public static List<IO2Finding> createO2FindingsFromCirFunction(ICirFunction cirFunction, bool createNewFindingOnExternalCall)
{
var o2FindingsCreated = new List<IO2Finding>();
var filteredSignature = new FilteredSignature(cirFunction);
var functionSignature = filteredSignature.sSignature;
var rootO2Finding = new O2Finding
{
method = cirFunction.ClassNameFunctionNameAndParameters,
vulnName = functionSignature,
vulnType = "O2.CirGeneratedTrace",
severity = 2,
confidence = 2,
file= cirFunction.File
};
if (cirFunction.File != null)
{
UInt32 lineNumber;
if (UInt32.TryParse(cirFunction.FileLine, out lineNumber))
rootO2Finding.lineNumber = lineNumber;
}
createTracesAndFindingsFromCirFunction(cirFunction, rootO2Finding.file, rootO2Finding.lineNumber, rootO2Finding.o2Traces, new List<IO2Trace>(), rootO2Finding, o2FindingsCreated, createNewFindingOnExternalCall);
// make the first trace a Source
rootO2Finding.o2Traces[0].traceType = TraceType.Source;
// and add it to the list of Findings Created
o2FindingsCreated.Add(rootO2Finding);
return o2FindingsCreated;
}
public static void mapMethodsToFilteredSignatures(List<MethodInfo> methodsToMap, ref List<FilteredSignature> filteredSignatures, ref Dictionary<string, MethodInfo> methods_bySignature, bool hideCSharpGeneratedMethods)
{
filteredSignatures = new List<FilteredSignature>();
methods_bySignature = new Dictionary<string, MethodInfo>();
foreach (var method in methodsToMap)
{
try
{
var filteredSignature = new FilteredSignature(method);
if (hideCSharpGeneratedMethods == false || (filteredSignature.sSignature.IndexOf("<>") == -1 &&
false == filteredSignature.sFunctionName.StartsWith("b__")))
{
// create methodsLoaded_bySignature
if (methods_bySignature.ContainsKey(filteredSignature.sSignature))
{
if (method.type().Assembly.GetName().Name.contains("FluentSharp"))
PublicDI.log.error("in mapMethodsToFilteredSignatures, repeated signature: {0}", filteredSignature.sSignature);
}
else
{
filteredSignatures.Add(filteredSignature);
methods_bySignature.Add(filteredSignature.sSignature, method);
}
}
else
{
//PublicDI.log.info("Skipping: {0}", method.Name);
}
}
catch (Exception ex)
{
"[O2 Object Model] mapMethodsToFilteredSignatures: {0}".error(ex.Message);
}
}
}
public static FilteredSignature createFilteredSignatureFromJavaMethod(string className, string functionName, string methodDescriptor)
{
var newFilteredSignature = new FilteredSignature();
newFilteredSignature.sFunctionClass = className;
newFilteredSignature.sFunctionName = functionName;
// process descriptor
var lastParentesis = methodDescriptor.LastIndexOf(')');
if (lastParentesis > -1)
{
methodDescriptor = methodDescriptor.Replace('/', '.');
lastParentesis++;
newFilteredSignature.sParameters = methodDescriptor.Substring(0, lastParentesis);
newFilteredSignature.sReturnClass = methodDescriptor.Substring(lastParentesis);
// BUG: Major hack to fix the sParameters created by JavaMethod descriptors
if (newFilteredSignature.sReturnClass == "V")
{
newFilteredSignature.sReturnClass = "void";
}
newFilteredSignature.sParameters = newFilteredSignature.sParameters.Replace("(I)", "(int)").Replace("(IL", "(int;").Replace(";IL", ";int;");
newFilteredSignature.sParameters = newFilteredSignature.sParameters.Replace("(L", "(").Replace("(IL", "(").Replace(";L", ";").Replace(";)", ")");
if (newFilteredSignature.sParameters[0] == '(' && newFilteredSignature.sParameters[newFilteredSignature.sParameters.Length - 1] == ')')
{
newFilteredSignature.sParameters = newFilteredSignature.sParameters.Substring(1, newFilteredSignature.sParameters.Length - 2);
}
// fix the sReturnClass
if (newFilteredSignature.sReturnClass[0] == 'L' && newFilteredSignature.sReturnClass[newFilteredSignature.sReturnClass.Length - 1] == ';')
{
newFilteredSignature.sReturnClass = newFilteredSignature.sReturnClass.Substring(1, newFilteredSignature.sReturnClass.Length - 2);
}
newFilteredSignature.sSignature = newFilteredSignature.getSignature();
}
return(newFilteredSignature);
}
public static MethodDefinition getMethodDefinitionFromMethodInfo(MethodInfo methodInfo, Mono.Cecil.AssemblyDefinition assemblyDefinition)
{
foreach (var methodDefinition in CecilUtils.getMethods(assemblyDefinition))
{
var functionSignature1 = new FilteredSignature(methodInfo);
var functionSignature2 = new FilteredSignature(methodDefinition.ToString());
if (functionSignature1.sSignature == functionSignature2.sSignature)
return methodDefinition;
if (functionSignature1.sFunctionName == functionSignature2.sFunctionName)
{
}
}
PublicDI.log.error("in getMethodDefinitionFromMethodInfo, could not map MethodInfo: {0}", methodInfo.ToString());
return null;
}
public static String filterSignature(String sStringToFilter, bool bShowParameters, bool bShowReturnClass,
bool bShowNamespace, int iNamespaceDepth)
{
if (PublicDI.dFilteredFuntionSignatures.ContainsKey(sStringToFilter))
{
return(PublicDI.dFilteredFuntionSignatures[sStringToFilter].getFilteredSignature(
