public static IO2Trace createCopy(IO2Trace o2Trace, bool processChildTraces) { if (o2Trace == null) { return(null); } var newO2Trace = new O2Trace(); newO2Trace.text = createCopy(o2Trace.text); newO2Trace.traceType = o2Trace.traceType; newO2Trace.taintPropagation = o2Trace.taintPropagation; newO2Trace.signature = o2Trace.signature; newO2Trace.ordinal = o2Trace.ordinal; newO2Trace.lineNumber = o2Trace.lineNumber; newO2Trace.method = o2Trace.method; newO2Trace.file = o2Trace.file; newO2Trace.context = o2Trace.context; newO2Trace.columnNumber = o2Trace.columnNumber; newO2Trace.clazz = o2Trace.clazz; if (processChildTraces) { newO2Trace.childTraces = createCopy(o2Trace.childTraces); } return(newO2Trace); }
public static List<IO2Finding> createFindingsFromConversation(List<IWebscarabConversation> webScarabConversations) { List<IO2Finding> o2Findings = new List<IO2Finding>(); foreach (IWebscarabConversation conversation in webScarabConversations) { O2Finding o2Finding = new O2Finding(); if ((conversation.TAG != null) && (conversation.TAG != "")) { o2Finding.vulnType = conversation.TAG; } else { o2Finding.vulnType = "Tag not defined"; } o2Finding.vulnName = conversation.METHOD + ": " + conversation.URL; addTrace(o2Finding, conversation.COOKIE, "COOKIE"); addTrace(o2Finding, conversation.STATUS, "STATUS"); addTrace(o2Finding, conversation.ORIGIN, "ORIGIN"); addTrace(o2Finding, conversation.URL, "URL"); addTrace(o2Finding, conversation.XSS_GET, "XSS_GET"); addTrace(o2Finding, conversation.CRLF_GET, "CRLF_GET"); addTrace(o2Finding, conversation.SET_COOKIE, "SET_COOKIE"); addTrace(o2Finding, conversation.XSS_POST, "XSS_POST"); var traceRequest = new O2Trace("request: " + conversation.request); traceRequest.file = conversation.request; var traceResponse = new O2Trace("response: " + conversation.response); traceResponse.file = conversation.response; o2Finding.file = conversation.response; o2Finding.o2Traces.Add(traceRequest); o2Finding.o2Traces.Add(traceResponse); o2Findings.Add(o2Finding); } return o2Findings; }
public static List<IO2Finding> mapSinksToSources(Dictionary<string, List<IO2Finding>> lostSinks, Dictionary<string, List<IO2Finding>> sources) { DI.log.info("Looking for matches"); var results = new List<IO2Finding>(); foreach (string lostSinkSignature in lostSinks.Keys) if (sources.ContainsKey(lostSinkSignature)) { foreach (O2Finding lostSink in lostSinks[lostSinkSignature]) foreach (O2Finding source in sources[lostSinkSignature]) { var sinkCopy = (O2Finding)OzasmtCopy.createCopy(lostSink); var sourceCopy = (O2Finding)OzasmtCopy.createCopy(source); var lostSinkNode = sinkCopy.getLostSink(); lostSinkNode.traceType = TraceType.Type_4; var interfaceJoinPoint = new O2Trace("---- Interface join --- "); interfaceJoinPoint.childTraces.AddRange(sourceCopy.o2Traces); lostSinkNode.childTraces.Add(interfaceJoinPoint); sinkCopy.vulnName = sinkCopy.Sink; results.Add(sinkCopy); //return results; } } //log.info("We have a match on: {0}", lostSink); return results; }
public IO2Trace addTrace(string traceSignature, TraceType _traceType) { var newTrace = new O2Trace(traceSignature); newTrace.traceType = _traceType; childTraces.Add(newTrace); return newTrace; }
public IO2Trace addTrace(string traceSignature, TraceType _traceType) { var newTrace = new O2Trace(traceSignature); newTrace.traceType = _traceType; childTraces.Add(newTrace); return(newTrace); }
public void insertTrace(string traceSignature, TraceType traceType) { var newO2Trace = new O2Trace(traceSignature, traceType); newO2Trace.childTraces.AddRange(o2Traces); o2Traces = new List <IO2Trace>(); o2Traces.add(newO2Trace); }
