsToLoadedAssessment(Analysis.FindingFilter.SmartTraces, true, true, fadF1AssessmentData_sAssessmentFile1); var dNewStringIndex = new Dictionary <String, UInt32>(); foreach ( AssessmentRunStringIndex siStringIndex in fadF1AssessmentData_sAssessmentFile1.arAssessmentRun.StringIndeces) { dNewStringIndex.Add(siStringIndex.value, siStringIndex.id); } var dNewFileIndex = new Dictionary <String, UInt32>(); foreach (AssessmentRunFileIndex siStringIndex in fadF1AssessmentData_sAssessmentFile1.arAssessmentRun.FileIndeces) { dNewFileIndex.Add(siStringIndex.value, siStringIndex.id); } TraceType tTraceType = TraceType.Known_Sink; foreach (String sSink in lsSinks_sAssessmentFile1) { if (dTracesToAppend.ContainsKey(sSink)) { List <AssessmentAssessmentFileFinding> lfFindingsWithSink = AnalysisUtils.getListOfFindingsWithTraceAndSignature(sSink, tTraceType, fadF1AssessmentData_sAssessmentFile1); foreach (AssessmentAssessmentFileFinding fFindingToJoin in lfFindingsWithSink) { var lfNewFindinds = new List <AssessmentAssessmentFileFinding>(); foreach (CallInvocation ciCallInvocationToAppend in dTracesToAppend[sSink]) { // append trace AssessmentAssessmentFileFinding fNewFinding = createNewFindingFromExistingOne( fFindingToJoin, dNewStringIndex, dNewFileIndex, fadF1AssessmentData_sAssessmentFile1); CallInvocation ciSinkNode = AnalysisSearch.findTraceTypeAndSignatureInSmartTrace_Recursive_returnCallInvocation( fNewFinding.Trace, tTraceType, sSink, fadF1AssessmentData_sAssessmentFile1); ciSinkNode.trace_type = (int)TraceType.Source; var lciTempNewCallInvocation = new List <CallInvocation>(); // used by the recursive function ciSinkNode.CallInvocation1 = updateAssessmentRunWithTraceReferences_recursive( lciTempNewCallInvocation, //new CallInvocation[] { ciCallInvocationToAppend }, ciCallInvocationToAppend.CallInvocation1, dNewStringIndex, dNewFileIndex, fadF1AssessmentData_sAssessmentFile2); lfNewFindinds.Add(fNewFinding); } AssessmentAssessmentFile fFile = fadF1AssessmentData_sAssessmentFile1.dFindings[fFindingToJoin]; var lfFindingsInCurrentFile = new List <AssessmentAssessmentFileFinding>(fFile.Finding); lfFindingsInCurrentFile.Remove(fFindingToJoin); lfFindingsInCurrentFile.AddRange(lfNewFindinds); fFile.Finding = lfFindingsInCurrentFile.ToArray(); } } } // update indexes fadF1AssessmentData_sAssessmentFile1.arAssessmentRun.StringIndeces = OzasmtUtils_OunceV6.createStringIndexArrayFromDictionary(dNewStringIndex); fadF1AssessmentData_sAssessmentFile1.arAssessmentRun.FileIndeces = OzasmtUtils_OunceV6.createFileIndexArrayFromDictionary(dNewFileIndex); //String sTargetFile = config.getTempFileNameInF1TempDirectory(); OzasmtUtils_OunceV6.createSerializedXmlFileFromAssessmentRunObject( fadF1AssessmentData_sAssessmentFile1.arAssessmentRun, sTargetFile); DI.log.debug("Joined assesment saved to:{0}", sTargetFile); }
public bool appendTrace_FindingSourceToFindingSink(AssessmentAssessmentFileFinding fJoinAtSink, FindingViewItem fviJoinAtSource) { //Get the Sink of the first trace CallInvocation ciSinkNode = AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnCallInvocation(fJoinAtSink.Trace, TraceType.Known_Sink); if (ciSinkNode == null) { // DI.log.error("in appendTrace_FindingSourceToFindingSink, could not find the Sink of fviJoinAtSink"); return(false); } // get the source of the 2nd trace // There are 3 possible Gluing Scenarios // a source that has child nodes (when it is a callback) // a source trace that has a compatible signature with the sink trace (when it was creted via a source of tainded data rule). For this one we will have to find the correct injection point // a source trace that has nothing do with the source (interfaces gluing for example) and we have the same two cases above // the strategy to find a gluing point (on the fviJoinAtSource is to find the first trace that has a sink // try to get case 1 see if the current source has child nodes CallInvocation ciSourceNode = AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnCallInvocation( fviJoinAtSource.fFinding.Trace, TraceType.Source); if (ciSourceNode == null) { DI.log.error( "in appendTrace_FindingSourceToFindingSink, could not find the Source of fviJoinAtSource"); return(false); } if (ciSourceNode.CallInvocation1 == null) // means we are case 2 or 3 { CallInvocation ciSourceNodeWithSink = AnalysisSearch.fromSourceFindFirstTraceWithAChildSink(fviJoinAtSource.fFinding, fviJoinAtSource.oadO2AssessmentDataOunceV6); if (ciSourceNodeWithSink != null) { // if we found this it means that we are now on Trace that the first child node goes to the source and the 2nd goes to the Sink ciSourceNode = ciSourceNodeWithSink.CallInvocation1[1]; } } // make the previous Sink that Type 4 that doesn't seem to be used (could make it sources but it is cleaner with using this extra trace type for the joins ciSinkNode.trace_type = (int)TraceType.Type_4; CallInvocation[] aciCallInvocation; if (AnalysisUtils.getSink(fJoinAtSink, oadNewO2AssessmentDataOunceV6) == AnalysisUtils.getSource(fviJoinAtSource.fFinding, fviJoinAtSource.oadO2AssessmentDataOunceV6)) { aciCallInvocation = ciSourceNode.CallInvocation1; } else { aciCallInvocation = new[] { ciSourceNode } }; var lciTempNewCallInvocation = new List <CallInvocation>(); // used by the recursive function ciSinkNode.CallInvocation1 = updateAssessmentRunWithTraceReferences_recursive( lciTempNewCallInvocation, aciCallInvocation, dNewStringIndex, dNewFileIndex, fviJoinAtSource.oadO2AssessmentDataOunceV6); return(true); }