bShowParameters, bShowReturnClass, bShowNamespace, iNamespaceDepth));
}
var fsFilteredSignature = new FilteredSignature(sStringToFilter);
PublicDI.dFilteredFuntionSignatures.Add(sStringToFilter, fsFilteredSignature);
return(fsFilteredSignature.getFilteredSignature(bShowParameters, bShowReturnClass, bShowNamespace,
iNamespaceDepth));
}
public static TreeNode getTreeNodeWithAutoWiredObject(ICirData cirData, string targetFunction, SpringMvcParameter springMvcParameter, int parameterIndex)
{
try
{
if (cirData != null && cirData.dFunctions_bySignature.ContainsKey(targetFunction))
{
var cirFunction = cirData.dFunctions_bySignature[targetFunction];
if (cirFunction.FunctionParameters.Count <= parameterIndex)
{
var filteredSignature = new FilteredSignature(targetFunction);
if (filteredSignature.lsParameters_Parsed.Count > parameterIndex)
springMvcParameter.className = filteredSignature.lsParameters_Parsed[parameterIndex];
else
DI.log.error("in getTreeNodeWithAutoWiredObject, requested parameter index not found in function: {0}", targetFunction);
}
else
{
var functionParameter = cirFunction.FunctionParameters[parameterIndex];
springMvcParameter.className = functionParameter.ParameterType.Replace("&", "");
}
if (springMvcParameter.className != "")
{
// Hack to handle int Java mappings
if (springMvcParameter.className == "int")
springMvcParameter.className = "java.lang.Integer";
if (cirData.dClasses_bySignature.ContainsKey(springMvcParameter.className))
{
var childNodeText = string.Format("{0} - {1} - {2}", springMvcParameter.autoWiredMethodUsed, springMvcParameter.name, springMvcParameter.className);
return O2Forms.newTreeNode(childNodeText, childNodeText, 0, cirData.dClasses_bySignature[springMvcParameter.className]);
}
DI.log.error("in getTreeNodeWithAutoWiredObject, parameter type not found in cirData class list:{0}", springMvcParameter.className);
}
}
else
DI.log.error("in getTreeNodeWithAutoWiredObject, loaded cirData did not contained signature :{0}", targetFunction);
}
catch (Exception ex)
{
DI.log.error("in getTreeNodeWithAutoWiredObject:", ex.Message);
}
return new TreeNode();
}
private static void fixFunctionsCalledXRefs(ICirData cirData)
{
if (cirData != null && cirData.dFunctions_bySignature != null)
{
var timer = new O2Timer("fixFunctionsCalledXRefs").start();
foreach (CirFunction cirFunction in cirData.dFunctions_bySignature.Values)
{
if (cirFunction.FunctionName == null)
{
var filteredSignature = new FilteredSignature(cirFunction.FunctionSignature);
cirFunction.FunctionName = filteredSignature.sFunctionName;
cirFunction.FunctionNameAndParameters = filteredSignature.sFunctionNameAndParams;
cirFunction.ClassNameFunctionNameAndParameters = filteredSignature.sFunctionClass + "." +
filteredSignature.sFunctionNameAndParams;
}
}
timer.stop();
}
}
public void showSelectedMethodDetails(FilteredSignature filteredSignature)
{
if (filteredSignature != null)
{
tbMethodDetails_Name.invokeOnThread(
() =>
{
tbMethodDetails_Name.Text = filteredSignature.sFunctionName;
tbMethodDetails_OriginalSignature.Text = filteredSignature.sOriginalSignature;
tbMethodDetails_Parameters.Text = filteredSignature.sParameters;
tbMethodDetails_ReturnType.Text = filteredSignature.sReturnClass;
tbMethodDetails_Signature.Text = filteredSignature.sSignature;
tbMethodDetails_Type.Text = filteredSignature.sFunctionClass;
});
}
}
public CirFunction(string functionSignature) : this()
{
FunctionSignature = functionSignature;
var filteredSignature = new FilteredSignature(FunctionSignature);
FunctionName = filteredSignature.sFunctionName;
FunctionNameAndParameters = filteredSignature.sFunctionNameAndParams;
ClassNameFunctionNameAndParameters = filteredSignature.sFunctionClass + "." + filteredSignature.sFunctionNameAndParams;
ReturnType = filteredSignature.sReturnClass;
}
private void addCirFunctionsAsRules(
List<ICirFunction> cirFunctionsToProcess, bool keepRulesLoadedFromDatabase,
bool bAddExternalMethodsAsSourcesAndSinks,bool bAddInternalMethodsWithNoCallersAsCallbacks,
bool bDontMarkAsCallbackOrSinksMethodsWithNoParameters,
bool bdontAddIfRuleSignatureAlreadyExists, bool bDontAddIfThereAreNoCallersAndCallees,
string newRulesVulnType)
{
// for performance reasons run this on a separade thread
O2Thread.mtaThread(
() =>
{
// before adding more rules, clear the current list (the return null is to force the Sync version of invokeOnThread )
this.invokeOnThread(()=>
{
clearChangedRulesList();
return "done";
});
var newCallbackSignature = "O2.AutoMapping";
DI.log.info("adding {0} cirFunctions as rules", cirFunctionsToProcess.Count);
// get rules that we will keep (if there are rules loaded from Db and keepRulesLoadedFromDatabase is set)
var newO2Rules = (keepRulesLoadedFromDatabase)
? O2RulePackUtils.getRulesThatAreFromDB(currentO2RulePack)
: new List<IO2Rule>();
//update index
indexedCurrentO2Rules = IndexedO2Rules.indexAll(newO2Rules);
if (keepRulesLoadedFromDatabase)
foreach (var o2Rule in newO2Rules)
o2Rule.Tagged = false;