public static IO2Finding createO2FindingForXElement(XElement xElement, string currentFile) { var createFinding = false; var xElementSignature = xElement.Name.LocalName; var sourceTrace1 = new O2Trace(); var sourceTrace2 = new O2Trace(); foreach (var attribute in xElement.Attributes()) { if (attribute.Name == "value" && attribute.Value.IndexOf("#{") > -1) { createFinding = true; sourceTrace1.signature = attribute.Value; sourceTrace2.signature = getFilteredValue(attribute.Value); sourceTrace2.traceType = TraceType.Source; // set source file and line number var attributeLineInfo = (IXmlLineInfo)attribute; sourceTrace2.file = currentFile; sourceTrace2.lineNumber = (uint)attributeLineInfo.LineNumber; } // xElementSignature += String.Format(" {0}=\"{1}\" ", attribute.Name, attribute.Value); } if (createFinding == false) return null; var newFinding = new O2Finding(); newFinding.vulnType = "JSF.AutoMapping"; newFinding.vulnName = xElementSignature; // add traces // root trace var rootTrace = new O2Trace(currentFile); newFinding.o2Traces.Add(rootTrace); // traceWithFileName var traceWithFileName = new O2Trace(Path.GetFileName(currentFile)); rootTrace.childTraces.Add(traceWithFileName); // sourceTrace traceWithFileName.childTraces.Add(sourceTrace1); sourceTrace1.childTraces.Add(sourceTrace2); // traceWithNamespaceAndElementName var traceWithNamespaceAndElementName = new O2Trace(xElement.Name.ToString()); sourceTrace2.childTraces.Add(traceWithNamespaceAndElementName); // Sink trace (with xElementSignature contents) var sinkTrace = new O2Trace(xElementSignature); sinkTrace.traceType = TraceType.Known_Sink; traceWithNamespaceAndElementName.childTraces.Add(sinkTrace); // set file and line number for sink & finding var elementLineInfo = (IXmlLineInfo)xElement; newFinding.file = sourceTrace2.file = currentFile; newFinding.lineNumber = sourceTrace2.lineNumber = (uint)elementLineInfo.LineNumber; return newFinding; }
public void appendNewO2Trace() { if (o2Finding.o2Traces.Count == 0) o2Finding.o2Traces = new List<IO2Trace>().add(new O2Trace("new root trace")); else if (tvSmartTrace.SelectedNode != null && tvSmartTrace.SelectedNode.Tag.GetType().Name == "O2Trace") { o2Trace = new O2Trace("newChildTrace"); ((O2Trace)tvSmartTrace.SelectedNode.Tag).childTraces.Add(o2Trace); } showO2TraceTree(); }
public List <IO2Trace> addTraces(List <string> traceSignatures) { var newTraces = new List <IO2Trace>(); foreach (var traceSignature in traceSignatures) { var newTrace = new O2Trace(traceSignature); o2Traces.Add(newTrace); newTraces.Add(newTrace); } return(newTraces); }
public List <IO2Trace> addTraces(string prefixText, TraceType _traceType, params string[] traceSignatures) { var newTraces = new List <IO2Trace>(); foreach (var traceSignature in traceSignatures) { var newTrace = new O2Trace(prefixText + traceSignature); newTrace.traceType = _traceType; childTraces.Add(newTrace); newTraces.Add(newTrace); } return(newTraces); }
public static IO2Trace createCopy(IO2Trace o2Trace, bool processChildTraces) { if (o2Trace == null) return null; var newO2Trace = new O2Trace(); newO2Trace.text = createCopy(o2Trace.text); newO2Trace.traceType = o2Trace.traceType; newO2Trace.taintPropagation = o2Trace.taintPropagation; newO2Trace.signature = o2Trace.signature; newO2Trace.ordinal = o2Trace.ordinal; newO2Trace.lineNumber = o2Trace.lineNumber; newO2Trace.method = o2Trace.method; newO2Trace.file = o2Trace.file; newO2Trace.context = o2Trace.context; newO2Trace.columnNumber = o2Trace.columnNumber; newO2Trace.clazz = o2Trace.clazz; if (processChildTraces) newO2Trace.childTraces = createCopy(o2Trace.childTraces); return newO2Trace; }
public static void showO2TraceInDataGridView(O2Trace o2Trace, DataGridView dataGridView) { }
public static void showO2TraceInTreeView(O2Trace o2Trace, DataGridView dataGridView, String showItem) { }
