//rename this method since we do more than just Source or Sinks here
private static void updateSourceOrSinkRule(O2RulePack o2RulePack,IDictionary<string, List<IO2Rule>> indexedO2Rules, string ruleSignature, string languageDBId, TraceType traceType)
{
if (indexedO2Rules != null && ruleSignature != null)
{
//bool createNotMappedRule = false;
var createRuleWithType = O2RuleType.NotMapped;
// only proccess Sources, Sinks and Lost Sinks
if (traceType == TraceType.Source || traceType == TraceType.Known_Sink || traceType == TraceType.Lost_Sink)
{
O2RuleType o2NewRuleType = O2RulePackUtils.getO2RuleTypeFromRuleType(traceType);
createRuleWithType = o2NewRuleType;
/* if (indexedO2Rules != null && false == string.IsNullOrEmpty(ruleSignature))
if (indexedO2Rules.ContainsKey(ruleSignature))
{
bool thereIsAlreadyARuleWithTheSameRuleType = false;
foreach (var o2Rule in indexedO2Rules[ruleSignature])
{
if (o2Rule.RuleType == O2RuleType.NotMapped)
// if it is not mapped change it to o2NewRuleType
{
o2Rule.RuleType = o2NewRuleType;
return;
}
if (o2Rule.RuleType == o2NewRuleType)
// if it is already a rule of type o2NewRuleType, mark it so we can ignore it below
thereIsAlreadyARuleWithTheSameRuleType = true;
}
if (false == thereIsAlreadyARuleWithTheSameRuleType)
// if we got this far, create a new rule of o2NewRuleType
{
var newRule = O2RulePackUtils.createRule(o2NewRuleType, ruleSignature, languageDBId);
indexedO2Rules[ruleSignature].Add(newRule);
// add it to the index so that we don't have to calculate it again
o2RulePack.o2Rules.Add(newRule);
}
}
*/
}
bool createNewRule = true;
IO2Rule notMappedRule = null;
if (indexedO2Rules.ContainsKey(ruleSignature))
{
foreach (var o2Rule in indexedO2Rules[ruleSignature])
{
if (o2Rule.RuleType == createRuleWithType) // dont create if there is already a rule of this type
{
o2Rule.Tagged = true;
createNewRule = false;
}
if (o2Rule.RuleType == O2RuleType.NotMapped)
notMappedRule = o2Rule;
}
}
// handle the case where we have already added a signature but it is not a NotMapped one
if (createRuleWithType == O2RuleType.NotMapped && createNewRule && notMappedRule == null && indexedO2Rules.ContainsKey(ruleSignature))
createNewRule = false;
// if required, Create rule
if (createNewRule)
{
var vulnType = "O2.FindingRule." + createRuleWithType.ToString();
var newRule = new O2Rule(createRuleWithType,vulnType, ruleSignature, languageDBId,true);
o2RulePack.o2Rules.Add(newRule);
if (false == indexedO2Rules.ContainsKey(ruleSignature))
indexedO2Rules.Add(ruleSignature, new List<IO2Rule>());
indexedO2Rules[ruleSignature].Add(newRule);
if (notMappedRule != null)
indexedO2Rules[ruleSignature].Remove(notMappedRule);
}
}
}
internal static IO2Rule cloneRule(IO2Rule o2RuleToClone)
{
var clonedRule = new O2Rule
{
Comments = o2RuleToClone.Comments,
DbId = o2RuleToClone.DbId,
FromArgs = o2RuleToClone.FromArgs,
Param = o2RuleToClone.Param,
Return = o2RuleToClone.Return,
FromDb = o2RuleToClone.FromDb,
RuleType = o2RuleToClone.RuleType,
Severity = o2RuleToClone.Severity,
Signature = o2RuleToClone.Signature,
Tagged = o2RuleToClone.Tagged,
ToArgs = o2RuleToClone.ToArgs,
VulnType = o2RuleToClone.VulnType
};
return clonedRule;
}
public static O2Rule createRule(O2RuleType rtRuleType, String sSignature, String sDbID)
{
var rRule = new O2Rule
{
Severity = "Medium",
DbId = sDbID,
Signature = sSignature,
RuleType = rtRuleType,
VulnType = String.Format("_O2.{0}", rtRuleType)
};
return rRule;
}
