コード例 #1
0
        public void showFinalResults(ascx_FindingsViewer findingsViewer_BaseFindings,
                                     ascx_StrutsMappings strutsMappingsControl,
                                     ascx_FindingsViewer findingsViewer_FromStrutsMappings,
                                     ascx_FilteredFindings filteredFindings_TaintSources,
                                     ascx_FilteredFindings filteredFindings_FinalSinks,
                                     ascx_FindingsViewer findingsViewer_FinalFindings)
        {
            // basefindings and strutsmappings
            findingsViewer_BaseFindings.loadO2Findings(findingsWith_BaseO2Findings);
            strutsMappingsControl.showStrutsMappings(StrutsMappings);
            findingsViewer_FromStrutsMappings.loadO2Findings(findingsWith_StrutsMappings);

            //filteredFindings_TaintSources
            filteredFindings_TaintSources.setSourceSignatureRegEx(TaintSources_SourceRegEx);
            filteredFindings_TaintSources.setSinkSignatureRegEx(TaintSources_SinkRegEx);
            filteredFindings_TaintSources.setFindingsToFilter(findingsWith_BaseO2Findings);
            filteredFindings_TaintSources.setMapJointPointsCallback(XUtils_Findings_v0_1.mapJoinPoints_HashTagsOn_Sinks);
            filteredFindings_TaintSources.setFindingsViewerFilters("_JoinSink", "");
            filteredFindings_TaintSources.setFindingsResult(findingsWith_FindingsFromTaintSources);



            //filteredFindings_FinalSinks
            filteredFindings_FinalSinks.setSourceSignatureRegEx(FinalSinks_SourceRegEx);
            filteredFindings_FinalSinks.setSinkSignatureRegEx(FinalSinks_SinkRegEx);
            filteredFindings_FinalSinks.setFindingsToFilter(findingsWith_BaseO2Findings);
            filteredFindings_FinalSinks.setMapJointPointsCallback(XUtils_Findings_v0_1.mapJoinPoints_HashTagsOn_Sources);
            filteredFindings_FinalSinks.setFindingsViewerFilters("_JoinSource", "");
            filteredFindings_FinalSinks.setFindingsResult(findingsWith_FindingsToFinalSinks);


            // results (i.e. final findings)
            //findingsViewer_FinalFindings.loadO2Findings(findingsWith_Results);
            findingsViewer_FinalFindings.loadO2Findings(findingsWith_Results, true);
        }
コード例 #2
0
 public void openGui()
 {
     O2AscxGUI.openAscxAsForm(typeof(ascx_FindingsSplitter), findingsSplitterControlName);
     findingsSplitter = (ascx_FindingsSplitter)O2AscxGUI.getAscx(findingsSplitterControlName);
     cirDataViewer    = findingsSplitter.getCirDataViewer_ToProcess();
     findingsViewer   = findingsSplitter.getFindingsViewer_toProcess();
     ascx_FindingsViewer.o2AssessmentLoadEngines.Add(new O2AssessmentLoad_OunceV6());
 }
コード例 #3
0
 public static ascx_FindingsViewer afterSelect_showTrace(this ascx_FindingsViewer findingsViewer, ascx_TraceTreeView traceViewer)
 {
     findingsViewer._onFindingSelected +=
         (o2Finding) => {
         traceViewer.show(o2Finding);
         Application.DoEvents();
         findingsViewer.focus();
     };
     return(findingsViewer);
 }
コード例 #4
0
        public void loadTestData()
        {
            applyRulesToFindingsControl = (ascx_ApplyRulesToFindings)O2AscxGUI.getAscx(applyRulesToFindingsControlName);
            var thread = applyRulesToFindingsControl.loadO2RulePack(rulePackFile);

            thread.Join();
            rulePackViewerControl = applyRulesToFindingsControl.getRulePackViewerControl();
            Assert.That(rulePackViewerControl.currentO2RulePack.o2Rules.Count > 0, "There were no rules loaded");
            sourceFindingsViewerControl = applyRulesToFindingsControl.getSourceFindingsViewerControl();

