public List <IO2Rule> addRulesToDatabase(bool bDeleteDatabase, O2RulePack o2rulePack)
{
var rulesNotProcessed = new List <IO2Rule>();
if (bDeleteDatabase)
{
Lddb_OunceV6.action_DeleteAllRules();
}
//Utils.debugBreak();
//removeRulesFromCache();
DI.log.info("Adding {0} rules to database", o2rulePack.o2Rules.Count);
foreach (var o2Rule in o2rulePack.o2Rules)
{
if (false == addRuleToDatabase(o2Rule))
{
rulesNotProcessed.Add(o2Rule);
}
}
DI.log.info("Completed adding {0} rules to database", o2rulePack.o2Rules.Count);
if (rulesNotProcessed.Count > 0)
{
DI.log.info("Total number of rules NOT processed: {0}", rulesNotProcessed.Count);
}
return(rulesNotProcessed);
}
private void btDeleteSelectedActionObject_Click(object sender, EventArgs e)
{
DI.log.debug("Deleting all objects realted to vuln_id: {0}", lbSelectedMethodVulnId.Text);
UInt32 uVulnId = 0;
if (UInt32.TryParse(lbSelectedMethodVulnId.Text, out uVulnId))
{
Lddb_OunceV6.action_deleteSignatureAndActionObject(uVulnId);
lbSelectedMethodVulnId.Text = "";
lbCurrentMethodDbId.Text = "";
lbSelectedActionObjectId.Text = "";
}
/*
*
* DI.log.debug("Deleting ActionObject Object for Custom rule: \n" +
* "MethodSignature: {0}" +
* "MethodVulnId: {1}" +
* "Db_id: {2}" +
* "ActionObjectID: {3}" +
* "ActionObjectSignature: {4}",
* lbCurrentMethodSignature.Text, lbSelectedMethodVulnId.Text,lbCurrentMethodDbId.Text, lbSelectedActionObjectId.Text,
* dgvLddb_actionobjects.SelectedRows[0].Cells["signature"].Value.ToString()
* );
* Lddb_OunceV6.action_DeleteActionId(UInt32.Parse(lbSelectedActionObjectId.Text));
*/
populateTableWithMethodSignatureAndActionObjectId(lbCurrentMethodDbId.Text, lbSelectedMethodVulnId.Text,
lbSelectedActionObjectId.Text);
}
private void btDeleteSelectedCallbaks_Click(object sender, EventArgs e)
{
foreach (DataGridViewRow rSelectedRow in dgvCallbacksInLddbDatabase.SelectedRows)
{
String sSignatureOfCallbackToDelete =
Encoding.ASCII.GetString((byte[])rSelectedRow.Cells["signature"].Value);
var uCallbackDbId = (UInt32)rSelectedRow.Cells["db_id"].Value;
Lddb_OunceV6.action_DeleteCallback(uCallbackDbId, sSignatureOfCallbackToDelete);
}
refreshDgbWithExistingCallbacks();
}
public static void raiseEvent_ShowCustomRulesDetails_MethodSignature(String sActionObjectId)
{
UInt32 uActionObjectId = 0;
if (UInt32.TryParse(sActionObjectId, out uActionObjectId))
{
String sMethodDbId = Lddb_OunceV6.action_getDbIDFromActionObjectId(uActionObjectId).ToString();
String sMethodSignature = Lddb_OunceV6.action_getMethodSignatureFromActionObjectId(uActionObjectId);
raiseEvent_ShowCustomRulesDetails_MethodSignature(sMethodDbId, sMethodSignature);
}
}
private void makeMethodsCallbacks(List <string> methodsToAddAsCallbacks)
{
pbAddingMethodsProgressBar.Maximum = methodsToAddAsCallbacks.Count;
pbAddingMethodsProgressBar.Value = 0;
foreach (var methodToAdd in methodsToAddAsCallbacks)
{
Lddb_OunceV6.action_makeMethodACallback(uDbId, methodToAdd);
pbAddingMethodsProgressBar.Value++;
}
}
private void btMarkMethodAsSink_Click(object sender, EventArgs e)
{
String sMethodSignature = lbCurrentMethodSignature.Text;
String sVulnId = lbSelectedMethodVulnId.Text;
String sActionObjectSignature = cbEditCustomRules_Signature.Text;
String sSeverity = cbEditCustomRules_Severity.Text;
String sLanguageId = cbEditCustomRules_DbId.Text;
String sVulnType = cbEditCustomRules_vuln_type.Text;
Lddb_OunceV6.action_makeMethod_Sink(sLanguageId, sMethodSignature, sVulnId, sActionObjectSignature, sSeverity,
sVulnType, true);
}
public void populateEditCustomRulesComboBoxes()
{
