public static List<IO2Finding> createO2FindingsFromCirFunction(ICirFunction cirFunction, bool createNewFindingOnExternalCall) { var o2FindingsCreated = new List<IO2Finding>(); var filteredSignature = new FilteredSignature(cirFunction); var functionSignature = filteredSignature.sSignature; var rootO2Finding = new O2Finding { method = cirFunction.ClassNameFunctionNameAndParameters, vulnName = functionSignature, vulnType = "O2.CirGeneratedTrace", severity = 2, confidence = 2, file= cirFunction.File }; if (cirFunction.File != null) { UInt32 lineNumber; if (UInt32.TryParse(cirFunction.FileLine, out lineNumber)) rootO2Finding.lineNumber = lineNumber; } createTracesAndFindingsFromCirFunction(cirFunction, rootO2Finding.file, rootO2Finding.lineNumber, rootO2Finding.o2Traces, new List<IO2Trace>(), rootO2Finding, o2FindingsCreated, createNewFindingOnExternalCall); // make the first trace a Source rootO2Finding.o2Traces[0].traceType = TraceType.Source; // and add it to the list of Findings Created o2FindingsCreated.Add(rootO2Finding); return o2FindingsCreated; }
public static void mapMethodsToFilteredSignatures(List<MethodInfo> methodsToMap, ref List<FilteredSignature> filteredSignatures, ref Dictionary<string, MethodInfo> methods_bySignature, bool hideCSharpGeneratedMethods) { filteredSignatures = new List<FilteredSignature>(); methods_bySignature = new Dictionary<string, MethodInfo>(); foreach (var method in methodsToMap) { try { var filteredSignature = new FilteredSignature(method); if (hideCSharpGeneratedMethods == false || (filteredSignature.sSignature.IndexOf("<>") == -1 && false == filteredSignature.sFunctionName.StartsWith("b__"))) { // create methodsLoaded_bySignature if (methods_bySignature.ContainsKey(filteredSignature.sSignature)) { if (method.type().Assembly.GetName().Name.contains("FluentSharp")) PublicDI.log.error("in mapMethodsToFilteredSignatures, repeated signature: {0}", filteredSignature.sSignature); } else { filteredSignatures.Add(filteredSignature); methods_bySignature.Add(filteredSignature.sSignature, method); } } else { //PublicDI.log.info("Skipping: {0}", method.Name); } } catch (Exception ex) { "[O2 Object Model] mapMethodsToFilteredSignatures: {0}".error(ex.Message); } } }
public static FilteredSignature createFilteredSignatureFromJavaMethod(string className, string functionName, string methodDescriptor) { var newFilteredSignature = new FilteredSignature(); newFilteredSignature.sFunctionClass = className; newFilteredSignature.sFunctionName = functionName; // process descriptor var lastParentesis = methodDescriptor.LastIndexOf(')'); if (lastParentesis > -1) { methodDescriptor = methodDescriptor.Replace('/', '.'); lastParentesis++; newFilteredSignature.sParameters = methodDescriptor.Substring(0, lastParentesis); newFilteredSignature.sReturnClass = methodDescriptor.Substring(lastParentesis); // BUG: Major hack to fix the sParameters created by JavaMethod descriptors if (newFilteredSignature.sReturnClass == "V") { newFilteredSignature.sReturnClass = "void"; } newFilteredSignature.sParameters = newFilteredSignature.sParameters.Replace("(I)", "(int)").Replace("(IL", "(int;").Replace(";IL", ";int;"); newFilteredSignature.sParameters = newFilteredSignature.sParameters.Replace("(L", "(").Replace("(IL", "(").Replace(";L", ";").Replace(";)", ")"); if (newFilteredSignature.sParameters[0] == '(' && newFilteredSignature.sParameters[newFilteredSignature.sParameters.Length - 1] == ')') { newFilteredSignature.sParameters = newFilteredSignature.sParameters.Substring(1, newFilteredSignature.sParameters.Length - 2); } // fix the sReturnClass if (newFilteredSignature.sReturnClass[0] == 'L' && newFilteredSignature.sReturnClass[newFilteredSignature.sReturnClass.Length - 1] == ';') { newFilteredSignature.sReturnClass = newFilteredSignature.sReturnClass.Substring(1, newFilteredSignature.sReturnClass.Length - 2); } newFilteredSignature.sSignature = newFilteredSignature.getSignature(); } return(newFilteredSignature); }
public static MethodDefinition getMethodDefinitionFromMethodInfo(MethodInfo methodInfo, Mono.Cecil.AssemblyDefinition assemblyDefinition) { foreach (var methodDefinition in CecilUtils.getMethods(assemblyDefinition)) { var functionSignature1 = new FilteredSignature(methodInfo); var functionSignature2 = new FilteredSignature(methodDefinition.ToString()); if (functionSignature1.sSignature == functionSignature2.sSignature) return methodDefinition; if (functionSignature1.sFunctionName == functionSignature2.sFunctionName) { } } PublicDI.log.error("in getMethodDefinitionFromMethodInfo, could not map MethodInfo: {0}", methodInfo.ToString()); return null; }