            thread = sourceFindingsViewerControl.loadO2Assessment(ozasmtFile);
            thread.Join();
            Assert.That(sourceFindingsViewerControl.currentO2Findings.Count > 0, "There are no Findings loaded in the Source FindingsViewer");
            resultsFindingsViewerControl = applyRulesToFindingsControl.getResultsFindingsViewerControl();
        }
コード例 #5
0
 public static ascx_FindingsViewer afterSelect_ShowTraceInCodeViewer(this ascx_FindingsViewer findingsViewer, ascx_SourceCodeViewer codeViewer)
 {
     findingsViewer._onFindingSelected +=
         (o2Finding) => {
         codeViewer.show(o2Finding);
         Application.DoEvents();
         findingsViewer.focus();
     };
     findingsViewer._onTraceSelected +=
         (o2Trace) => {
         codeViewer.show(o2Trace);
         Application.DoEvents();
         findingsViewer.focus();
     };
     return(findingsViewer);
 }
コード例 #6
0
 public static ascx_FindingsViewer set_CodeEditor(this ascx_FindingsViewer findingsViewer, ascx_SourceCodeEditor codeEditor)
 {
     findingsViewer._onTraceSelected +=
         (trace) => {
         codeEditor.show(trace);
         findingsViewer.controls <ascx_TraceTreeView>().focus();
     };
     findingsViewer._onFindingSelected +=
         (finding) => {
         findingsViewer.invokeOnThread(
             () => {
             codeEditor.textEditor().LineViewerStyle = ICSharpCode.TextEditor.Document.LineViewerStyle.None;
             codeEditor.open(finding.file);
             //"Going to line: {0}".info(finding.lineNumber);
             codeEditor.editor().gotoLine((int)finding.lineNumber);
         });
         O2Thread.mtaThread(
             () => {
             findingsViewer.sleep(100, false);
             findingsViewer.getResultsTreeView().focus();
         });
     };
     return(findingsViewer);
 }
コード例 #7
0
 public static ascx_FindingsViewer filter2(this ascx_FindingsViewer findingsViewer, string filterValue)
 {
     findingsViewer.setFilter2Value(filterValue);
     return(findingsViewer);
 }
コード例 #8
0
 public static ascx_FindingsViewer filter1_Text(this ascx_FindingsViewer findingsViewer, string filterText)
 {
     findingsViewer.setFilter1TextValue(filterText, true);
     return(findingsViewer);
 }
コード例 #9
0
 public static ascx_FindingsViewer filters(this ascx_FindingsViewer findingsViewer, string filter1Value, string filter2Value)
 {
     findingsViewer.filter2(filter2Value);
     findingsViewer.filter1(filter1Value);
     return(findingsViewer);
 }
コード例 #10
0
 public static ascx_TraceTreeView afterSelect_showTrace(this ascx_TraceTreeView traceViewer, ascx_FindingsViewer findingsViewer)
 {
     findingsViewer.afterSelect_showTrace(traceViewer);
     return(traceViewer);
 }
コード例 #11
0
 public static ascx_FindingsViewer add_AvailableEngines_Ounce(this ascx_FindingsViewer findingsViewer)
 {
     OunceAvailableEngines.add_AvailableEngines();
     return(findingsViewer);
 }
コード例 #12
0
 public static ascx_FindingsViewer show(this ascx_FindingsViewer findingsViewer, IO2Finding o2Finding)
 {
     return(findingsViewer.show(o2Finding.wrapOnList()));
 }
コード例 #13
0
 public static ascx_FindingsViewer show(this ascx_FindingsViewer findingsViewer, List <IO2Finding> o2Findings)
 {
     findingsViewer.clearO2Findings();
     findingsViewer.loadO2Findings(o2Findings);
     return(findingsViewer);
 }
コード例 #14
0
 public static List <TreeNode> findingsNodes(this ascx_FindingsViewer findingsViewer)
 {
     return(findingsViewer.getResultsTreeView().nodes());
 }
コード例 #15
0
 public void buildGui()
 {
     AstEngine.HostPanel.clear();
     FindingsViewer = AstEngine.HostPanel.add_FindingsViewer();
 }
コード例 #16
0
 public static ascx_FindingsViewer showTraces(this ascx_FindingsViewer findingsViewer)
 {
     findingsViewer.setTraceTreeViewVisibleStatus(true);
     return(findingsViewer);
 }
コード例 #17
0
 public static ascx_FindingsViewer set_CodeViewer(this ascx_FindingsViewer findingsViewer, ascx_SourceCodeViewer codeViewer)
 {
     return(findingsViewer.set_CodeEditor(codeViewer.editor()));
 }
コード例 #18
0
        public static void createFindingsFromStrutsMappings(IStrutsMappings strutsMappings, ascx_FindingsViewer findingsViewer_ToLoadResults)
        {
            var createdFindings = StrutsMappingHelpers.createFindingsFromStrutsMappings(strutsMappings);