public static List<IO2Finding> getSourcesMappedToInterfaces(List<IO2Finding> o2Findings, ICirData cirData) { var results = new List<IO2Finding>(); if (cirData == null || o2Findings == null) return results; foreach (O2Finding o2Finding in o2Findings) { var source = o2Finding.getSource(); if (source != null) { if (cirData.dFunctions_bySignature.ContainsKey(source.signature)) { var cirFunction = cirData.dFunctions_bySignature[source.signature]; var cirClass = cirFunction.ParentClass; if (cirClass.dSuperClasses.Count > 0) { var sourceSig = cirFunction.FunctionSignature.Substring(cirClass.Signature.Length); //log.info(cirFunction.FunctionSignature); foreach (var superClass in cirClass.dSuperClasses.Values) { foreach (var function in superClass.dFunctions.Values) { var interfaceName = function.FunctionSignature.Substring(superClass.Signature.Length); if (sourceSig == interfaceName) { // we have an implementation of a method: var newO2Finding = OzasmtCopy.createCopy(o2Finding); var currentSource = ((O2Finding)newO2Finding).getSource(); currentSource.traceType = TraceType.Type_4; currentSource.signature = "[old source]: " + currentSource.signature; var interfaceTrace = new O2Trace(function.FunctionSignature); interfaceTrace.traceType = TraceType.Source; //interfaceTrace.childTraces.Add(new O2Trace("[interface function Signature (that matched)]: " + sourceSig)); //interfaceTrace.childTraces.Add(new O2Trace("interface: " + interfaceName)); //interfaceTrace.childTraces.Add(new O2Trace("source: " + currentSource.signature)); //interfaceTrace.childTraces.Add(new O2Trace("interface: " + function.FunctionSignature)); //interfaceTrace.childTraces.AddRange(newO2Finding.o2Traces); interfaceTrace.childTraces.AddRange(currentSource.childTraces); newO2Finding.o2Traces = new List<IO2Trace>(); newO2Finding.o2Traces.Add(interfaceTrace); results.Add(newO2Finding); //return results; } } } } //log.info(" {2} : {0} -> {1}", cirFunction.FunctionSignature, cirClass.Name, cirClass.dSuperClasses.Count); } } } DI.log.info("There were {0} sources mapped to its interfaces (i.e. superclasses))", results.Count); return results; }
public static List<IO2Trace> getO2TraceFromCallInvocation(CallInvocation[] callInvocations, AssessmentRun assessmentRun) { var o2Traces = new List<IO2Trace>(); if (callInvocations != null) { foreach (CallInvocation callInvocation in callInvocations) { var o2Trace = new O2Trace { clazz = getStringIndexValue(callInvocation.cn_id, assessmentRun), columnNumber = callInvocation.column_number, context = getStringIndexValue(callInvocation.cxt_id, assessmentRun), file = getFileIndexValue(callInvocation.fn_id, assessmentRun), lineNumber = callInvocation.line_number, method = getStringIndexValue(callInvocation.mn_id, assessmentRun), ordinal = callInvocation.ordinal, // for the signature try to use the sig_id and if that is 0 then use mn_id signature = getStringIndexValue((callInvocation.sig_id != 0) ? callInvocation.sig_id : callInvocation.mn_id, assessmentRun), taintPropagation = callInvocation.taint_propagation, traceType = (TraceType) Enum.Parse(typeof(TraceType), callInvocation.trace_type.ToString()) }; if (callInvocation.Text != null) o2Trace.text = new List<string>(callInvocation.Text); //if (callInvocation.CallInvocation1 != null) // means there are child traces //{ o2Trace.childTraces = getO2TraceFromCallInvocation(callInvocation.CallInvocation1, assessmentRun); /*new List<O2Trace>(); foreach (CallInvocation childCallInvocation in callInvocation.CallInvocation1) o2Trace.childTraces.Add(getO2TraceFromCallInvocation(childCallInvocation, assessmentRun));*/ //} o2Traces.Add(o2Trace); } } return o2Traces; }