public static String filterSignature(String sStringToFilter, bool bShowParameters, bool bShowReturnClass, bool bShowNamespace, int iNamespaceDepth) { if (PublicDI.dFilteredFuntionSignatures.ContainsKey(sStringToFilter)) { return(PublicDI.dFilteredFuntionSignatures[sStringToFilter].getFilteredSignature( bShowParameters, bShowReturnClass, bShowNamespace, iNamespaceDepth)); } var fsFilteredSignature = new FilteredSignature(sStringToFilter); PublicDI.dFilteredFuntionSignatures.Add(sStringToFilter, fsFilteredSignature); return(fsFilteredSignature.getFilteredSignature(bShowParameters, bShowReturnClass, bShowNamespace, iNamespaceDepth)); }
public static TreeNode getTreeNodeWithAutoWiredObject(ICirData cirData, string targetFunction, SpringMvcParameter springMvcParameter, int parameterIndex) { try { if (cirData != null && cirData.dFunctions_bySignature.ContainsKey(targetFunction)) { var cirFunction = cirData.dFunctions_bySignature[targetFunction]; if (cirFunction.FunctionParameters.Count <= parameterIndex) { var filteredSignature = new FilteredSignature(targetFunction); if (filteredSignature.lsParameters_Parsed.Count > parameterIndex) springMvcParameter.className = filteredSignature.lsParameters_Parsed[parameterIndex]; else DI.log.error("in getTreeNodeWithAutoWiredObject, requested parameter index not found in function: {0}", targetFunction); } else { var functionParameter = cirFunction.FunctionParameters[parameterIndex]; springMvcParameter.className = functionParameter.ParameterType.Replace("&", ""); } if (springMvcParameter.className != "") { // Hack to handle int Java mappings if (springMvcParameter.className == "int") springMvcParameter.className = "java.lang.Integer"; if (cirData.dClasses_bySignature.ContainsKey(springMvcParameter.className)) { var childNodeText = string.Format("{0} - {1} - {2}", springMvcParameter.autoWiredMethodUsed, springMvcParameter.name, springMvcParameter.className); return O2Forms.newTreeNode(childNodeText, childNodeText, 0, cirData.dClasses_bySignature[springMvcParameter.className]); } DI.log.error("in getTreeNodeWithAutoWiredObject, parameter type not found in cirData class list:{0}", springMvcParameter.className); } } else DI.log.error("in getTreeNodeWithAutoWiredObject, loaded cirData did not contained signature :{0}", targetFunction); } catch (Exception ex) { DI.log.error("in getTreeNodeWithAutoWiredObject:", ex.Message); } return new TreeNode(); }
private static void fixFunctionsCalledXRefs(ICirData cirData) { if (cirData != null && cirData.dFunctions_bySignature != null) { var timer = new O2Timer("fixFunctionsCalledXRefs").start(); foreach (CirFunction cirFunction in cirData.dFunctions_bySignature.Values) { if (cirFunction.FunctionName == null) { var filteredSignature = new FilteredSignature(cirFunction.FunctionSignature); cirFunction.FunctionName = filteredSignature.sFunctionName; cirFunction.FunctionNameAndParameters = filteredSignature.sFunctionNameAndParams; cirFunction.ClassNameFunctionNameAndParameters = filteredSignature.sFunctionClass + "." + filteredSignature.sFunctionNameAndParams; } } timer.stop(); } }
public void showSelectedMethodDetails(FilteredSignature filteredSignature) { if (filteredSignature != null) { tbMethodDetails_Name.invokeOnThread( () => { tbMethodDetails_Name.Text = filteredSignature.sFunctionName; tbMethodDetails_OriginalSignature.Text = filteredSignature.sOriginalSignature; tbMethodDetails_Parameters.Text = filteredSignature.sParameters; tbMethodDetails_ReturnType.Text = filteredSignature.sReturnClass; tbMethodDetails_Signature.Text = filteredSignature.sSignature; tbMethodDetails_Type.Text = filteredSignature.sFunctionClass; }); } }
public CirFunction(string functionSignature) : this() { FunctionSignature = functionSignature; var filteredSignature = new FilteredSignature(FunctionSignature); FunctionName = filteredSignature.sFunctionName; FunctionNameAndParameters = filteredSignature.sFunctionNameAndParams; ClassNameFunctionNameAndParameters = filteredSignature.sFunctionClass + "." + filteredSignature.sFunctionNameAndParams; ReturnType = filteredSignature.sReturnClass; }
private void addCirFunctionsAsRules( List<ICirFunction> cirFunctionsToProcess, bool keepRulesLoadedFromDatabase, bool bAddExternalMethodsAsSourcesAndSinks,bool bAddInternalMethodsWithNoCallersAsCallbacks, bool bDontMarkAsCallbackOrSinksMethodsWithNoParameters, bool bdontAddIfRuleSignatureAlreadyExists, bool bDontAddIfThereAreNoCallersAndCallees, string newRulesVulnType) { // for performance reasons run this on a separade thread O2Thread.mtaThread( () => { // before adding more rules, clear the current list (the return null is to force the Sync version of invokeOnThread ) this.invokeOnThread(()=> { clearChangedRulesList(); return "done"; }); var newCallbackSignature = "O2.AutoMapping"; DI.log.info("adding {0} cirFunctions as rules", cirFunctionsToProcess.Count); // get rules that we will keep (if there are rules loaded from Db and keepRulesLoadedFromDatabase is set) var newO2Rules = (keepRulesLoadedFromDatabase) ? O2RulePackUtils.getRulesThatAreFromDB(currentO2RulePack) : new List<IO2Rule>(); //update index indexedCurrentO2Rules = IndexedO2Rules.indexAll(newO2Rules); if (keepRulesLoadedFromDatabase) foreach (var o2Rule in newO2Rules) o2Rule.Tagged = false; var currentDatabaseID = MiscUtils_OunceV6.getIdForSuportedLanguage(currentLanguage).ToString(); var listOfChangedRules = new List<IO2Rule>(); var functionsToProcess = cirFunctionsToProcess.Count; var functionsProcessed = 0; foreach (var cirFunction in cirFunctionsToProcess) { var functionSignature = new FilteredSignature(cirFunction).sSignature; // first check if there are any callers or callees on this function //bDontAddIfThereAreNoCallersAndCallees if (bDontAddIfThereAreNoCallersAndCallees && cirFunction.FunctionIsCalledBy.Count == 0 && cirFunction.FunctionsCalledUniqueList.Count == 0) { // don't add } else // then check if this already exists on the database if (bdontAddIfRuleSignatureAlreadyExists && indexedCurrentO2Rules.ContainsKey(functionSignature)) { foreach (var o2Rule in indexedCurrentO2Rules[functionSignature]) o2Rule.Tagged = true; } // if not, then we will need ot create a new rule for this function else { bool addAsNotMappedRule = false; //var functionSignature = new FilteredSignature(cirFunction).sSignature; // handle special cases //bAddInternalMethodsWithNoCallersAsCallbacks (or the function is explicitly marked with cirFunction.IsTainted if (cirFunction.IsTainted || (bAddInternalMethodsWithNoCallersAsCallbacks && cirFunction.HasControlFlowGraph && cirFunction.FunctionIsCalledBy.Count == 0)) { //bDontMarkAsCallbackMethodsWithNoParameters if (false == bDontMarkAsCallbackOrSinksMethodsWithNoParameters || cirFunction.FunctionSignature.IndexOf("()") == - 1) //cirFunction.FunctionParameters.Count > 0) // can't use this since it is not 100% reliable { var newCallback = new O2Rule(O2RuleType.Callback, newCallbackSignature + ".Callback", functionSignature, currentDatabaseID, true); listOfChangedRules.Add(newCallback); newO2Rules.Add(newCallback); } else addAsNotMappedRule = true; } //bAddExternalMethodsAsSourcesAndSinks - function calls nobody but it is called by others else if (bAddExternalMethodsAsSourcesAndSinks && cirFunction.FunctionsCalledUniqueList.Count == 0 && cirFunction.FunctionIsCalledBy.Count > 0) { // when importing CirData created by Core on Java, there is a bug that causes the ReturnType NOT to be populated // this is why we use the cirFunction.FunctionSignature.IndexOf(":void") > -1 below instead of the more correct if (string.IsNullOrEmpty(cirFunction.ReturnType)) //if (string.IsNullOrEmpty(cirFunction.ReturnType)) // DI.log.info("Method had empty cirFunction.ReturnType: {0}", cirFunction.FunctionSignature); // Only add source if the return parameter is not void if (!(cirFunction.FunctionSignature.IndexOf(":void") > -1 || cirFunction.ReturnType == "void" || cirFunction.ReturnType == "System.Void")) { var newSource = new O2Rule(O2RuleType.Source, newCallbackSignature + ".Source", functionSignature, currentDatabaseID, true); listOfChangedRules.Add(newSource); newO2Rules.Add(newSource); } else DI.log.info("Method Not marked as Source: {0}", cirFunction.FunctionSignature); // for sinks check for bDontMarkAsCallbackOrSinksMethodsWithNoParameters if (false == bDontMarkAsCallbackOrSinksMethodsWithNoParameters || cirFunction.FunctionSignature.IndexOf("()") == -1) //cirFunction.FunctionParameters.Count > 0) { var newSink = new O2Rule(O2RuleType.Sink, newCallbackSignature + ".Sink", functionSignature, currentDatabaseID, true); listOfChangedRules.Add(newSink); newO2Rules.Add(newSink); } //else // DI.log.info("Method Not marked as Sink: ", cirFunction.FunctionSignature); } else { addAsNotMappedRule = true; } if (addAsNotMappedRule) { // add as NotMapped var newO2Rule = new O2Rule(newRulesVulnType, functionSignature, currentDatabaseID) { Tagged = true }; newO2Rules.Add(newO2Rule); } } // Counter if ((functionsProcessed++)%200 == 0) DI.log.info("In addCirFunctionsAsRules: {0} / {1} cir Functions processed", functionsProcessed, functionsToProcess); } // make the current rule pack the one with the rules we have just loaded DI.log.info("{0} rules created", newO2Rules.Count); var newRulePack = new O2RulePack("Rule Pack", newO2Rules); setCurrentRulePack(newRulePack); // we need to back to the GUI thread for the updates this.invokeOnThread( () => { // hide this ListView for performance reasons lvChangedRules.Visible = false; dgvRules.Visible = false; // add rules addRulesToChangedRulesList_BatchMode(listOfChangedRules); // foreach (var changedO2Rule in listOfChangedRules) // addRuleToChangedRulesList(changedO2Rule, false /*checkIfRuleIsAlreadyInList*/); // if we are in view all mode changed it to OnlyTaggedRules if (rbViewMode_AllRules.Checked) rbViewMode_OnlyTaggedRules.Checked = true; else setRulesViewMode(); // trigger refresh // now that all rules have been added make it visible again lvChangedRules.Visible = true; dgvRules.Visible = true; }); }); }