private void addCirFunctionsAsRules(
List<ICirFunction> cirFunctionsToProcess, bool keepRulesLoadedFromDatabase,
bool bAddExternalMethodsAsSourcesAndSinks,bool bAddInternalMethodsWithNoCallersAsCallbacks,
bool bDontMarkAsCallbackOrSinksMethodsWithNoParameters,
bool bdontAddIfRuleSignatureAlreadyExists, bool bDontAddIfThereAreNoCallersAndCallees,
string newRulesVulnType)
{
// for performance reasons run this on a separade thread
O2Thread.mtaThread(
() =>
{
// before adding more rules, clear the current list (the return null is to force the Sync version of invokeOnThread )
this.invokeOnThread(()=>
{
clearChangedRulesList();
return null;
});
var newCallbackSignature = "O2.AutoMapping";
DI.log.info("adding {0} cirFunctions as rules", cirFunctionsToProcess.Count);
// get rules that we will keep (if there are rules loaded from Db and keepRulesLoadedFromDatabase is set)
var newO2Rules = (keepRulesLoadedFromDatabase)
? O2RulePackUtils.getRulesThatAreFromDB(currentO2RulePack)
: new List<IO2Rule>();
//update index
indexedCurrentO2Rules = IndexedO2Rules.indexAll(newO2Rules);
if (keepRulesLoadedFromDatabase)
foreach (var o2Rule in newO2Rules)
o2Rule.Tagged = false;
var currentDatabaseID = MiscUtils_OunceV6.getIdForSuportedLanguage(currentLanguage).ToString();
var listOfChangedRules = new List<IO2Rule>();
var functionsToProcess = cirFunctionsToProcess.Count;
var functionsProcessed = 0;
foreach (var cirFunction in cirFunctionsToProcess)
{
var functionSignature = new FilteredSignature(cirFunction).sSignature;
// first check if there are any callers or callees on this function
//bDontAddIfThereAreNoCallersAndCallees
if (bDontAddIfThereAreNoCallersAndCallees && cirFunction.FunctionIsCalledBy.Count == 0 &&
cirFunction.FunctionsCalledUniqueList.Count == 0)
{
// don't add
}
else
// then check if this already exists on the database
if (bdontAddIfRuleSignatureAlreadyExists &&
indexedCurrentO2Rules.ContainsKey(functionSignature))
{
foreach (var o2Rule in indexedCurrentO2Rules[functionSignature])
o2Rule.Tagged = true;
}
// if not, then we will need ot create a new rule for this function
else
{
bool addAsNotMappedRule = false;
//var functionSignature = new FilteredSignature(cirFunction).sSignature;
// handle special cases
//bAddInternalMethodsWithNoCallersAsCallbacks (or the function is explicitly marked with cirFunction.IsTainted
if (cirFunction.IsTainted ||
(bAddInternalMethodsWithNoCallersAsCallbacks && cirFunction.HasControlFlowGraph && cirFunction.FunctionIsCalledBy.Count == 0))
{
//bDontMarkAsCallbackMethodsWithNoParameters
if (false == bDontMarkAsCallbackOrSinksMethodsWithNoParameters ||
cirFunction.FunctionSignature.IndexOf("()") == - 1)
//cirFunction.FunctionParameters.Count > 0) // can't use this since it is not 100% reliable
{
var newCallback = new O2Rule(O2RuleType.Callback,
newCallbackSignature + ".Callback",
functionSignature, currentDatabaseID, true);
listOfChangedRules.Add(newCallback);
newO2Rules.Add(newCallback);
}
else
addAsNotMappedRule = true;
}
//bAddExternalMethodsAsSourcesAndSinks - function calls nobody but it is called by others
else if (bAddExternalMethodsAsSourcesAndSinks &&
cirFunction.FunctionsCalledUniqueList.Count == 0 &&
cirFunction.FunctionIsCalledBy.Count > 0)
{
// when importing CirData created by Core on Java, there is a bug that causes the ReturnType NOT to be populated
// this is why we use the cirFunction.FunctionSignature.IndexOf(":void") > -1 below instead of the more correct if (string.IsNullOrEmpty(cirFunction.ReturnType))
