public static List<IO2Finding> createFindingsFromStrutsMappings(IStrutsMappings iStrutsMappings)
{
var newO2Findings = new List<IO2Finding>();
foreach (var actionServlet in iStrutsMappings.actionServlets)
foreach (var controler in actionServlet.controllers.Values)
{
var o2Finding = new O2Finding
{
vulnType = "Struts.Finding : " + controler.type,
vulnName = controler.type ?? ""
};
var o2RootTrace = (O2Trace)o2Finding.addTrace("Struts Mapping", TraceType.O2JoinSource);
o2RootTrace.addTrace("Controller Type: " + controler.type, TraceType.O2JoinSink);
// add formbean
if (controler.formBean != null)
{
var beanTrace = (O2Trace)o2RootTrace.addTrace("Form Bean : " + controler.formBean.name, TraceType.O2Info);
beanTrace.addTrace("has validation mapping" + controler.formBean.hasValidationMapping);
foreach (var field in controler.formBean.fields)
beanTrace.addTrace(field.Value.name);
}
var pathsTrace = (O2Trace)o2RootTrace.addTrace("paths:", TraceType.O2Info);
foreach (var path in controler.paths)
{
var pathTrace = (O2Trace)pathsTrace.addTrace("url: " + path.path);
pathTrace.addTrace("controller: " + controler.type + " <- ");
pathTrace.addTraces("view: ", TraceType.O2JoinSink, path.resolvedViews.ToArray());
}
//o2Finding.o2Traces.Add(o2RootTrace);
newO2Findings.Add(o2Finding);
}
return newO2Findings;
}
public void calculateResults()
/*ascx_StrutsMappings strutsMappingsControl,
ascx_FilteredFindings filteredFindings_TaintSources,
ascx_FilteredFindings filteredFindings_FinalSinks,
ascx_FindingsViewer findingsViewer_FinalFindings
)*/
{
//const string controlTypePrefixString = "Controller Type: ";
//const string viewPrefixString = "view: ";
var results = new List<IO2Finding>();
// need to build 4 dictionaries
PublicDI.log.debug("building 4 dictionaries with sources,sinks and Join points");
// JoinSink in taintSources
var taintSourcesJoinSinks = new Dictionary<string, List<IO2Finding>>();
//foreach (O2Finding o2Finding in filteredFindings_TaintSources.getResults())
foreach (O2Finding o2Finding in findingsWith_FindingsFromTaintSources)
{
var joinSinks = o2Finding.JoinSinks();
if (joinSinks.Count == 1)
{
var joinSink = joinSinks[0]; // we currenty only support the case where there is one JoinSink
if (false == taintSourcesJoinSinks.ContainsKey(joinSink))
taintSourcesJoinSinks.Add(joinSink, new List<IO2Finding>());
taintSourcesJoinSinks[joinSink].Add(o2Finding);
}
}
// var taintSourcesJoinLocations
var taintSourcesJoinLocations = new Dictionary<string, List<IO2Finding>>();
//foreach (O2Finding o2Finding in filteredFindings_TaintSources.getResults())
foreach (O2Finding o2Finding in findingsWith_FindingsFromTaintSources)
{
var joinLocations = o2Finding.getJoinLocations();
if (joinLocations.Count == 1)
{
var joinLocation = joinLocations[0].signature; // we currenty only support the case where there is one JoinLocation
if (false == taintSourcesJoinLocations.ContainsKey(joinLocation))
taintSourcesJoinLocations.Add(joinLocation, new List<IO2Finding>());
taintSourcesJoinLocations[joinLocation].Add(o2Finding);
}
}
// JoinSources in final Sinks
var finalSinksTaintSources = new Dictionary<string, List<IO2Finding>>();
//foreach (O2Finding o2Finding in filteredFindings_FinalSinks.getResults())
foreach (O2Finding o2Finding in findingsWith_FindingsToFinalSinks)
{
var joinSources = o2Finding.JoinSources();
if (joinSources.Count == 1)
{
var joinSource = joinSources[0]; // we currenty only support the case where there is one JoinSource
if (false == finalSinksTaintSources.ContainsKey(joinSource))
finalSinksTaintSources.Add(joinSource, new List<IO2Finding>());
finalSinksTaintSources[joinSource].Add(o2Finding);
}
}
// var finalSinksJoinLocations
var finalSinksJoinLocations = new Dictionary<string, List<IO2Finding>>();
//foreach (O2Finding o2Finding in filteredFindings_FinalSinks.getResults())
foreach (O2Finding o2Finding in findingsWith_FindingsToFinalSinks)
{
var joinLocations = o2Finding.getJoinLocations();
if (joinLocations.Count == 1)
{
var joinLocation = joinLocations[0].signature; // we currenty only support the case where there is one JoinLocation