var currentDatabaseID = MiscUtils_OunceV6.getIdForSuportedLanguage(currentLanguage).ToString();
var listOfChangedRules = new List<IO2Rule>();
var functionsToProcess = cirFunctionsToProcess.Count;
var functionsProcessed = 0;
foreach (var cirFunction in cirFunctionsToProcess)
{
var functionSignature = new FilteredSignature(cirFunction).sSignature;
// first check if there are any callers or callees on this function
//bDontAddIfThereAreNoCallersAndCallees
if (bDontAddIfThereAreNoCallersAndCallees && cirFunction.FunctionIsCalledBy.Count == 0 &&
cirFunction.FunctionsCalledUniqueList.Count == 0)
{
// don't add
}
else
// then check if this already exists on the database
if (bdontAddIfRuleSignatureAlreadyExists &&
indexedCurrentO2Rules.ContainsKey(functionSignature))
{
foreach (var o2Rule in indexedCurrentO2Rules[functionSignature])
o2Rule.Tagged = true;
}
// if not, then we will need ot create a new rule for this function
else
{
bool addAsNotMappedRule = false;
//var functionSignature = new FilteredSignature(cirFunction).sSignature;
// handle special cases
//bAddInternalMethodsWithNoCallersAsCallbacks (or the function is explicitly marked with cirFunction.IsTainted
if (cirFunction.IsTainted ||
(bAddInternalMethodsWithNoCallersAsCallbacks && cirFunction.HasControlFlowGraph && cirFunction.FunctionIsCalledBy.Count == 0))
{
//bDontMarkAsCallbackMethodsWithNoParameters
if (false == bDontMarkAsCallbackOrSinksMethodsWithNoParameters ||
cirFunction.FunctionSignature.IndexOf("()") == - 1)
//cirFunction.FunctionParameters.Count > 0) // can't use this since it is not 100% reliable
{
var newCallback = new O2Rule(O2RuleType.Callback,
newCallbackSignature + ".Callback",
functionSignature, currentDatabaseID, true);
listOfChangedRules.Add(newCallback);
newO2Rules.Add(newCallback);
}
else
addAsNotMappedRule = true;
}
//bAddExternalMethodsAsSourcesAndSinks - function calls nobody but it is called by others
else if (bAddExternalMethodsAsSourcesAndSinks &&
cirFunction.FunctionsCalledUniqueList.Count == 0 &&
cirFunction.FunctionIsCalledBy.Count > 0)
{
// when importing CirData created by Core on Java, there is a bug that causes the ReturnType NOT to be populated
// this is why we use the cirFunction.FunctionSignature.IndexOf(":void") > -1 below instead of the more correct if (string.IsNullOrEmpty(cirFunction.ReturnType))
//if (string.IsNullOrEmpty(cirFunction.ReturnType))
// DI.log.info("Method had empty cirFunction.ReturnType: {0}", cirFunction.FunctionSignature);
// Only add source if the return parameter is not void
if (!(cirFunction.FunctionSignature.IndexOf(":void") > -1 || cirFunction.ReturnType == "void" || cirFunction.ReturnType == "System.Void"))
{
var newSource = new O2Rule(O2RuleType.Source,
newCallbackSignature + ".Source",
functionSignature, currentDatabaseID, true);
listOfChangedRules.Add(newSource);
newO2Rules.Add(newSource);
}
else
DI.log.info("Method Not marked as Source: {0}", cirFunction.FunctionSignature);
// for sinks check for bDontMarkAsCallbackOrSinksMethodsWithNoParameters
if (false == bDontMarkAsCallbackOrSinksMethodsWithNoParameters ||
cirFunction.FunctionSignature.IndexOf("()") == -1)
//cirFunction.FunctionParameters.Count > 0)
{
var newSink = new O2Rule(O2RuleType.Sink, newCallbackSignature + ".Sink",
functionSignature, currentDatabaseID, true);
listOfChangedRules.Add(newSink);
newO2Rules.Add(newSink);
}
//else
// DI.log.info("Method Not marked as Sink: ", cirFunction.FunctionSignature);
}
else
{
addAsNotMappedRule = true;
}
if (addAsNotMappedRule)
{
// add as NotMapped
var newO2Rule = new O2Rule(newRulesVulnType, functionSignature, currentDatabaseID) { Tagged = true };
newO2Rules.Add(newO2Rule);
}
}
// Counter
if ((functionsProcessed++)%200 == 0)
DI.log.info("In addCirFunctionsAsRules: {0} / {1} cir Functions processed",
functionsProcessed, functionsToProcess);
}
// make the current rule pack the one with the rules we have just loaded
DI.log.info("{0} rules created", newO2Rules.Count);
var newRulePack = new O2RulePack("Rule Pack", newO2Rules);
setCurrentRulePack(newRulePack);
// we need to back to the GUI thread for the updates
this.invokeOnThread(
() =>
{
// hide this ListView for performance reasons
lvChangedRules.Visible = false;
dgvRules.Visible = false;
// add rules
addRulesToChangedRulesList_BatchMode(listOfChangedRules);
// foreach (var changedO2Rule in listOfChangedRules)
// addRuleToChangedRulesList(changedO2Rule, false /*checkIfRuleIsAlreadyInList*/);
// if we are in view all mode changed it to OnlyTaggedRules
if (rbViewMode_AllRules.Checked)
rbViewMode_OnlyTaggedRules.Checked = true;
else
setRulesViewMode(); // trigger refresh
// now that all rules have been added make it visible again
lvChangedRules.Visible = true;
dgvRules.Visible = true;
});
});
}
/// <summary>
/// This will populate the parent finding with all traces from the provided ICirFunction
/// caution: use the createNewFindingOnExternalCall carefully since it can create a stupid amount of traces (and it is much slower)