public static void addCatNetTransformationsAsO2Traces(O2Finding o2Finding, XmlElement transformations) { // ReSharper disable PossibleNullReferenceException //var o2Trace = new O2Trace(); //o2Finding.o2Traces.Add(o2Trace); foreach (XmlNode transformation in transformations.ChildNodes) { var o2Trace = new O2Trace { context = (transformation["Statement"] == null) ? "" : transformation["Statement"].InnerText, lineNumber = (transformation.Attributes["line"] == null) ? 0 : uint.Parse(transformation.Attributes["line"].Value), file = (transformation.Attributes["file"] == null) ? "" : transformation.Attributes["file"].Value }; switch (transformation.Name) { case "Origin": o2Finding.o2Traces.Add(new O2Trace { clazz = "Origin", traceType = TraceType.Source, method = transformation["StatementMethod"].InnerText, signature = transformation["StatementMethod"].InnerText, context = o2Trace.context, lineNumber = o2Trace.lineNumber, file = o2Trace.file }); o2Finding.o2Traces.Add(o2Trace); break; case "MethodBoundary": case "CallResult": o2Trace.clazz = transformation.Name; o2Trace.method = transformation["Method"].InnerText; o2Trace.signature = o2Trace.method; if (o2Finding.o2Traces.Count > 0) { o2Finding.o2Traces[0].childTraces.Add(o2Trace); o2Trace.traceType = o2Finding.o2Traces[0].childTraces.Count == (transformations.ChildNodes.Count - 1) ? TraceType.Known_Sink : TraceType.Root_Call; } else o2Finding.o2Traces.Add(o2Trace); break; default: break; } } // ReSharper restore PossibleNullReferenceException }
public void insertNewO2Trace() { if (o2Finding.o2Traces.Count == 0) o2Finding.o2Traces = new List<IO2Trace>().add(new O2Trace("new root trace")); else if (tvSmartTrace.SelectedNode != null && tvSmartTrace.SelectedNode.Tag.GetType().Name == "O2Trace") { var newO2Trace = new O2Trace("insertedNewTrace"); if (tvSmartTrace.SelectedNode.Parent != null) { var parentNodeTrace = (IO2Trace)tvSmartTrace.SelectedNode.Parent.Tag; var curentNodeTrace = (IO2Trace)tvSmartTrace.SelectedNode.Tag; newO2Trace.childTraces.Add(curentNodeTrace); parentNodeTrace.childTraces.Add(newO2Trace); parentNodeTrace.childTraces.Remove(curentNodeTrace); } else { var curentNodeTrace = (IO2Trace)tvSmartTrace.SelectedNode.Tag; newO2Trace.childTraces.Add(curentNodeTrace); o2Finding.o2Traces.Remove(curentNodeTrace); o2Finding.o2Traces.Add(newO2Trace); } //tvSmartTrace.SelectedNode.Tag = newO2Trace; o2Trace = newO2Trace; //currentO2Trace.childTraces.Add(((O2Trace)tvSmartTrace.SelectedNode.Tag)); //tvSmartTrace.SelectedNode.Tag = currentO2Trace; //.childTraces.Add(currentO2Trace); } showO2TraceTree(); }
public static List<IO2Finding> joinTracesWhereSinkMatchesSource(List<IO2Finding> sinkFindings, List<IO2Finding> sourceFindings) { var results = new List<IO2Finding>(); foreach (var o2SinkFinding in sinkFindings) foreach (var o2SourcesFinding in sourceFindings) //if (o2SourcesFinding.vulnName.IndexOf(o2SinkFinding.vulnName) > -1) if (o2SourcesFinding.vulnName==o2SinkFinding.vulnName) { var o2NewFinding = (O2Finding)OzasmtCopy.createCopy(o2SinkFinding); results.Add(o2NewFinding); var sink = o2NewFinding.getSink(); if (sink.notNull()) { var joinPointTrace = new O2Trace( string.Format("O2 Auto Join Point::: {0} -> {1}", o2SinkFinding.vulnName, o2SourcesFinding.vulnName)); sink.traceType = TraceType.Type_4; joinPointTrace.traceType = TraceType.Type_4; sink.childTraces.Add(joinPointTrace); var jspSignature = o2SourcesFinding.o2Traces[0].signature; var indexofJsp = jspSignature.IndexOf("._jsp"); if (indexofJsp > -1) jspSignature = jspSignature.Substring(0, indexofJsp) + ".jsp"; jspSignature = jspSignature.Replace("jsp_servlet", "").Replace("_45_", @"-").Replace(".__", @"/").Replace("._", @"/"); var jspTrace = new O2Trace("JSP: " + jspSignature); joinPointTrace.childTraces.Add(jspTrace); jspTrace.childTraces.AddRange(o2SourcesFinding.o2Traces); //log.info("we have a match: {0} -> {1}", o2SinkFinding.vulnName, o2SourcesFinding.vulnName); } } return results; }