/// <summary> /// This will populate the parent finding with all traces from the provided ICirFunction /// caution: use the createNewFindingOnExternalCall carefully since it can create a stupid amount of traces (and it is much slower) /// </summary> /// <param name="cirFunction"></param> /// <param name="lineNumber"></param> /// <param name="o2Traces"></param> /// <param name="parentTraces"></param> /// <param name="rootO2Finding"></param> /// <param name="o2FindingsCreated"></param> /// <param name="createNewFindingOnExternalCall"></param> /// <param name="fileName"></param> public static void createTracesAndFindingsFromCirFunction(ICirFunction cirFunction, string fileName, UInt32 lineNumber,List<IO2Trace> o2Traces, List<IO2Trace> parentTraces, IO2Finding rootO2Finding, List<IO2Finding> o2FindingsCreated, bool createNewFindingOnExternalCall) { int maxParentDepth = 10; //30; //10; var maxNumberOfTraces = 20; //50; //300; //50 var filteredSignature = new FilteredSignature(cirFunction); var functionSignature = filteredSignature.sSignature; var o2Trace = new O2Trace(functionSignature, cirFunction.ClassNameFunctionNameAndParameters) { file = fileName, lineNumber = lineNumber }; // add file references // handle the case where this is a recursive call or a call to a method already added in the current tree var recursiveCall = false; foreach(var o2ParentTrace in parentTraces) if (o2ParentTrace.signature == functionSignature) { recursiveCall = true; break; } parentTraces.Add(o2Trace); // add this trace to the current trace tree (since we might need to create a copy of it below o2Traces.Add(o2Trace); if (recursiveCall) { var nodeText = String.Format("{0} : {1} : {2}", cirFunction, "....(Recursive Call so not expanding child traces", functionSignature); o2Trace.childTraces.Add(new O2Trace(nodeText)); } else { if (parentTraces.Count > maxParentDepth) o2Trace.childTraces.Add(new O2Trace(" ... {Max trace depth reached} (" + maxParentDepth + ")")); else { // var numberOfTraces = OzasmtUtils.getAllTraces(rootO2Finding.o2Traces); if (numberOfTraces.Count > maxNumberOfTraces) { o2Trace.childTraces.Add(new O2Trace("**** Max number of traces reached(" + maxNumberOfTraces + ") aborting trace execution")); return; } if (cirFunction.FunctionsCalled.Count == 0) // means we don't have the code for this one, so { // let make it a lost sink var originalTraceTypeValue = o2Trace.traceType; // we might need this below o2Trace.traceType = TraceType.Lost_Sink; if (createNewFindingOnExternalCall) // and if createNewFindingOnExternalCall add it as finding { // create a copy of the parent finding (which incudes the above trace var newFinding = OzasmtCopy.createCopy(rootO2Finding); // make the first call a source (so that we have a source-> pair newFinding.o2Traces[0].traceType = TraceType.Source; // add it o2FindingsCreated.Add(newFinding); // since the crawl will continue we must restore the originalTraceTypeValue o2Trace.traceType = originalTraceTypeValue; } } else foreach (var functionCalled in cirFunction.FunctionsCalled) createTracesAndFindingsFromCirFunction(functionCalled.cirFunction, functionCalled.fileName, (UInt32)functionCalled.lineNumber, o2Trace.childTraces, parentTraces, rootO2Finding, o2FindingsCreated, createNewFindingOnExternalCall); } } // now remove the signature since we are only interrested in non repeats on the same parent parentTraces.Remove(o2Trace); }
public static TreeNode addCirClassToTreeNodeCollection(ICirClass cirClass, string treeNodeNamePrefix, TreeNodeCollection treeNodeCollection, bool addDummyChildNode) { if (cirClass == null) return null; //if (cirFunction.FunctionSignature != "") //{ var filteredSignature = new FilteredSignature(cirClass.Signature); var treeNodeName = String.Format(" => {0}", filteredSignature.sSignature); var newTreeNode = O2Forms.newTreeNode(treeNodeCollection, treeNodeName, cirClass.Signature, 0, cirClass); if (addDummyChildNode) newTreeNode.Nodes.Add(""); // Dummy node so that we have the plus sign return newTreeNode; //} }
public static List<String> getListWithWordsFromSignature(string signature) { var filteredSignature = new FilteredSignature(signature); List<string> wordsFromSignature = filteredSignature.lsFunctionClass_Parsed; // words in namespace & class wordsFromSignature.Add(filteredSignature.sFunctionName); // also add the method name return wordsFromSignature; }
public static String filterSignature(String sStringToFilter, bool bShowParameters, bool bShowReturnClass, bool bShowNamespace, int iNamespaceDepth) { if (PublicDI.dFilteredFuntionSignatures.ContainsKey(sStringToFilter)) return PublicDI.dFilteredFuntionSignatures[sStringToFilter].getFilteredSignature( bShowParameters, bShowReturnClass, bShowNamespace, iNamespaceDepth); var fsFilteredSignature = new FilteredSignature(sStringToFilter); PublicDI.dFilteredFuntionSignatures.Add(sStringToFilter, fsFilteredSignature); return fsFilteredSignature.getFilteredSignature(bShowParameters, bShowReturnClass, bShowNamespace, iNamespaceDepth); }