/// </summary>
/// <param name="cirFunction"></param>
/// <param name="lineNumber"></param>
/// <param name="o2Traces"></param>
/// <param name="parentTraces"></param>
/// <param name="rootO2Finding"></param>
/// <param name="o2FindingsCreated"></param>
/// <param name="createNewFindingOnExternalCall"></param>
/// <param name="fileName"></param>
public static void createTracesAndFindingsFromCirFunction(ICirFunction cirFunction, string fileName, UInt32 lineNumber,List<IO2Trace> o2Traces, List<IO2Trace> parentTraces, IO2Finding rootO2Finding, List<IO2Finding> o2FindingsCreated, bool createNewFindingOnExternalCall)
{
int maxParentDepth = 10; //30; //10;
var maxNumberOfTraces = 20; //50; //300; //50
var filteredSignature = new FilteredSignature(cirFunction);
var functionSignature = filteredSignature.sSignature;
var o2Trace = new O2Trace(functionSignature, cirFunction.ClassNameFunctionNameAndParameters)
{
file = fileName,
lineNumber = lineNumber
};
// add file references
// handle the case where this is a recursive call or a call to a method already added in the current tree
var recursiveCall = false;
foreach(var o2ParentTrace in parentTraces)
if (o2ParentTrace.signature == functionSignature)
{
recursiveCall = true;
break;
}
parentTraces.Add(o2Trace);
// add this trace to the current trace tree (since we might need to create a copy of it below
o2Traces.Add(o2Trace);
if (recursiveCall)
{
var nodeText = String.Format("{0} : {1} : {2}", cirFunction, "....(Recursive Call so not expanding child traces", functionSignature);
o2Trace.childTraces.Add(new O2Trace(nodeText));
}
else
{
if (parentTraces.Count > maxParentDepth)
o2Trace.childTraces.Add(new O2Trace(" ... {Max trace depth reached} (" + maxParentDepth + ")"));
else
{
//
var numberOfTraces = OzasmtUtils.getAllTraces(rootO2Finding.o2Traces);
if (numberOfTraces.Count > maxNumberOfTraces)
{
o2Trace.childTraces.Add(new O2Trace("**** Max number of traces reached(" + maxNumberOfTraces + ") aborting trace execution"));
return;
}
if (cirFunction.FunctionsCalled.Count == 0) // means we don't have the code for this one, so
{
// let make it a lost sink
var originalTraceTypeValue = o2Trace.traceType; // we might need this below
o2Trace.traceType = TraceType.Lost_Sink;
if (createNewFindingOnExternalCall) // and if createNewFindingOnExternalCall add it as finding
{
// create a copy of the parent finding (which incudes the above trace
var newFinding = OzasmtCopy.createCopy(rootO2Finding);
// make the first call a source (so that we have a source-> pair
newFinding.o2Traces[0].traceType = TraceType.Source;
// add it
o2FindingsCreated.Add(newFinding);
// since the crawl will continue we must restore the originalTraceTypeValue
o2Trace.traceType = originalTraceTypeValue;
}
}
else
foreach (var functionCalled in cirFunction.FunctionsCalled)
createTracesAndFindingsFromCirFunction(functionCalled.cirFunction, functionCalled.fileName, (UInt32)functionCalled.lineNumber, o2Trace.childTraces, parentTraces, rootO2Finding, o2FindingsCreated, createNewFindingOnExternalCall);
}
}
// now remove the signature since we are only interrested in non repeats on the same parent
parentTraces.Remove(o2Trace);
}
public static TreeNode addCirClassToTreeNodeCollection(ICirClass cirClass, string treeNodeNamePrefix, TreeNodeCollection treeNodeCollection, bool addDummyChildNode)
{
if (cirClass == null)
return null;
//if (cirFunction.FunctionSignature != "")
//{
var filteredSignature = new FilteredSignature(cirClass.Signature);
var treeNodeName = String.Format(" => {0}", filteredSignature.sSignature);
var newTreeNode = O2Forms.newTreeNode(treeNodeCollection, treeNodeName, cirClass.Signature, 0,
cirClass);
if (addDummyChildNode)
newTreeNode.Nodes.Add(""); // Dummy node so that we have the plus sign
return newTreeNode;
//}
}
public static List<String> getListWithWordsFromSignature(string signature)
{
var filteredSignature = new FilteredSignature(signature);
List<string> wordsFromSignature = filteredSignature.lsFunctionClass_Parsed; // words in namespace & class
wordsFromSignature.Add(filteredSignature.sFunctionName); // also add the method name
return wordsFromSignature;
}
public static String filterSignature(String sStringToFilter, bool bShowParameters, bool bShowReturnClass,
bool bShowNamespace, int iNamespaceDepth)
{
if (PublicDI.dFilteredFuntionSignatures.ContainsKey(sStringToFilter))
return PublicDI.dFilteredFuntionSignatures[sStringToFilter].getFilteredSignature(
bShowParameters, bShowReturnClass, bShowNamespace, iNamespaceDepth);
var fsFilteredSignature = new FilteredSignature(sStringToFilter);
PublicDI.dFilteredFuntionSignatures.Add(sStringToFilter, fsFilteredSignature);
return fsFilteredSignature.getFilteredSignature(bShowParameters, bShowReturnClass, bShowNamespace,
iNamespaceDepth);
}
public void addBindableFieldsIntoTreeView_Recursive(TreeNodeCollection tncTreeNodes, String sClassToFind,
bool bHideGetAndSetStrings, ICirData fadCirData)