UInt32[] auTraces = Lddb_OunceV6.action_getDistinct_trace(true);
String[] sVulnTypes = Lddb_OunceV6.action_getDistinct_vuln_type(true);
String[] sSignatures = Lddb_OunceV6.action_getDistinct_signature(true);
String[] sSeverity = Lddb_OunceV6.action_getDistinct_severity(true);
O2Forms.populateControlItemCollectionWithArray(cbEditCustomRules_Trace, auTraces);
O2Forms.populateControlItemCollectionWithArray(cbEditCustomRules_vuln_type, sVulnTypes);
O2Forms.populateControlItemCollectionWithArray(cbEditCustomRules_Signature, sSignatures);
O2Forms.populateControlItemCollectionWithArray(cbEditCustomRules_Severity, sSeverity);
}
public static void populateDataGridView_ExistentActionsObjectsForSignature(String sDbId, String sSignature,
DataGridView dgvDataGridView,
bool bVerbose)
{
dgvDataGridView.Columns.Clear();
UInt32 uVuln_id = Lddb_OunceV6.action_getVulnIdThatMatchesSignature(sDbId, sSignature, bVerbose);
if (uVuln_id == 0)
{
return;
}
populateDataGridView_ExistentActionsObjectsForVulnId(uVuln_id, dgvDataGridView);
}
public static void populateDataGridView_MethodSignature(String sDbId, String sSignature,
DataGridView dgvDataGridView)
{
UInt32 uVulnId = Lddb_OunceV6.action_getVulnIdThatMatchesSignature(sDbId, sSignature, false);
if (uVulnId == 0)
{
O2Forms.executeMethodThreadSafe(dgvDataGridView, dgvDataGridView.Rows, "Clear", new object[] {});
}
else
{
populateDataGridView_ExistentActionsObjectsForVulnId(uVulnId, dgvDataGridView);
}
}
public void test_createRulePackWithAllRulesFromLddbFor_DotNet()
{
var numberOfRules = Lddb_OunceV6.getNumberOfRulesInRecTable();
Assert.That(numberOfRules > 0, "numberOfRules == 0");
DI.log.info("There {0} rules", numberOfRules);
var o2Rules = mySqlRules_OunceV6.createO2RulesForAllLddbEntriesForLanguage(SupportedLanguage.DotNet);
var o2RulePack = new O2RulePack("MySql_Dump", o2Rules);
Assert.That(o2Rules.Count > 0, "o2Rules.Count ==0");
var rulePackFile = O2RulePackUtils.saveRulePack(o2RulePack);
Assert.That(File.Exists(rulePackFile), "rulePacklFile file didn't exist: " + rulePackFile);
DI.log.info("Rule pack (with {0} rules) saved to {1}", o2Rules.Count, rulePackFile);
}
private void lbCurrentMethodSignature_TextChanged(object sender, EventArgs e)
{
UInt32 uVulnId = Lddb_OunceV6.action_getVulnIdThatMatchesSignature(lbCurrentMethodDbId.Text,
lbCurrentMethodSignature.Text, false);
lbSelectedMethodVulnId.Text = uVulnId.ToString();
lbSelectedActionObjectId.Text = "";
if (uVulnId > 0)
{
populateTableWithMethodSignatureAndActionObjectId(lbCurrentMethodDbId.Text, lbSelectedMethodVulnId.Text,
lbSelectedActionObjectId.Text);
}
else
{
lbSelectedActionObjectId.Text = "";
dgvLddb_actionobjects.Columns.Clear();
dgvLddb_rec.Columns.Clear();
}
}
public bool addRuleToDatabase(IO2Rule rRule, bool bVerbose)
{
var sVulnId = "0"; // make it 0 since it doesn't matter this value
switch (rRule.RuleType)
{
case O2RuleType.Source:
var sActionObjectSignatureForSource = "InputAnyTainted";
Lddb_OunceV6.action_makeMethod_Source(rRule.DbId, rRule.Signature, sVulnId,
sActionObjectSignatureForSource, rRule.Severity, rRule.VulnType,
bVerbose);
break;
case O2RuleType.Sink:
var sActionObjectSignatureForSink = "OutputAnyNotValidated";
Lddb_OunceV6.action_makeMethod_Sink(rRule.DbId, rRule.Signature, sVulnId, sActionObjectSignatureForSink,
rRule.Severity, rRule.VulnType, bVerbose);
break;
case O2RuleType.Callback:
Lddb_OunceV6.action_makeMethodACallback(UInt32.Parse(rRule.DbId), rRule.Signature,
true /*bDeletePreviousRulesForSignature*/, bVerbose);
break;
case O2RuleType.PropageTaint:
Lddb_OunceV6.action_makeMethod_TaintPropagator(UInt32.Parse(rRule.DbId), rRule.Signature, rRule.FromArgs, rRule.ToArgs, rRule.Return.ToString());
break;
case O2RuleType.DontPropagateTaint:
Lddb_OunceV6.action_makeMethod_NotPropagateTaint(UInt32.Parse(rRule.DbId), rRule.Signature);
break;
default:
DI.log.error("Rule type not supported: {0} Rule changed not processed: {1}",
rRule.RuleType, rRule.Signature);
return(false);
}
return(true);
}
public void updateLabelWithNumberOfRulesInDatabase()
{
lbNumberOfRulesInDatabase.Text = Lddb_OunceV6.getNumberOfRulesInRecTable().ToString();
}
public static void populateDataGridViewWithCustomRules(DataGridView dgvCustomRules)
{
String sSqlToFetchCustomRules = Lddb_OunceV6.getSqlQueryStringToSeeCustomRules();
runQueryAndPopulateDataGrid(dgvCustomRules, sSqlToFetchCustomRules);
}
public void DeleteAllRulesFromDatabase()
{
Lddb_OunceV6.action_DeleteAllRules();
}
public void deleteRuleFromDatabase(IO2Rule ruleToDelete)
{
Lddb_OunceV6.action_deleteRuleFromDatabase(ruleToDelete);
}
public void deleteRulesFromDatabase(IEnumerable <IO2Rule> rulesToDelete)
{
Lddb_OunceV6.action_deleteRulesFromDatabase(rulesToDelete);
}
private void btDeleteAllCallbacks_Click(object sender, EventArgs e)
{
Lddb_OunceV6.action_DeleteAllCallbacks();
refreshDgbWithExistingCallbacks();
}
private void createRulesForSignatures(ruleType rRuleType)
{
var dgvRowsToRemove = new List <DataGridViewRow>();
String sVuln_id, sActionObjectSignature, sSeverity, sVuln_type;
foreach (DataGridViewRow dgvRow in dgvTargetMethods.Rows)
{
UInt32 uDbId;
if (UInt32.TryParse(dgvRow.Cells["db_id"].Value.ToString(), out uDbId))
{
String sMethodSignature = dgvRow.Cells["signature"].Value.ToString();
// String sVulnName = "";
switch (rRuleType)
{
case ruleType.TaintPropagator:
if (Lddb_OunceV6.action_makeMethod_TaintPropagator(uDbId, sMethodSignature, "all", "all", "1"))
{
dgvRowsToRemove.Add(dgvRow);
}
break;
case ruleType.Callback:
if (Lddb_OunceV6.action_makeMethodACallback(uDbId, sMethodSignature))
{
dgvRowsToRemove.Add(dgvRow);
}
break;
case ruleType.Source:
sVuln_id = "0";
sActionObjectSignature = "InputAnyTainted";
sSeverity = "High";
sVuln_type = "Vulnerability.F1.Source";
if (cbEditCustomRules_vuln_type.Text != "")
{
sVuln_type = cbEditCustomRules_vuln_type.Text;
}
if (Lddb_OunceV6.action_makeMethod_Source(uDbId.ToString(), sMethodSignature, sVuln_id,
sActionObjectSignature, sSeverity, sVuln_type))
{
dgvRowsToRemove.Add(dgvRow);
}
break;
case ruleType.Sink:
sVuln_id = "0";
sActionObjectSignature = "OutputAnyNotValidated";
sSeverity = "High";
sVuln_type = "Vulnerability.F1.Sink";
if (cbEditCustomRules_vuln_type.Text != "")
{
sVuln_type = cbEditCustomRules_vuln_type.Text;
}
if (Lddb_OunceV6.action_makeMethod_Sink(uDbId.ToString(), sMethodSignature, sVuln_id,
sActionObjectSignature, sSeverity, sVuln_type, true))
{
dgvRowsToRemove.Add(dgvRow);
}
break;
case ruleType.Validator:
if (Lddb_OunceV6.action_makeMethod_Validator(uDbId, sMethodSignature))
{
dgvRowsToRemove.Add(dgvRow);
}
break;
case ruleType.NotPropagateTaint:
if (Lddb_OunceV6.action_makeMethod_NotPropagateTaint(uDbId, sMethodSignature))
{
dgvRowsToRemove.Add(dgvRow);
}
break;
default:
break;
}
}
else
{
DI.log.error("in btMarkMethodsAs_TaintPropagator_Click error converting {0} to an UInt32",
dgvRow.Cells["Db_id"].Value.ToString());
}
}
foreach (DataGridViewRow dgvRowToRemove in dgvRowsToRemove)
{
dgvTargetMethods.Rows.Remove(dgvRowToRemove);
}
}
private void llDeleteDatabase_LinkClicked(object sender, LinkLabelLinkClickedEventArgs e)
{
Lddb_OunceV6.action_DeleteAllRules();
}