public static void mapXmlFilesToCirData(string pathCirDataFile, string pathToClassFiles, string pathToRootClassFolder)
{
var cirData = CirLoad.loadFile(pathCirDataFile);
DI.log.info("There are {0} functions loaded", cirData.dFunctions_bySignature.Keys.Count);
var attributeXmlFiles = getAttributeXmlFiles(pathToClassFiles, pathToRootClassFolder);
var numberOfControllersMapped = 0;
foreach (var attributeXmlFile in attributeXmlFiles.Keys)
{
var resolvedParentClass = attributeXmlFile.Replace("\\", ".").Replace(".class.JavaAttributes.xml", "");
if (cirData.dClasses_bySignature.ContainsKey(resolvedParentClass))
{
//DI.log.info(" we have a match : {0} -> {1}", resolvedParentClass , attributeXmlFiles[attributeXmlFile]);
XDocument xDoc = XDocument.Load(attributeXmlFiles[attributeXmlFile]);
foreach (var cirFunction in cirData.dClasses_bySignature[resolvedParentClass].dFunctions.Values)
{
var xmlMethodElements = from xElement
in xDoc.Elements("JavaAttributeMappings").Elements("class").Elements("method")
where xElement.Attribute("name").Value == cirFunction.FunctionName
select xElement;
// for now map all xmlMethods to the same CirData (this could create a false positive if there are controllers with the same name (but diferent signature
foreach (var xMethodElement in xmlMethodElements)
{
if (SpringMVCAttributes.addTaintedInfoToCirFunction(xMethodElement, cirFunction))
{
numberOfControllersMapped++;
}
}
if (cirFunction.IsTainted && xmlMethodElements.Count() > 1)
{
DI.log.error("DOUBLE MAPPING since cirFunction.IsTained && xmlMethodElements.Count() >1 : {0} -> {1}", resolvedParentClass, cirFunction.FunctionName);
}
}
}
else
if (resolvedParentClass.IndexOf('$') == -1)
{
DI.log.error(" we DONT have a match : {0}", resolvedParentClass);
}
}
DI.log.info("There were {0} controllers mappings added", numberOfControllersMapped);
var newCirDataFile = pathCirDataFile + ".WithSpringMvcControllersAsCallbacks.CirData";
CirDataUtils.saveSerializedO2CirDataObjectToFile(cirData, newCirDataFile);
}
public static bool mapJavaAttributesToFinding(O2Finding o2Finding, string xmlAttributeFile)
{
var source = o2Finding.Source;
var filteredSignature = new FilteredSignature(source);
//DI.log.info(filteredSignature.sFunctionClass + " - " + filteredSignature.sFunctionName);
var xClassElement = getClassDataFromXmlAttributeFile(xmlAttributeFile, filteredSignature.sFunctionClass);
if (xClassElement != null)
{
SpringMVCAttributes.addClassAttributesToFinding(xClassElement, o2Finding);
var xMethodElement = getMethodDataFromXmlAttributeFile(xClassElement, filteredSignature.sFunctionName);
if (xMethodElement != null)
{
SpringMVCAttributes.addMethodAttributesToFinding(xMethodElement, o2Finding);
return(true);
// DI.log.info("have xElement");
}
}
return(false);
//DI.log.info("mapping finding {0} with xml file {1}", o2Finding.ToString(), xmlAttributeFile);
}