{
String sFixedClassToFind = sClassToFind[0].ToString().ToUpper() + sClassToFind.Substring(1);
foreach (ICirClass ccCirClass in fadCirData.dClasses_bySignature.Values)
{
if (ccCirClass.Name == sFixedClassToFind)
{
var tnClass = new TreeNode(ccCirClass.Signature);
foreach (ICirFunction cfCirFunction in ccCirClass.dFunctions.Values)
{
String sFunctionName = new FilteredSignature(cfCirFunction.FunctionSignature).sFunctionName;
switch (sFunctionName.Substring(0, 3))
{
case "get":
var tnSubObject = new TreeNode(sFunctionName);
String sFixedSubObjectName = sFunctionName.Replace("get", "");
if (bHideGetAndSetStrings)
tnSubObject.Text = sFixedSubObjectName;
// tnSubObject = tnClass;
addBindableFieldsIntoTreeView_Recursive(tnSubObject.Nodes, sFixedSubObjectName,
bHideGetAndSetStrings, fadCirData);
if (tnSubObject.Nodes.Count > 0)
tnClass.Nodes.Add(tnSubObject);
break;
case "set":
String sSetNodeText = new FilteredSignature(cfCirFunction.FunctionSignature).sFunctionName;
if (bHideGetAndSetStrings)
sSetNodeText = sSetNodeText.Replace("set", "");
tnClass.Nodes.Add(sSetNodeText);
break;
default:
break;
}
}
tncTreeNodes.Add(tnClass);
}
// String sClassName =
}
}
public void showSignatures(FilteredSignature filteredSignature)
{
}
public void showDataForSignature_thread(String sSignatureToShow)
{
if (cirDataAnalysis == null)
DI.log.error("in ascx_CirViewer_Signature.showDataForSignature , fcdAnalysis == null");
else
{
lbClassesBeingViewed.Text = sSignatureToShow;
if (false == cirDataAnalysis.dCirFunction_bySignature.ContainsKey(sSignatureToShow) ||
cirDataAnalysis.dCirFunction_bySignature.ContainsKey(sSignatureToShow) &&
cirDataAnalysis.dCirFunction_bySignature[sSignatureToShow].HasControlFlowGraph == false)
{
DI.log.debug("{0} is not recognized as a full signature, trying to resolve it by name",
sSignatureToShow);
foreach (CirFunction ccFunction in cirDataAnalysis.dCirFunction_bySignature.Values)
{
String sFunctionFullNameWithNoParamsAndReturnvalue =
new FilteredSignature(ccFunction.FunctionSignature).sFunctionFullName;
if (sFunctionFullNameWithNoParamsAndReturnvalue.IndexOf(sSignatureToShow) > -1)
{
DI.log.debug("Found a match:{0}", ccFunction.FunctionSignature);
sSignatureToShow = ccFunction.FunctionSignature;
break;
}
}
}
if (cirDataAnalysis.dCirFunction_bySignature.ContainsKey(sSignatureToShow))
{
ICirFunction ccCirFunction = cirDataAnalysis.dCirFunction_bySignature[sSignatureToShow];
afv_Calls.showSignatures(ViewHelpers.getCirFunctionStringList(ccCirFunction.FunctionsCalledUniqueList));
afv_IsCalledBy.showSignatures(ViewHelpers.getCirFunctionStringList(ccCirFunction.FunctionIsCalledBy));
lbBoxSsaVariables.Items.Clear();
lBoxVariables.Items.Clear();
foreach (SsaVariable cfSSaVariable in ccCirFunction.dSsaVariables.Values)
{
String sVariableMapping = String.Format("{0} = {1}", cfSSaVariable.sBaseName,
cfSSaVariable.sPrintableType);
lbBoxSsaVariables.Items.Add(sVariableMapping);
// DI.log.debug(sVariableMapping);
}
foreach (FunctionVariable fvVariable in ccCirFunction.dVariables.Values)
{
lBoxVariables.Items.Add(String.Format("[def:{0}] [ref:{1}] {2}", fvVariable.sSymbolDef,
fvVariable.refSymbol, fvVariable.sUniqueID));
}
ViewHelpers.showFunctionBlocksInWebBrower(((CirFunction)ccCirFunction).lcfgBasicBlocks,
wbControlFlowGraphsOFSelectedMethod);
asv_CalledFunctions.showDataForSignature(sSignatureToShow);
asv_IsCalledBy.showDataForSignature(sSignatureToShow);
}
else
{
var lsEmpty = new List<string>();
afv_Calls.showSignatures(lsEmpty);
afv_IsCalledBy.showSignatures(lsEmpty);
lbBoxSsaVariables.Items.Clear();
lBoxVariables.Items.Clear();
asv_CalledFunctions.showDataForSignature(sSignatureToShow);
asv_IsCalledBy.showDataForSignature(sSignatureToShow);
}
}
// lBoxVariables.Items.Add(fcdO2CirData_ofThisFunction.getSymbol(sVariable));
}
public ICirFunction getCirFunctionFromSelectedItem(object selectedItem)
{
if (selectedItem != null && selectedItem is FilteredSignature)
{
var filteredSignature = (FilteredSignature)selectedItem;
var functionSignature = filteredSignature.sOriginalSignature;
if (cirDataAnalysis.dCirFunction_bySignature.ContainsKey(functionSignature))
return cirDataAnalysis.dCirFunction_bySignature[functionSignature];
// if we could not find using the originalSignature, try the signature
foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values)
{
var s = new FilteredSignature(cirFunction).sSignature;
var d = filteredSignature.sSignature;
if (new FilteredSignature(cirFunction).sSignature == filteredSignature.sSignature)
{
return cirFunction;
}
if (cirFunction.FunctionName == filteredSignature.sFunctionName)
{
}
}
}
return null;
}
public void showSignatures(List<FilteredSignature> filteredSignatures)
{
var signaturesToShow = new List<String>();
// get them all in one collection
var filteredSignaturesAsStrings = new List<String>();
foreach (var filteredSignature in filteredSignatures)
filteredSignaturesAsStrings.Add(filteredSignature.sOriginalSignature);