public void addBindableFieldsIntoTreeView_Recursive(TreeNodeCollection tncTreeNodes, String sClassToFind, bool bHideGetAndSetStrings, ICirData fadCirData) { String sFixedClassToFind = sClassToFind[0].ToString().ToUpper() + sClassToFind.Substring(1); foreach (ICirClass ccCirClass in fadCirData.dClasses_bySignature.Values) { if (ccCirClass.Name == sFixedClassToFind) { var tnClass = new TreeNode(ccCirClass.Signature); foreach (ICirFunction cfCirFunction in ccCirClass.dFunctions.Values) { String sFunctionName = new FilteredSignature(cfCirFunction.FunctionSignature).sFunctionName; switch (sFunctionName.Substring(0, 3)) { case "get": var tnSubObject = new TreeNode(sFunctionName); String sFixedSubObjectName = sFunctionName.Replace("get", ""); if (bHideGetAndSetStrings) tnSubObject.Text = sFixedSubObjectName; // tnSubObject = tnClass; addBindableFieldsIntoTreeView_Recursive(tnSubObject.Nodes, sFixedSubObjectName, bHideGetAndSetStrings, fadCirData); if (tnSubObject.Nodes.Count > 0) tnClass.Nodes.Add(tnSubObject); break; case "set": String sSetNodeText = new FilteredSignature(cfCirFunction.FunctionSignature).sFunctionName; if (bHideGetAndSetStrings) sSetNodeText = sSetNodeText.Replace("set", ""); tnClass.Nodes.Add(sSetNodeText); break; default: break; } } tncTreeNodes.Add(tnClass); } // String sClassName = } }
public void showSignatures(FilteredSignature filteredSignature) { }
public void showDataForSignature_thread(String sSignatureToShow) { if (cirDataAnalysis == null) DI.log.error("in ascx_CirViewer_Signature.showDataForSignature , fcdAnalysis == null"); else { lbClassesBeingViewed.Text = sSignatureToShow; if (false == cirDataAnalysis.dCirFunction_bySignature.ContainsKey(sSignatureToShow) || cirDataAnalysis.dCirFunction_bySignature.ContainsKey(sSignatureToShow) && cirDataAnalysis.dCirFunction_bySignature[sSignatureToShow].HasControlFlowGraph == false) { DI.log.debug("{0} is not recognized as a full signature, trying to resolve it by name", sSignatureToShow); foreach (CirFunction ccFunction in cirDataAnalysis.dCirFunction_bySignature.Values) { String sFunctionFullNameWithNoParamsAndReturnvalue = new FilteredSignature(ccFunction.FunctionSignature).sFunctionFullName; if (sFunctionFullNameWithNoParamsAndReturnvalue.IndexOf(sSignatureToShow) > -1) { DI.log.debug("Found a match:{0}", ccFunction.FunctionSignature); sSignatureToShow = ccFunction.FunctionSignature; break; } } } if (cirDataAnalysis.dCirFunction_bySignature.ContainsKey(sSignatureToShow)) { ICirFunction ccCirFunction = cirDataAnalysis.dCirFunction_bySignature[sSignatureToShow]; afv_Calls.showSignatures(ViewHelpers.getCirFunctionStringList(ccCirFunction.FunctionsCalledUniqueList)); afv_IsCalledBy.showSignatures(ViewHelpers.getCirFunctionStringList(ccCirFunction.FunctionIsCalledBy)); lbBoxSsaVariables.Items.Clear(); lBoxVariables.Items.Clear(); foreach (SsaVariable cfSSaVariable in ccCirFunction.dSsaVariables.Values) { String sVariableMapping = String.Format("{0} = {1}", cfSSaVariable.sBaseName, cfSSaVariable.sPrintableType); lbBoxSsaVariables.Items.Add(sVariableMapping); // DI.log.debug(sVariableMapping); } foreach (FunctionVariable fvVariable in ccCirFunction.dVariables.Values) { lBoxVariables.Items.Add(String.Format("[def:{0}] [ref:{1}] {2}", fvVariable.sSymbolDef, fvVariable.refSymbol, fvVariable.sUniqueID)); } ViewHelpers.showFunctionBlocksInWebBrower(((CirFunction)ccCirFunction).lcfgBasicBlocks, wbControlFlowGraphsOFSelectedMethod); asv_CalledFunctions.showDataForSignature(sSignatureToShow); asv_IsCalledBy.showDataForSignature(sSignatureToShow); } else { var lsEmpty = new List<string>(); afv_Calls.showSignatures(lsEmpty); afv_IsCalledBy.showSignatures(lsEmpty); lbBoxSsaVariables.Items.Clear(); lBoxVariables.Items.Clear(); asv_CalledFunctions.showDataForSignature(sSignatureToShow); asv_IsCalledBy.showDataForSignature(sSignatureToShow); } } // lBoxVariables.Items.Add(fcdO2CirData_ofThisFunction.getSymbol(sVariable)); }
public ICirFunction getCirFunctionFromSelectedItem(object selectedItem) { if (selectedItem != null && selectedItem is FilteredSignature) { var filteredSignature = (FilteredSignature)selectedItem; var functionSignature = filteredSignature.sOriginalSignature; if (cirDataAnalysis.dCirFunction_bySignature.ContainsKey(functionSignature)) return cirDataAnalysis.dCirFunction_bySignature[functionSignature]; // if we could not find using the originalSignature, try the signature foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values) { var s = new FilteredSignature(cirFunction).sSignature; var d = filteredSignature.sSignature; if (new FilteredSignature(cirFunction).sSignature == filteredSignature.sSignature) { return cirFunction; } if (cirFunction.FunctionName == filteredSignature.sFunctionName) { } } } return null; }