/// <summary> /// This will populate the parent finding with all traces from the provided ICirFunction /// caution: use the createNewFindingOnExternalCall carefully since it can create a stupid amount of traces (and it is much slower) /// </summary> /// <param name="cirFunction"></param> /// <param name="lineNumber"></param> /// <param name="o2Traces"></param> /// <param name="parentTraces"></param> /// <param name="rootO2Finding"></param> /// <param name="o2FindingsCreated"></param> /// <param name="createNewFindingOnExternalCall"></param> /// <param name="fileName"></param> public static void createTracesAndFindingsFromCirFunction(ICirFunction cirFunction, string fileName, UInt32 lineNumber,List<IO2Trace> o2Traces, List<IO2Trace> parentTraces, IO2Finding rootO2Finding, List<IO2Finding> o2FindingsCreated, bool createNewFindingOnExternalCall) { int maxParentDepth = 10; //30; //10; var maxNumberOfTraces = 20; //50; //300; //50 var filteredSignature = new FilteredSignature(cirFunction); var functionSignature = filteredSignature.sSignature; var o2Trace = new O2Trace(functionSignature, cirFunction.ClassNameFunctionNameAndParameters) { file = fileName, lineNumber = lineNumber }; // add file references // handle the case where this is a recursive call or a call to a method already added in the current tree var recursiveCall = false; foreach(var o2ParentTrace in parentTraces) if (o2ParentTrace.signature == functionSignature) { recursiveCall = true; break; } parentTraces.Add(o2Trace); // add this trace to the current trace tree (since we might need to create a copy of it below o2Traces.Add(o2Trace); if (recursiveCall) { var nodeText = String.Format("{0} : {1} : {2}", cirFunction, "....(Recursive Call so not expanding child traces", functionSignature); o2Trace.childTraces.Add(new O2Trace(nodeText)); } else { if (parentTraces.Count > maxParentDepth) o2Trace.childTraces.Add(new O2Trace(" ... {Max trace depth reached} (" + maxParentDepth + ")")); else { // var numberOfTraces = OzasmtUtils.getAllTraces(rootO2Finding.o2Traces); if (numberOfTraces.Count > maxNumberOfTraces) { o2Trace.childTraces.Add(new O2Trace("**** Max number of traces reached(" + maxNumberOfTraces + ") aborting trace execution")); return; } if (cirFunction.FunctionsCalled.Count == 0) // means we don't have the code for this one, so { // let make it a lost sink var originalTraceTypeValue = o2Trace.traceType; // we might need this below o2Trace.traceType = TraceType.Lost_Sink; if (createNewFindingOnExternalCall) // and if createNewFindingOnExternalCall add it as finding { // create a copy of the parent finding (which incudes the above trace var newFinding = OzasmtCopy.createCopy(rootO2Finding); // make the first call a source (so that we have a source-> pair newFinding.o2Traces[0].traceType = TraceType.Source; // add it o2FindingsCreated.Add(newFinding); // since the crawl will continue we must restore the originalTraceTypeValue o2Trace.traceType = originalTraceTypeValue; } } else foreach (var functionCalled in cirFunction.FunctionsCalled) createTracesAndFindingsFromCirFunction(functionCalled.cirFunction, functionCalled.fileName, (UInt32)functionCalled.lineNumber, o2Trace.childTraces, parentTraces, rootO2Finding, o2FindingsCreated, createNewFindingOnExternalCall); } } // now remove the signature since we are only interrested in non repeats on the same parent parentTraces.Remove(o2Trace); }
public static void createJspELTraces(List<IO2Finding> o2Findings) { foreach (var o2Finding in o2Findings) { // root trace var rootTrace = new O2Trace(getRootNodeStringValue(o2Finding.file)); var jspElValue = extractJspElValue(o2Finding.context); // trace with JSP EL value var jspElTrace = new O2Trace(jspElValue); jspElTrace.traceType = TraceType.Source; rootTrace.childTraces.Add(jspElTrace); // add jspElTrace as a child trace of rootTrace //sink trace var sinkTrace = new O2Trace(jspElValue); // also map this to the JSPEl value since that is the one we will want to filter by sinkTrace.traceType = TraceType.Known_Sink; jspElTrace.childTraces.Add(sinkTrace); // add sinkTrace as a child trace of jspElTrace // add the vulnName (println in most cases) as an extrasink trace var extraSinkTrace = new O2Trace(o2Finding.vulnName); sinkTrace.childTraces.Add(extraSinkTrace); // add extraSinkTrace as a child trace of sinkTrace // add root trace to finding's traces colection o2Finding.o2Traces.Add(rootTrace); // add source code mappings to all traces: rootTrace.file = jspElTrace.file = sinkTrace.file = o2Finding.file; rootTrace.lineNumber = jspElTrace.lineNumber = sinkTrace.lineNumber = o2Finding.lineNumber; } }