if (false == finalSinksJoinLocations.ContainsKey(joinLocation))
finalSinksJoinLocations.Add(joinLocation, new List<IO2Finding>());
finalSinksJoinLocations[joinLocation].Add(o2Finding);
}
}
PublicDI.log.debug("mapping all data");
//foreach (var actionServlet in strutsMappingsControl.getStrutsMappingObject().actionServlets)
foreach (var actionServlet in StrutsMappings.actionServlets)
{
var controllersToAdd = actionServlet.controllers.Values.Count;
var controllersAdded = 0;
foreach (var controler in actionServlet.controllers.Values)
{
if (controllersAdded++ % 10 == 0)
PublicDI.log.debug(" Added [{0}/{1}] controllers ({2} findings so far)", controllersAdded, controllersToAdd , results.Count );
foreach (var path in controler.paths)
foreach (var view in path.resolvedViews)
{
//DI.log.info("{0} - {1}", controler.type, view);
// now search on the Join Locations
foreach (var taintSourcesJoinLocation in taintSourcesJoinLocations)
foreach (var finalSinksJoinLocation in finalSinksJoinLocations)
{
var filteredController = controler.type ?? "";
var filteredView = JoinPointFilter(view); //.Replace("\\", ".").Replace('/', '.');
var filteredTaintSource = JoinPointFilter(taintSourcesJoinLocation.Key);
//.Replace('\\', '.').Replace('/', '.');
var filteredFinalSink = JoinPointFilter(finalSinksJoinLocation.Key);
//.Replace('\\', '.').Replace('/', '.'); ;
if (filteredTaintSource.Contains(filteredController) &&
filteredFinalSink.Contains(filteredView))
{
foreach (O2Finding taintSourceFinding in taintSourcesJoinLocation.Value)
foreach (O2Finding finalSinkFinding in finalSinksJoinLocation.Value)
{
if (taintSourceFinding.JoinSinks().Count == 1 &&
finalSinkFinding.JoinSources().Count == 1)
{
if (taintSourceFinding.JoinSinks()[0] ==
finalSinkFinding.JoinSources()[0])
{
// if we have a match , create the finding
var o2Finding = new O2Finding
{
vulnType =
"Struts.Finding : " + controler.type,
vulnName = controler.type ?? ""
};
var o2RootTrace =
(O2Trace)
o2Finding.addTrace("Struts Mapping", TraceType.Root_Call);
var controllerTrace =
o2RootTrace.addTrace("Controller: " + controler.type,
TraceType.O2JoinSink);
if (controler.formBean != null)
{
var beanTrace =
(O2Trace)
o2RootTrace.addTrace(
"Form Bean : " + controler.formBean.name,
TraceType.O2Info);
beanTrace.addTrace("has validation mapping" +
controler.formBean.hasValidationMapping);
// only add the field that matches the current join
var currentJoinPoint = JoinOnAttributes.extractNameFromContext(taintSourceFinding.SourceContext, "\"", "\"");
foreach (var field in controler.formBean.fields)
if (field.Key == currentJoinPoint)
{
var joinPoint =
(O2Trace) beanTrace.addTrace(field.Value.name);
joinPoint.addTrace("hasValidationMapping: " +
field.Value.hasValidationMapping);
joinPoint.addTrace_IfNotEmpty("depends: ",
field.Value.depends);
joinPoint.addTrace_IfNotEmpty("initial",
field.Value.initial);
joinPoint.addTrace_IfNotEmpty("type",
field.Value.type);
foreach (var validator in field.Value.validators)
joinPoint.addTrace(
string.Format("validator: {0}={1}",
validator.Key, validator.Value));
}
//var formBeanTrace = o2RootTrace.addTrace( "Form Bean: " + controler.formBean.type ?? "",TraceType.O2Info);
}
controllerTrace.childTraces.AddRange(taintSourceFinding.o2Traces);
var pathsTrace =
(O2Trace) o2RootTrace.addTrace("paths:", TraceType.O2Info);
var pathTrace =
(O2Trace) pathsTrace.addTrace("url: " + path.path);
pathTrace.addTrace("controller: " + controler.type + " <- ");
var viewTrace = pathTrace.addTrace("view: " + filteredView,
TraceType.O2JoinSink);
viewTrace.childTraces.AddRange(finalSinkFinding.o2Traces);
results.Add(o2Finding);
}
}
}
/* o2Finding.addTraces(new[]
{
filteredController, filteredView, filteredTaintSource,
filteredFinalSink
});*/
}
//DI.log.info(" {0} = {1}", filteredController, filteredTaintSource);
//DI.log.info(" {0} = {1}", filteredView, filteredFinalSink);
}
}
}
}
findingsWith_Results = results;
PublicDI.log.debug("mapping complete");
//findingsViewer_FinalFindings.loadO2Findings(results, true);
}