//if (string.IsNullOrEmpty(cirFunction.ReturnType))
// DI.log.info("Method had empty cirFunction.ReturnType: {0}", cirFunction.FunctionSignature);
// Only add source if the return parameter is not void
if (!(cirFunction.FunctionSignature.IndexOf(":void") > -1 || cirFunction.ReturnType == "void" || cirFunction.ReturnType == "System.Void"))
{
var newSource = new O2Rule(O2RuleType.Source,
newCallbackSignature + ".Source",
functionSignature, currentDatabaseID, true);
listOfChangedRules.Add(newSource);
newO2Rules.Add(newSource);
}
else
DI.log.info("Method Not marked as Source: {0}", cirFunction.FunctionSignature);
// for sinks check for bDontMarkAsCallbackOrSinksMethodsWithNoParameters
if (false == bDontMarkAsCallbackOrSinksMethodsWithNoParameters ||
cirFunction.FunctionSignature.IndexOf("()") == -1)
//cirFunction.FunctionParameters.Count > 0)
{
var newSink = new O2Rule(O2RuleType.Sink, newCallbackSignature + ".Sink",
functionSignature, currentDatabaseID, true);
listOfChangedRules.Add(newSink);
newO2Rules.Add(newSink);
}
//else
// DI.log.info("Method Not marked as Sink: ", cirFunction.FunctionSignature);
}
else
{
addAsNotMappedRule = true;
}
if (addAsNotMappedRule)
{
// add as NotMapped
var newO2Rule = new O2Rule(newRulesVulnType, functionSignature, currentDatabaseID) { Tagged = true };
newO2Rules.Add(newO2Rule);
}
}
// Counter
if ((functionsProcessed++)%200 == 0)
DI.log.info("In addCirFunctionsAsRules: {0} / {1} cir Functions processed",
functionsProcessed, functionsToProcess);
}
// make the current rule pack the one with the rules we have just loaded
DI.log.info("{0} rules created", newO2Rules.Count);
var newRulePack = new O2RulePack("Rule Pack", newO2Rules);
setCurrentRulePack(newRulePack);
// we need to back to the GUI thread for the updates
this.invokeOnThread(
() =>
{
// hide this ListView for performance reasons
lvChangedRules.Visible = false;
dgvRules.Visible = false;
// add rules
addRulesToChangedRulesList_BatchMode(listOfChangedRules);
// foreach (var changedO2Rule in listOfChangedRules)
// addRuleToChangedRulesList(changedO2Rule, false /*checkIfRuleIsAlreadyInList*/);
// if we are in view all mode changed it to OnlyTaggedRules
if (rbViewMode_AllRules.Checked)
rbViewMode_OnlyTaggedRules.Checked = true;
else
setRulesViewMode(); // trigger refresh
// now that all rules have been added make it visible again
lvChangedRules.Visible = true;
dgvRules.Visible = true;
});
});
}
public static IO2Rule createASRule(string ruleSignature, string ruleTaintFrom, string ruleTaintTo)
{
var o2Rule = new O2Rule();
o2Rule.DbId = "2";
o2Rule.Signature = ruleSignature;
o2Rule.FromArgs = ruleTaintFrom;
o2Rule.ToArgs = ruleTaintTo;
if (o2Rule.ToArgs == "none")
o2Rule.RuleType = O2RuleType.DontPropagateTaint;
else
o2Rule.RuleType = O2RuleType.PropageTaint;
if (o2Rule.ToArgs.IndexOf(".*") > -1)
{
o2Rule.Return = "1";
o2Rule.ToArgs = o2Rule.ToArgs.Replace(".*", "");
}
else
o2Rule.Return = "0";
o2Rule.VulnType = "Summary Driven Rule";
return o2Rule;
}
private void newRule()
{
var newO2Rule = new O2Rule();
newO2Rule.Signature = "new rule";
if (dgvRules.SelectedRows.Count > 0)
foreach (DataGridViewRow selectedRow in dgvRules.SelectedRows) // we have to do this because dgvRules.SelectedRows.Clear() doesn't work
selectedRow.Selected = false;
var newRuleRow = addO2RuleToDataGridView(newO2Rule);
currentO2RulePack.o2Rules.Add(newO2Rule);
newRuleRow.Selected = true;
openRulesEditor();
}