public static void addClassAttributesToFinding(XElement xClassElement, O2Finding o2Finding) { //var pathToSource = o2Finding.getPathToSource(); //var numberOfTraces = pathToSource.Count; //if (pathToSource.Count >1) //{ // var rootTrace = pathToSource[numberOfTraces-1]; var classAnnotations = from xelement in xClassElement.Elements("attribute").Elements("annotation") select xelement; if (classAnnotations.Count() > 0) { var annotationsTrace = new O2Trace("Annotations for class: " + xClassElement.Attribute("name").Value); o2Finding.o2Traces.Insert(0, annotationsTrace); foreach (var annotation in classAnnotations) annotationsTrace.childTraces.Add(new O2Trace(annotation.Attribute("toString").Value, TraceType.Type_4)); } //} }
public static List<IO2Finding> calculate_Url_to_EntryMethod_Mappings(string pathWithSourceFiles, string urlBase, string port, ProgressBar progressBar) { var o2Findings = new List<IO2Finding>(); var filesToAnalyze = pathWithSourceFiles.files("*.cs",true); progressBar.maximum(filesToAnalyze.size()); foreach(var file in filesToAnalyze) { "Processing file:{0}".info(file); var url = urlBase.format(port, file.replace(pathWithSourceFiles,"").replace(".ascx.cs","")); foreach(var type in file.csharpAst().types(true)) foreach(var baseType in type.BaseTypes) if (baseType.str() == "System.Web.UI.UserControl") { var astData = new O2MappedAstData(); astData.loadFile(file); foreach(var iMethod in astData.iMethods()) { var o2Finding = new O2Finding(); o2Finding.vulnName = url; o2Finding.vulnType = "Web EntryPoint"; var source = new O2Trace(url); var sink = new O2Trace(iMethod.fullName()); source.traceType = TraceType.Source; sink.traceType = TraceType.Known_Sink; source.childTraces.Add(sink); o2Finding.o2Traces.Add(source); o2Findings.Add(o2Finding); } } progressBar.increment(1); } return o2Findings; }
public static void createFindingsFromSpringMvcMappings(bool createFindingForUsesOfModelAttribute, bool createFindingForUsesOfGetParameter, ascx_FindingsViewer findingsViewer, Dictionary<SpringMvcController, TreeNode> treeNodesForloadedSpringMvcControllers, ICirData cirData) //IEnumerable<SpringMvcController> springMvcControllers) { var findingsCreated = new List<IO2Finding>(); if (createFindingForUsesOfModelAttribute) { foreach (SpringMvcController springMvcController in treeNodesForloadedSpringMvcControllers.Keys) { var modelAttributeParameter = SpringMvcUtils.getMethodUsedInController(springMvcController, "ModelAttribute"); if (modelAttributeParameter != null) { var findingType = "SpringMvc.Use of ModelAttribute"; var findingText = string.Format("{0} {1} {2}", springMvcController.HttpRequestMethod, springMvcController.HttpRequestUrl, springMvcController.HttpMappingParameter); var o2Finding = new O2Finding(findingText, findingType) { file = springMvcController.FileName, lineNumber = springMvcController.LineNumber }; var rootTrace = new O2Trace(findingType); var sourceTrace = new O2Trace(springMvcController.HttpRequestUrl) { traceType = TraceType.Source }; var modelAttribute = new O2Trace("ModelAttribute Class: " + modelAttributeParameter.className); var sinkTrace = new O2Trace(springMvcController.JavaClass) { traceType = TraceType.Known_Sink }; var postTrace = new O2Trace(springMvcController.JavaClassAndFunction); rootTrace.childTraces.Add(sourceTrace); sourceTrace.childTraces.Add(modelAttribute); modelAttribute.childTraces.Add(sinkTrace); sinkTrace.childTraces.Add(postTrace); o2Finding.o2Traces.Add(rootTrace); rootTrace.file = sourceTrace.file = sinkTrace.file = o2Finding.file; rootTrace.lineNumber = sourceTrace.lineNumber = sinkTrace.lineNumber = o2Finding.lineNumber; findingsCreated.Add(o2Finding); //tvControllers.Nodes.Add( // O2Forms.cloneTreeNode(treeNodesForloadedSpingMvcControllers[springMcvController])); } } } if (createFindingForUsesOfGetParameter) { try { var nodesWithGetParameter = getNodes_ThatUseGetParameter_RecursiveSearch(cirData, treeNodesForloadedSpringMvcControllers); foreach (var treeNode in nodesWithGetParameter) { var springMvcController = (SpringMvcController)treeNode.Tag; /*var o2Finding = new O2Finding(springMvcController.JavaFunction, "SpringMvc.Use of GetParameter") { file = springMvcController.FileName, lineNumber = springMvcController.LineNumber }; findingsCreated.Add(o2Finding);*/ var findingType = "SpringMvc.Use of GetParameter"; var findingText = string.Format("{0} {1} {2}", springMvcController.HttpRequestMethod, springMvcController.HttpRequestUrl, springMvcController.HttpMappingParameter); var o2Finding = new O2Finding(findingText, findingType) { file = springMvcController.FileName, lineNumber = springMvcController.LineNumber }; var rootTrace = new O2Trace(findingType); var sourceTrace = new O2Trace(springMvcController.HttpRequestUrl) { traceType = TraceType.Source }; var sinkTrace = new O2Trace(springMvcController.JavaClass) { traceType = TraceType.Known_Sink }; var postTrace = new O2Trace(springMvcController.JavaClassAndFunction); rootTrace.childTraces.Add(sourceTrace); sourceTrace.childTraces.Add(sinkTrace); sinkTrace.childTraces.Add(postTrace); o2Finding.o2Traces.Add(rootTrace); rootTrace.file = sourceTrace.file = sinkTrace.file = o2Finding.file; rootTrace.lineNumber = sourceTrace.lineNumber = sinkTrace.lineNumber = o2Finding.lineNumber; findingsCreated.Add(o2Finding); } } catch (Exception ex) { DI.log.ex(ex, "in createFindingForUsesOfGetParameter"); } } // findingsCreated.Add(o2Finding); findingsViewer.clearO2Findings(); findingsViewer.loadO2Findings(findingsCreated); }
public List<IO2Trace> addTraces(string prefixText, TraceType _traceType, params string[] traceSignatures) { var newTraces = new List<IO2Trace>(); foreach (var traceSignature in traceSignatures) { var newTrace = new O2Trace(prefixText + traceSignature); newTrace.traceType = _traceType; childTraces.Add(newTrace); newTraces.Add(newTrace); } return newTraces; }
private static void addTraceToO2Finding(string traces, IO2Finding o2Finding, AssessmentRun assessmentRun) { if (false == string.IsNullOrEmpty(traces)) { var splittedTraces = traces.Split(','); var traceStack = new Stack<List<IO2Trace>>(); // use to keep track of where we add the trace traceStack.Push(o2Finding.o2Traces); // the first one is the main o2Findings.o2Traces foreach(var traceItem in splittedTraces) { var splittedTrace = traceItem.Split('.'); // in this version the dots mean how many nodes we have to go up int traceIndex; if (Int32.TryParse(splittedTrace[0], out traceIndex)) { AssessmentRunTaint taint = assessmentRun.TaintPool[traceIndex - 1]; AssessmentRunSite siteData = assessmentRun.SitePool[taint.site_id - 1]; var o2Trace = new O2Trace { caller = getStringIndexValue(siteData.caller, assessmentRun), columnNumber = siteData.cn, context = getStringIndexValue(siteData.cxt, assessmentRun), file = getFileIndexValue(siteData.file_id, assessmentRun), lineNumber = siteData.ln, method = getStringIndexValue(siteData.method, assessmentRun), ordinal = siteData.ord, signature = getStringIndexValue(siteData.sig, assessmentRun), argument = taint.arg, direction = taint.dir, traceType =((TraceType) Enum.Parse(typeof (TraceType), taint.trace_type.ToString())) }; //o2Trace.clazz = getStringIndexValue(,assessmentRun); // check if siteData.caller is a good match for clazz //o2Trace.taintPropagation = ; //o2Trace.text = ; traceStack.Peek().Add(o2Trace); // add the current trace as a child of the the item on the top of traceStack traceStack.Push(o2Trace.childTraces); // and make the current trace the item on the top of traceStack (which will be changed if there were dots in the traceItem (handled below)) } else { DI.log.error("in addTraceToO2Finding , could not parse into int {0} from {1}", splittedTrace[0], traceItem); } if (splittedTrace.Length > 1) // means there were dots in the traceitem for (var i = 1; i < splittedTrace.Length; i++) traceStack.Pop(); } o2Finding.o2Traces[0].signature += traces; } }