// now search for them on all loaded CirFunctions
foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values)
{
var cirFunctionFilteredSignature = new FilteredSignature(cirFunction);
if (filteredSignaturesAsStrings.Contains(cirFunctionFilteredSignature.sOriginalSignature))
{
signaturesToShow.Add(cirFunction.FunctionSignature);
filteredSignaturesAsStrings.Remove(cirFunctionFilteredSignature.sOriginalSignature);
}
if (filteredSignaturesAsStrings.Contains(cirFunctionFilteredSignature.sSignature))
{
signaturesToShow.Add(cirFunction.FunctionSignature);
filteredSignaturesAsStrings.Remove(cirFunctionFilteredSignature.sSignature);
}
}
/* foreach (var filteredSignature in filteredSignatures)
{
if (cirDataAnalysis.dCirFunction_bySignature.ContainsKey(filteredSignature.sOriginalSignature))
signaturesToShow.Add(filteredSignature.sOriginalSignature);
else
DI.log.error("dropped signature is currently not loaded: {0}", filteredSignature);
}*/
if (filteredSignaturesAsStrings.Count > 0)
{
DI.log.error("There were {0} dropped signatures that could not be resolved", filteredSignaturesAsStrings.Count);
foreach (var signatureNotFound in filteredSignaturesAsStrings)
DI.log.error(" {0}", signatureNotFound);
}
if (signaturesToShow.Count == 0)
DI.log.error("None of the dropped signature was resolved, you need to load their CIR");
else
showSignatures(signaturesToShow);
}
public Reflection_MethodInfo(MethodInfo method)
{
Method = method;
filteredSignature = new FilteredSignature(method);
}
public void addToDataGridView_CommandMappingInTreeNode_Recursive(TreeNodeCollection tncNodes,
DataGridView dgvTargetDataGridView)
{
foreach (TreeNode tnTreeNode in tncNodes)
{
if (tnTreeNode.Text.IndexOf("setCommandName") > -1 && tnTreeNode.Nodes.Count > 0)
{
String sMethod = new FilteredSignature(tnTreeNode.Text).sFunctionNameAndParams;
String sClass = tnTreeNode.Parent.Parent.Text;
String sValue = tnTreeNode.Nodes[0].Text;
O2Forms.addToDataGridView_Row(dgvTargetDataGridView, null,
new[] {sClass, sMethod, sValue});
}
addToDataGridView_CommandMappingInTreeNode_Recursive(tnTreeNode.Nodes, dgvTargetDataGridView);
}
}
public static bool mapJavaAttributesToFinding(O2Finding o2Finding, string xmlAttributeFile)
{
var source = o2Finding.Source;
var filteredSignature = new FilteredSignature(source);
//DI.log.info(filteredSignature.sFunctionClass + " - " + filteredSignature.sFunctionName);
var xClassElement = getClassDataFromXmlAttributeFile(xmlAttributeFile, filteredSignature.sFunctionClass);
if (xClassElement != null)
{
SpringMVCAttributes.addClassAttributesToFinding(xClassElement, o2Finding);
var xMethodElement = getMethodDataFromXmlAttributeFile(xClassElement, filteredSignature.sFunctionName);
if (xMethodElement != null)
{
SpringMVCAttributes.addMethodAttributesToFinding(xMethodElement, o2Finding);
return true;
// DI.log.info("have xElement");
}
}
return false;
//DI.log.info("mapping finding {0} with xml file {1}", o2Finding.ToString(), xmlAttributeFile);
}
public void showSpringMvcClases(List<String> lsClasses, CirData fadCirData)
{
tvSpringMvcClasses.Nodes.Clear();
foreach (String sClass in lsClasses)
{
ICirClass ccCirClass = fadCirData.dClasses_bySignature[sClass];
var tnClass = new TreeNode(ccCirClass.Signature);
foreach (CirFunction cfCirFunction in ccCirClass.dFunctions.Values)
{
var fsSignature = new FilteredSignature(cfCirFunction.FunctionSignature);
var tnFunction = new TreeNode(fsSignature.sFunctionNameAndParams);
foreach (String sFunctionCalled in ViewHelpers.getCirFunctionStringList(cfCirFunction.FunctionsCalledUniqueList))
{
var tnFunctionCalled = new TreeNode(sFunctionCalled);
//if (sFunctionCalled.IndexOf("setCommandName") > -1)
String sCommandNameValue = getValueFromControlFlowGraphCall(cfCirFunction.lcfgBasicBlocks,
sFunctionCalled);
if (sCommandNameValue != "")
tnFunctionCalled.Nodes.Add(sCommandNameValue);
tnFunction.Nodes.Add(tnFunctionCalled);
}
tnClass.Nodes.Add(tnFunction);
}
tvSpringMvcClasses.Nodes.Add(tnClass);
}
}
private void showFunctionAttributes(ICirFunction _rootCirFunction)
{
showClassAttributes(_rootCirFunction.ParentClass);
tvFunctionAttributes.Nodes.Clear();
foreach (var attribute in _rootCirFunction.FunctionAttributes)
{
var signature = new FilteredSignature(attribute.AttributeClass).sSignature;
var treeNode = tvFunctionAttributes.Nodes.Add(signature);
foreach (var parameter in attribute.Parameters)
treeNode.Nodes.Add(parameter.Key);
}
}
private void filterByFilteredSignature(FilteredSignature filteredSignature)
{
setFilter1TextValue(filteredSignature.sSignature, true);
}
public void onAfterSelectTreeView(TreeNode selectedNode)
{
try
{
if (selectedNode != null)
{
// populate selectedFilteredSignature object
if (selectedNode.Tag != null && selectedNode.Tag.GetType().Name == "FilteredSignature")
selectedFilteredSignature = (FilteredSignature) selectedNode.Tag;
else
selectedFilteredSignature = null;
// get fucntion's signature
var signature = (selectedFilteredSignature!=null)
?