public void showSignatures(List<FilteredSignature> filteredSignatures) { var signaturesToShow = new List<String>(); // get them all in one collection var filteredSignaturesAsStrings = new List<String>(); foreach (var filteredSignature in filteredSignatures) filteredSignaturesAsStrings.Add(filteredSignature.sOriginalSignature); // now search for them on all loaded CirFunctions foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values) { var cirFunctionFilteredSignature = new FilteredSignature(cirFunction); if (filteredSignaturesAsStrings.Contains(cirFunctionFilteredSignature.sOriginalSignature)) { signaturesToShow.Add(cirFunction.FunctionSignature); filteredSignaturesAsStrings.Remove(cirFunctionFilteredSignature.sOriginalSignature); } if (filteredSignaturesAsStrings.Contains(cirFunctionFilteredSignature.sSignature)) { signaturesToShow.Add(cirFunction.FunctionSignature); filteredSignaturesAsStrings.Remove(cirFunctionFilteredSignature.sSignature); } } /* foreach (var filteredSignature in filteredSignatures) { if (cirDataAnalysis.dCirFunction_bySignature.ContainsKey(filteredSignature.sOriginalSignature)) signaturesToShow.Add(filteredSignature.sOriginalSignature); else DI.log.error("dropped signature is currently not loaded: {0}", filteredSignature); }*/ if (filteredSignaturesAsStrings.Count > 0) { DI.log.error("There were {0} dropped signatures that could not be resolved", filteredSignaturesAsStrings.Count); foreach (var signatureNotFound in filteredSignaturesAsStrings) DI.log.error(" {0}", signatureNotFound); } if (signaturesToShow.Count == 0) DI.log.error("None of the dropped signature was resolved, you need to load their CIR"); else showSignatures(signaturesToShow); }
public Reflection_MethodInfo(MethodInfo method) { Method = method; filteredSignature = new FilteredSignature(method); }
public void addToDataGridView_CommandMappingInTreeNode_Recursive(TreeNodeCollection tncNodes, DataGridView dgvTargetDataGridView) { foreach (TreeNode tnTreeNode in tncNodes) { if (tnTreeNode.Text.IndexOf("setCommandName") > -1 && tnTreeNode.Nodes.Count > 0) { String sMethod = new FilteredSignature(tnTreeNode.Text).sFunctionNameAndParams; String sClass = tnTreeNode.Parent.Parent.Text; String sValue = tnTreeNode.Nodes[0].Text; O2Forms.addToDataGridView_Row(dgvTargetDataGridView, null, new[] {sClass, sMethod, sValue}); } addToDataGridView_CommandMappingInTreeNode_Recursive(tnTreeNode.Nodes, dgvTargetDataGridView); } }
public static bool mapJavaAttributesToFinding(O2Finding o2Finding, string xmlAttributeFile) { var source = o2Finding.Source; var filteredSignature = new FilteredSignature(source); //DI.log.info(filteredSignature.sFunctionClass + " - " + filteredSignature.sFunctionName); var xClassElement = getClassDataFromXmlAttributeFile(xmlAttributeFile, filteredSignature.sFunctionClass); if (xClassElement != null) { SpringMVCAttributes.addClassAttributesToFinding(xClassElement, o2Finding); var xMethodElement = getMethodDataFromXmlAttributeFile(xClassElement, filteredSignature.sFunctionName); if (xMethodElement != null) { SpringMVCAttributes.addMethodAttributesToFinding(xMethodElement, o2Finding); return true; // DI.log.info("have xElement"); } } return false; //DI.log.info("mapping finding {0} with xml file {1}", o2Finding.ToString(), xmlAttributeFile); }
public void showSpringMvcClases(List<String> lsClasses, CirData fadCirData) { tvSpringMvcClasses.Nodes.Clear(); foreach (String sClass in lsClasses) { ICirClass ccCirClass = fadCirData.dClasses_bySignature[sClass]; var tnClass = new TreeNode(ccCirClass.Signature); foreach (CirFunction cfCirFunction in ccCirClass.dFunctions.Values) { var fsSignature = new FilteredSignature(cfCirFunction.FunctionSignature); var tnFunction = new TreeNode(fsSignature.sFunctionNameAndParams); foreach (String sFunctionCalled in ViewHelpers.getCirFunctionStringList(cfCirFunction.FunctionsCalledUniqueList)) { var tnFunctionCalled = new TreeNode(sFunctionCalled); //if (sFunctionCalled.IndexOf("setCommandName") > -1) String sCommandNameValue = getValueFromControlFlowGraphCall(cfCirFunction.lcfgBasicBlocks, sFunctionCalled); if (sCommandNameValue != "") tnFunctionCalled.Nodes.Add(sCommandNameValue); tnFunction.Nodes.Add(tnFunctionCalled); } tnClass.Nodes.Add(tnFunction); } tvSpringMvcClasses.Nodes.Add(tnClass); } }
private void showFunctionAttributes(ICirFunction _rootCirFunction) { showClassAttributes(_rootCirFunction.ParentClass); tvFunctionAttributes.Nodes.Clear(); foreach (var attribute in _rootCirFunction.FunctionAttributes) { var signature = new FilteredSignature(attribute.AttributeClass).sSignature; var treeNode = tvFunctionAttributes.Nodes.Add(signature); foreach (var parameter in attribute.Parameters) treeNode.Nodes.Add(parameter.Key); } }
private void filterByFilteredSignature(FilteredSignature filteredSignature) { setFilter1TextValue(filteredSignature.sSignature, true); }