            findingsViewer_ToLoadResults.setTraceTreeViewVisibleStatus(true);
            findingsViewer_ToLoadResults.setFilter2Value("(no filter)");
            findingsViewer_ToLoadResults.loadO2Findings(createdFindings, true);
        }
コード例 #19
0
 public static void createFindingsFromStrutsMappings(ascx_StrutsMappings strutsMappingsControl, ascx_FindingsViewer findingsViewer_FromStrutsMappings)
 {
     createFindingsFromStrutsMappings(strutsMappingsControl.getStrutsMappingObject(), findingsViewer_FromStrutsMappings);
 }
コード例 #20
0
        public static void runFilterOn_FinalSinksFindings(List <IO2Finding> sourceFindings, string sinkSignatures, ascx_FindingsViewer findingsViewer_ToLoadResults)
        {
            var results = new List <IO2Finding>();

            foreach (O2Finding o2Finding in sourceFindings)
            {
                if (RegEx.findStringInString(o2Finding.Sink, sinkSignatures))
                {
                    results.Add(o2Finding);
                }
            }

            findingsViewer_ToLoadResults.setFilter1Value("Sink");
            findingsViewer_ToLoadResults.setFilter2Value("Source");
            findingsViewer_ToLoadResults.loadO2Findings(results, true);
        }
コード例 #21
0
 public static ascx_FindingsViewer expand(this ascx_FindingsViewer findingsViewer)
 {
     findingsViewer.expandAllNodes();
     return(findingsViewer);
 }
コード例 #22
0
 public static List <IO2Finding> o2Findings(this ascx_FindingsViewer findingsViewer)
 {
     return(findingsViewer.getFindingsFromTreeView());
 }
コード例 #23
0
 public static ascx_FindingsViewer load(this ascx_FindingsViewer findingsViewer, List <IO2Finding> o2Findings)
 {
     return(findingsViewer.show(o2Findings));
 }
コード例 #24
0
        public static void createFindingsFromSpringMvcMappings(bool createFindingForUsesOfModelAttribute,
                                                               bool createFindingForUsesOfGetParameter,
                                                               ascx_FindingsViewer findingsViewer,
                                                               Dictionary <SpringMvcController, TreeNode> treeNodesForloadedSpringMvcControllers, ICirData cirData) //IEnumerable<SpringMvcController> springMvcControllers)
        {
            var findingsCreated = new List <IO2Finding>();