selectedFilteredSignature.sOriginalSignature
:
selectedNode.Name;
// raise callbacks
Callbacks.raiseRegistedCallbacks(eNodeEvent_AfterSelect, new object[] { signature });
Callbacks.raiseRegistedCallbacks(_onAfterSelect, new [] { selectedNode.Tag });
// need to manual handle this backcolor stuff because we lose it when multiple function's viewers are used at the same time
/* if (selectedNode != null)
{
selectedNode.BackColor = Color.White;
selectedNode.ForeColor = Color.Black;
}
//tnSelectedNode = tvTreeView.SelectedNode;
tvTreeView.SelectedNode.BackColor = Color.DarkBlue;
tnSelectedNode.ForeColor = Color.White;*/
/*if (onTreNodeAfterSelect != null)
foreach (Delegate dDelegate in onTreNodeAfterSelect.GetInvocationList())
{
if (selectedNode.Tag != null &&
selectedNode.Tag.GetType().Name == "FilteredSignature")
dDelegate.DynamicInvoke(new[]
{
((FilteredSignature) selectedNode.Tag).sOriginalSignature
});
else
dDelegate.DynamicInvoke(new[] { selectedNode.Text });
}*/
}
}
catch (Exception ex)
{
PublicDI.log.error("In tvTreeView_AfterSelect: {0}", ex.Message);
}
}
private static String MakeSignatureCompatibleWithOunceRules(string signatureToFix)
{
if (signatureToFix.IndexOf("..ctor") > -1)
{
var filteredSiganture = new FilteredSignature(signatureToFix);
if (filteredSiganture.lsFunctionClass_Parsed.Count > 1)
signatureToFix = signatureToFix.Replace(".ctor", filteredSiganture.lsFunctionClass_Parsed[filteredSiganture.lsFunctionClass_Parsed.Count - 2]).Replace(".(", "("); ;
}
signatureToFix = signatureToFix.Replace("..ctor", "");
return FilteredSignature.makeDotNetSignatureCompatibleWithOunceRules(signatureToFix);
}
public void TextArea_DragDrop(object sender, DragEventArgs e)
{
var fileOrFolder = Dnd.tryToGetFileOrDirectoryFromDroppedObject(e);
if (fileOrFolder.fileExists())
{
loadSourceCodeFile(fileOrFolder);
return;
}
var data = Dnd.tryToGetObjectFromDroppedObject(e);
if (data != null)
{
//var dsa = data.GetType().FullName;
var methods = data as List<MethodInfo>;
if (methods != null)
{
if (methods.Count > 0)
{
var filteredSignature = new FilteredSignature(methods[0]);
tecSourceCode.ActiveTextAreaControl.TextArea.InsertString(filteredSignature.sFunctionNameAndParams);
// var functionSignature = new FilteredSignature
}
}
else
tecSourceCode.ActiveTextAreaControl.TextArea.InsertString(data.ToString());
}
}
public static void mapJavaAttributesToTraces(IO2Assessment o2Assessment, Dictionary<string, string> attributesXmlFiles)
{
DI.log.debug("Mapping Java Attributes to Traces");
//var testFindings = from O2Finding finding in o2Assessment.o2Findings where finding.Source.Contains("BugController") select (IO2Finding)finding;
//var testFindings = o2Assessment.o2Findings;
DI.log.debug("There are {0} findings to process", o2Assessment.o2Findings.Count());
foreach (O2Finding finding in o2Assessment.o2Findings)
{
var filteredSignature = new FilteredSignature(finding.Source);
var className = filteredSignature.sFunctionClass;
var fileToFind = string.Format("{0}.class.JavaAttributes.xml", className.Replace(".", "\\"));
if (attributesXmlFiles.ContainsKey(fileToFind))
mapJavaAttributesToFinding(finding, attributesXmlFiles[fileToFind]);
//DI.log.info("Found: {0} - > {1}", fileToFind , attributesXmlFiles[fileToFind]);
//else
// DI.log.error("could NOT find Xml Attribute file for: {0}", fileToFind);
//DI.log.info(fileToFind);
}
//var findingsWithSpringMVCControllersAsSources = new List<IO2Finding>();
// save temp assessment file
// var o2FindingsOfTypeO2SpringMvcController = (from o2Finding in o2Assessment.o2Findings where o2Finding.vulnType == "O2.SpringMvc.Controller" select o2Finding).ToList();
// DI.log.debug("There are {0} o2FindingsOfTypeO2SpringMvcController");
/* ascx_FindingsViewer.openInFloatWindow(o2FindingsOfTypeO2SpringMvcController);
saveFindingsInNewO2AssessmentFile(o2FindingsOfTypeO2SpringMvcController, pathToOzasmtFile + "_SpringMvcController.ozasmt");
* */
}
public static FilteredSignature createFilteredSignatureFromJavaMethod(string className, string functionName, string methodDescriptor)
{
var newFilteredSignature = new FilteredSignature();
newFilteredSignature.sFunctionClass = className;
newFilteredSignature.sFunctionName = functionName;
// process descriptor
var lastParentesis = methodDescriptor.LastIndexOf(')');
if (lastParentesis > -1)
{
methodDescriptor = methodDescriptor.Replace('/', '.');
lastParentesis++;
newFilteredSignature.sParameters = methodDescriptor.Substring(0, lastParentesis);
newFilteredSignature.sReturnClass = methodDescriptor.Substring(lastParentesis);
// BUG: Major hack to fix the sParameters created by JavaMethod descriptors
if (newFilteredSignature.sReturnClass == "V")
{
newFilteredSignature.sReturnClass = "void";
}
newFilteredSignature.sParameters = newFilteredSignature.sParameters.Replace("(I)", "(int)").Replace("(IL", "(int;").Replace(";IL", ";int;");
newFilteredSignature.sParameters = newFilteredSignature.sParameters.Replace("(L", "(").Replace("(IL", "(").Replace(";L", ";").Replace(";)", ")");