public static IO2Trace add_Trace(this List<IO2Trace> iO2Traces, string text) { var newTrace = new O2Trace(text); iO2Traces.Add(newTrace); return newTrace; }
public static void addMethodAttributesToFinding(XElement xMethodElement, O2Finding o2Finding) { var pathToSource = o2Finding.getPathToSource(); var numberOfTraces = pathToSource.Count; if (pathToSource.Count > 1) { var rootTrace = pathToSource[numberOfTraces - 1]; // add annotations in Method's Parameters var methodParametersAnnotations = from xelement in xMethodElement.Elements("methodParameterAnnotation") select xelement; if (methodParametersAnnotations.Count() > 0) { var methodParametersAttributes = new O2Trace("Spring MVC - Method Parameters Attributes"); foreach (var annotation in methodParametersAnnotations) { if (annotation.Attribute("toString") == null) methodParametersAttributes.childTraces.Add(new O2Trace("no attribute")); else { //var annotationTrace1 = new O2Trace(annotation.Attribute("toString").Value, TraceType.Type_4); var annotationTrace = new O2Trace(annotation.Attribute("typeName").Value, TraceType.Type_4); foreach (var member in annotation.Elements("member")) { //annotationTrace.childTraces.Add(new O2Trace(annotation.Attribute("typeName").Value, TraceType.Type_6)); var memberTraceText = string.Format("{0}={1}", member.Attribute("memberName").Value, member.Attribute("memberValue").Value); annotationTrace.childTraces.Add(new O2Trace(memberTraceText, TraceType.Type_6)); } methodParametersAttributes.childTraces.Add(annotationTrace); } } rootTrace.childTraces.Insert(0, methodParametersAttributes); } // add annotations in Method var methodAnnotations = from xelement in xMethodElement.Elements("methodAttribute").Elements("methodAnnotation") select xelement; if (methodAnnotations.Count() > 0) { var methodAttributes = new O2Trace("Spring MVC - Method Attributes"); foreach (var annotation in methodAnnotations) { var annotationTrace = new O2Trace(annotation.Attribute("typeName").Value, TraceType.Type_4); foreach (var member in annotation.Elements("member")) { var memberTraceText = string.Format("{0}={1}", member.Attribute("memberName").Value, member.Attribute("memberValue").Value); annotationTrace.childTraces.Add(new O2Trace(memberTraceText, TraceType.Type_6)); } methodAttributes.childTraces.Insert(0, annotationTrace); // handle special case of org.springframework.web.bind.annotation.RequestMapping (which we want to make the source) if (annotation.Attribute("typeName").Value == "org.springframework.web.bind.annotation.RequestMapping") { //annotationTrace.traceType = TraceType.Source; o2Finding.vulnType = "O2.SpringMvc.Controller"; o2Finding.vulnName = o2Finding.Sink; } } rootTrace.childTraces.Insert(0, methodAttributes); } //else // log.error("There are no method Attributes for method: " + xMethodElement.ToString()); } }
private void addTrace(string filename, int line, string traceText) { if (traceText == null) return; var o2Trace = new O2Trace(traceText); o2Trace.file = filename ?? ""; o2Trace.lineNumber = (uint)line; if (true || currentO2Trace == null) { o2Trace.traceType = TraceType.Source; currentDynamicO2Finding.o2Traces.Add(o2Trace); currentO2Trace = o2Trace; } else { currentO2Trace.childTraces.Add(o2Trace); currentO2Trace = o2Trace; } reloadTraceViewer(); }