            if (createFindingForUsesOfModelAttribute)
            {
                foreach (SpringMvcController springMvcController in treeNodesForloadedSpringMvcControllers.Keys)
                {
                    var modelAttributeParameter = SpringMvcUtils.getMethodUsedInController(springMvcController, "ModelAttribute");
                    if (modelAttributeParameter != null)
                    {
                        var findingType = "SpringMvc.Use of ModelAttribute";
                        var findingText = string.Format("{0} {1} {2}", springMvcController.HttpRequestMethod,
                                                        springMvcController.HttpRequestUrl,
                                                        springMvcController.HttpMappingParameter);
                        var o2Finding = new O2Finding(findingText, findingType)
                        {
                            file       = springMvcController.FileName,
                            lineNumber = springMvcController.LineNumber
                        };
                        var rootTrace   = new O2Trace(findingType);
                        var sourceTrace = new O2Trace(springMvcController.HttpRequestUrl)
                        {
                            traceType = TraceType.Source
                        };
                        var modelAttribute = new O2Trace("ModelAttribute Class: " + modelAttributeParameter.className);
                        var sinkTrace      = new O2Trace(springMvcController.JavaClass)
                        {
                            traceType = TraceType.Known_Sink
                        };
                        var postTrace = new O2Trace(springMvcController.JavaClassAndFunction);
                        rootTrace.childTraces.Add(sourceTrace);
                        sourceTrace.childTraces.Add(modelAttribute);
                        modelAttribute.childTraces.Add(sinkTrace);
                        sinkTrace.childTraces.Add(postTrace);
                        o2Finding.o2Traces.Add(rootTrace);

                        rootTrace.file       = sourceTrace.file = sinkTrace.file = o2Finding.file;
                        rootTrace.lineNumber = sourceTrace.lineNumber = sinkTrace.lineNumber = o2Finding.lineNumber;

                        findingsCreated.Add(o2Finding);
                        //tvControllers.Nodes.Add(
                        //    O2Forms.cloneTreeNode(treeNodesForloadedSpingMvcControllers[springMcvController]));
                    }
                }
            }

            if (createFindingForUsesOfGetParameter)
            {
                try
                {
                    var nodesWithGetParameter = getNodes_ThatUseGetParameter_RecursiveSearch(cirData, treeNodesForloadedSpringMvcControllers);
                    foreach (var treeNode in nodesWithGetParameter)
                    {
                        var springMvcController = (SpringMvcController)treeNode.Tag;

                        /*var o2Finding = new O2Finding(springMvcController.JavaFunction, "SpringMvc.Use of GetParameter")
                         *                  {
                         *                      file = springMvcController.FileName,
                         *                      lineNumber = springMvcController.LineNumber
                         *                  };
                         * findingsCreated.Add(o2Finding);*/
                        var findingType = "SpringMvc.Use of GetParameter";
                        var findingText = string.Format("{0} {1} {2}", springMvcController.HttpRequestMethod,
                                                        springMvcController.HttpRequestUrl,
                                                        springMvcController.HttpMappingParameter);
                        var o2Finding = new O2Finding(findingText, findingType)
                        {
                            file       = springMvcController.FileName,
                            lineNumber = springMvcController.LineNumber
                        };
                        var rootTrace   = new O2Trace(findingType);
                        var sourceTrace = new O2Trace(springMvcController.HttpRequestUrl)
                        {
                            traceType = TraceType.Source
                        };
                        var sinkTrace = new O2Trace(springMvcController.JavaClass)
                        {
                            traceType = TraceType.Known_Sink
                        };
                        var postTrace = new O2Trace(springMvcController.JavaClassAndFunction);
                        rootTrace.childTraces.Add(sourceTrace);
                        sourceTrace.childTraces.Add(sinkTrace);
                        sinkTrace.childTraces.Add(postTrace);
                        o2Finding.o2Traces.Add(rootTrace);

                        rootTrace.file       = sourceTrace.file = sinkTrace.file = o2Finding.file;
                        rootTrace.lineNumber = sourceTrace.lineNumber = sinkTrace.lineNumber = o2Finding.lineNumber;

                        findingsCreated.Add(o2Finding);
                    }
                }
                catch (Exception ex)
                {
                    DI.log.ex(ex, "in createFindingForUsesOfGetParameter");
                }
            }


            //            findingsCreated.Add(o2Finding);

            findingsViewer.clearO2Findings();
            findingsViewer.loadO2Findings(findingsCreated);
        }