if (newFilteredSignature.sParameters[0] == '(' && newFilteredSignature.sParameters[newFilteredSignature.sParameters.Length -1] == ')')
newFilteredSignature.sParameters = newFilteredSignature.sParameters.Substring(1, newFilteredSignature.sParameters.Length - 2);
// fix the sReturnClass
if (newFilteredSignature.sReturnClass[0] == 'L' && newFilteredSignature.sReturnClass[newFilteredSignature.sReturnClass.Length - 1] == ';')
newFilteredSignature.sReturnClass = newFilteredSignature.sReturnClass.Substring(1,newFilteredSignature.sReturnClass.Length - 2);
newFilteredSignature.sSignature = newFilteredSignature.getSignature();
}
return newFilteredSignature;
}
public static void remapIsCalledByXrefs(ICirDataAnalysis cirDataAnalysis)
{
try
{
remapSuperClassesXrefs(cirDataAnalysis);
var timer = new O2Timer("remapIsCalledByXrefs").start();
// first clear all Xref
foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values)
cirFunction.FunctionIsCalledBy = new List<ICirFunctionCall>();
// make sure all FunctionsCalledUniqueList and FunctionsCalled are syncronized with dCirFunction_bySignature
var functionsToMap = cirDataAnalysis.dCirFunction_bySignature.Values.ToList().Count;
var functionsProcessed = 0;
foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values.ToList())
{
for (int i = 0; i < cirFunction.FunctionsCalledUniqueList.Count; i++)
cirFunction.FunctionsCalledUniqueList[i] = syncFunctions(cirDataAnalysis, cirFunction.FunctionsCalledUniqueList[i]);
for (int i = 0; i < cirFunction.FunctionsCalled.Count; i++)
cirFunction.FunctionsCalled[i].cirFunction = syncFunctions(cirDataAnalysis, cirFunction.FunctionsCalled[i].cirFunction);
if ((functionsProcessed++) % 500 == 0)
DI.log.info(" processed {0} / {1}", functionsProcessed, functionsToMap);
}
// check the FunctionsCalledUniqueList is calledby mappngs
foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values)
foreach (var functionCalled in cirFunction.FunctionsCalled)
{
var functionCalledXref = getFunctionRef(cirDataAnalysis, functionCalled.cirFunction);
/*if (false == cirDataAnalysis.dCirFunction_bySignature.ContainsValue(functionCalled))
DI.log.error("in remapIsCalledByXrefs something is wrong because the called fucntions does not have a cirFunction mapping: {0}", functionCalled.FunctionSignature);
else
//{*/
bool found = false;
foreach (var functionCall in functionCalled.cirFunction.FunctionIsCalledBy)
if (functionCall.cirFunction == functionCalledXref)
found = true;
if (found == false)
functionCalled.cirFunction.FunctionIsCalledBy.Add(new CirFunctionCall(cirFunction, functionCalled.fileName, functionCalled.lineNumber));
//if (false == functionCalledXref.FunctionIsCalledBy.Contains(cirFunction))
// functionCalledXref.FunctionIsCalledBy.Add(cirFunction);
}
// make sure all functions are syncronized with dCirFunction_bySignature
foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values)
for (int i = 0; i < cirFunction.FunctionsCalledUniqueList.Count; i++)
cirFunction.FunctionsCalledUniqueList[i] = syncFunctions(cirDataAnalysis, cirFunction.FunctionsCalledUniqueList[i]);
// endure all iscalledby are correcly mapped
foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values)
for (int i = 0; i < cirFunction.FunctionIsCalledBy.Count; i++)
cirFunction.FunctionIsCalledBy[i].cirFunction = syncFunctions(cirDataAnalysis, cirFunction.FunctionIsCalledBy[i].cirFunction);
// make sure there is a reference to this function on the Classes Dictionanry
foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values)
foreach (var functionCalled in cirFunction.FunctionsCalled)
if (functionCalled.cirFunction.ParentClass == null)
{
var functionSignature = new FilteredSignature(functionCalled.cirFunction.FunctionSignature);
var parentClassName = functionSignature.sFunctionClass;
if (false == cirDataAnalysis.dCirClass_bySignature.ContainsKey(parentClassName))
cirDataAnalysis.dCirClass_bySignature.Add(parentClassName, new CirClass(parentClassName));
var parentCirClass = cirDataAnalysis.dCirClass_bySignature[parentClassName];
var functionAlreadyMappedToClass = false;
foreach (var cirFunctionMappedToClass in parentCirClass.dFunctions.Values)
if (cirFunctionMappedToClass.FunctionSignature == functionCalled.cirFunction.FunctionSignature)
functionAlreadyMappedToClass = true;
if (false == functionAlreadyMappedToClass)
parentCirClass.dFunctions.Add(functionCalled.cirFunction.FunctionSignature, functionCalled.cirFunction);
functionCalled.cirFunction.ParentClass = parentCirClass;
functionCalled.cirFunction.ParentClassName = parentCirClass.Name;
functionCalled.cirFunction.ParentClassFullName = parentCirClass.FullName;
}
timer.stop();
}
catch (Exception ex)
{
DI.log.error("in remapIsCalledByXrefs: {0}", ex.Message);
}
}
private void showClassAttributes(ICirClass cirClass)
{
if (cirClass != null)
{
tvClassAttributes.Nodes.Clear();
foreach (var attribute in cirClass.ClassAttributes)
{
var signature = new FilteredSignature(attribute.AttributeClass).sSignature;
var treeNode = tvClassAttributes.Nodes.Add(signature);
foreach (var parameter in attribute.Parameters)
treeNode.Nodes.Add(parameter.Key);
}
}
}