public void onAfterSelectTreeView(TreeNode selectedNode) { try { if (selectedNode != null) { // populate selectedFilteredSignature object if (selectedNode.Tag != null && selectedNode.Tag.GetType().Name == "FilteredSignature") selectedFilteredSignature = (FilteredSignature) selectedNode.Tag; else selectedFilteredSignature = null; // get fucntion's signature var signature = (selectedFilteredSignature!=null) ? selectedFilteredSignature.sOriginalSignature : selectedNode.Name; // raise callbacks Callbacks.raiseRegistedCallbacks(eNodeEvent_AfterSelect, new object[] { signature }); Callbacks.raiseRegistedCallbacks(_onAfterSelect, new [] { selectedNode.Tag }); // need to manual handle this backcolor stuff because we lose it when multiple function's viewers are used at the same time /* if (selectedNode != null) { selectedNode.BackColor = Color.White; selectedNode.ForeColor = Color.Black; } //tnSelectedNode = tvTreeView.SelectedNode; tvTreeView.SelectedNode.BackColor = Color.DarkBlue; tnSelectedNode.ForeColor = Color.White;*/ /*if (onTreNodeAfterSelect != null) foreach (Delegate dDelegate in onTreNodeAfterSelect.GetInvocationList()) { if (selectedNode.Tag != null && selectedNode.Tag.GetType().Name == "FilteredSignature") dDelegate.DynamicInvoke(new[] { ((FilteredSignature) selectedNode.Tag).sOriginalSignature }); else dDelegate.DynamicInvoke(new[] { selectedNode.Text }); }*/ } } catch (Exception ex) { PublicDI.log.error("In tvTreeView_AfterSelect: {0}", ex.Message); } }
private static String MakeSignatureCompatibleWithOunceRules(string signatureToFix) { if (signatureToFix.IndexOf("..ctor") > -1) { var filteredSiganture = new FilteredSignature(signatureToFix); if (filteredSiganture.lsFunctionClass_Parsed.Count > 1) signatureToFix = signatureToFix.Replace(".ctor", filteredSiganture.lsFunctionClass_Parsed[filteredSiganture.lsFunctionClass_Parsed.Count - 2]).Replace(".(", "("); ; } signatureToFix = signatureToFix.Replace("..ctor", ""); return FilteredSignature.makeDotNetSignatureCompatibleWithOunceRules(signatureToFix); }
public void TextArea_DragDrop(object sender, DragEventArgs e) { var fileOrFolder = Dnd.tryToGetFileOrDirectoryFromDroppedObject(e); if (fileOrFolder.fileExists()) { loadSourceCodeFile(fileOrFolder); return; } var data = Dnd.tryToGetObjectFromDroppedObject(e); if (data != null) { //var dsa = data.GetType().FullName; var methods = data as List<MethodInfo>; if (methods != null) { if (methods.Count > 0) { var filteredSignature = new FilteredSignature(methods[0]); tecSourceCode.ActiveTextAreaControl.TextArea.InsertString(filteredSignature.sFunctionNameAndParams); // var functionSignature = new FilteredSignature } } else tecSourceCode.ActiveTextAreaControl.TextArea.InsertString(data.ToString()); } }
public static void mapJavaAttributesToTraces(IO2Assessment o2Assessment, Dictionary<string, string> attributesXmlFiles) { DI.log.debug("Mapping Java Attributes to Traces"); //var testFindings = from O2Finding finding in o2Assessment.o2Findings where finding.Source.Contains("BugController") select (IO2Finding)finding; //var testFindings = o2Assessment.o2Findings; DI.log.debug("There are {0} findings to process", o2Assessment.o2Findings.Count()); foreach (O2Finding finding in o2Assessment.o2Findings) { var filteredSignature = new FilteredSignature(finding.Source); var className = filteredSignature.sFunctionClass; var fileToFind = string.Format("{0}.class.JavaAttributes.xml", className.Replace(".", "\\")); if (attributesXmlFiles.ContainsKey(fileToFind)) mapJavaAttributesToFinding(finding, attributesXmlFiles[fileToFind]); //DI.log.info("Found: {0} - > {1}", fileToFind , attributesXmlFiles[fileToFind]); //else // DI.log.error("could NOT find Xml Attribute file for: {0}", fileToFind); //DI.log.info(fileToFind); } //var findingsWithSpringMVCControllersAsSources = new List<IO2Finding>(); // save temp assessment file // var o2FindingsOfTypeO2SpringMvcController = (from o2Finding in o2Assessment.o2Findings where o2Finding.vulnType == "O2.SpringMvc.Controller" select o2Finding).ToList(); // DI.log.debug("There are {0} o2FindingsOfTypeO2SpringMvcController"); /* ascx_FindingsViewer.openInFloatWindow(o2FindingsOfTypeO2SpringMvcController); saveFindingsInNewO2AssessmentFile(o2FindingsOfTypeO2SpringMvcController, pathToOzasmtFile + "_SpringMvcController.ozasmt"); * */ }
public static FilteredSignature createFilteredSignatureFromJavaMethod(string className, string functionName, string methodDescriptor) { var newFilteredSignature = new FilteredSignature(); newFilteredSignature.sFunctionClass = className; newFilteredSignature.sFunctionName = functionName; // process descriptor var lastParentesis = methodDescriptor.LastIndexOf(')'); if (lastParentesis > -1) { methodDescriptor = methodDescriptor.Replace('/', '.'); lastParentesis++; newFilteredSignature.sParameters = methodDescriptor.Substring(0, lastParentesis); newFilteredSignature.sReturnClass = methodDescriptor.Substring(lastParentesis); // BUG: Major hack to fix the sParameters created by JavaMethod descriptors if (newFilteredSignature.sReturnClass == "V") { newFilteredSignature.sReturnClass = "void"; } newFilteredSignature.sParameters = newFilteredSignature.sParameters.Replace("(I)", "(int)").Replace("(IL", "(int;").Replace(";IL", ";int;"); newFilteredSignature.sParameters = newFilteredSignature.sParameters.Replace("(L", "(").Replace("(IL", "(").Replace(";L", ";").Replace(";)", ")"); if (newFilteredSignature.sParameters[0] == '(' && newFilteredSignature.sParameters[newFilteredSignature.sParameters.Length -1] == ')') newFilteredSignature.sParameters = newFilteredSignature.sParameters.Substring(1, newFilteredSignature.sParameters.Length - 2); // fix the sReturnClass if (newFilteredSignature.sReturnClass[0] == 'L' && newFilteredSignature.sReturnClass[newFilteredSignature.sReturnClass.Length - 1] == ';') newFilteredSignature.sReturnClass = newFilteredSignature.sReturnClass.Substring(1,newFilteredSignature.sReturnClass.Length - 2); newFilteredSignature.sSignature = newFilteredSignature.getSignature(); } return newFilteredSignature; }
public static void remapIsCalledByXrefs(ICirDataAnalysis cirDataAnalysis) { try { remapSuperClassesXrefs(cirDataAnalysis); var timer = new O2Timer("remapIsCalledByXrefs").start(); // first clear all Xref foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values) cirFunction.FunctionIsCalledBy = new List<ICirFunctionCall>(); // make sure all FunctionsCalledUniqueList and FunctionsCalled are syncronized with dCirFunction_bySignature var functionsToMap = cirDataAnalysis.dCirFunction_bySignature.Values.ToList().Count; var functionsProcessed = 0; foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values.ToList()) { for (int i = 0; i < cirFunction.FunctionsCalledUniqueList.Count; i++) cirFunction.FunctionsCalledUniqueList[i] = syncFunctions(cirDataAnalysis, cirFunction.FunctionsCalledUniqueList[i]); for (int i = 0; i < cirFunction.FunctionsCalled.Count; i++) cirFunction.FunctionsCalled[i].cirFunction = syncFunctions(cirDataAnalysis, cirFunction.FunctionsCalled[i].cirFunction); if ((functionsProcessed++) % 500 == 0) DI.log.info(" processed {0} / {1}", functionsProcessed, functionsToMap); } // check the FunctionsCalledUniqueList is calledby mappngs foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values) foreach (var functionCalled in cirFunction.FunctionsCalled) { var functionCalledXref = getFunctionRef(cirDataAnalysis, functionCalled.cirFunction); /*if (false == cirDataAnalysis.dCirFunction_bySignature.ContainsValue(functionCalled)) DI.log.error("in remapIsCalledByXrefs something is wrong because the called fucntions does not have a cirFunction mapping: {0}", functionCalled.FunctionSignature); else //{*/ bool found = false; foreach (var functionCall in functionCalled.cirFunction.FunctionIsCalledBy) if (functionCall.cirFunction == functionCalledXref) found = true; if (found == false) functionCalled.cirFunction.FunctionIsCalledBy.Add(new CirFunctionCall(cirFunction, functionCalled.fileName, functionCalled.lineNumber)); //if (false == functionCalledXref.FunctionIsCalledBy.Contains(cirFunction)) // functionCalledXref.FunctionIsCalledBy.Add(cirFunction); } // make sure all functions are syncronized with dCirFunction_bySignature foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values) for (int i = 0; i < cirFunction.FunctionsCalledUniqueList.Count; i++) cirFunction.FunctionsCalledUniqueList[i] = syncFunctions(cirDataAnalysis, cirFunction.FunctionsCalledUniqueList[i]); // endure all iscalledby are correcly mapped foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values) for (int i = 0; i < cirFunction.FunctionIsCalledBy.Count; i++) cirFunction.FunctionIsCalledBy[i].cirFunction = syncFunctions(cirDataAnalysis, cirFunction.FunctionIsCalledBy[i].cirFunction); // make sure there is a reference to this function on the Classes Dictionanry foreach (var cirFunction in cirDataAnalysis.dCirFunction_bySignature.Values) foreach (var functionCalled in cirFunction.FunctionsCalled) if (functionCalled.cirFunction.ParentClass == null) { var functionSignature = new FilteredSignature(functionCalled.cirFunction.FunctionSignature); var parentClassName = functionSignature.sFunctionClass; if (false == cirDataAnalysis.dCirClass_bySignature.ContainsKey(parentClassName)) cirDataAnalysis.dCirClass_bySignature.Add(parentClassName, new CirClass(parentClassName)); var parentCirClass = cirDataAnalysis.dCirClass_bySignature[parentClassName]; var functionAlreadyMappedToClass = false; foreach (var cirFunctionMappedToClass in parentCirClass.dFunctions.Values) if (cirFunctionMappedToClass.FunctionSignature == functionCalled.cirFunction.FunctionSignature) functionAlreadyMappedToClass = true; if (false == functionAlreadyMappedToClass) parentCirClass.dFunctions.Add(functionCalled.cirFunction.FunctionSignature, functionCalled.cirFunction); functionCalled.cirFunction.ParentClass = parentCirClass; functionCalled.cirFunction.ParentClassName = parentCirClass.Name; functionCalled.cirFunction.ParentClassFullName = parentCirClass.FullName; } timer.stop(); } catch (Exception ex) { DI.log.error("in remapIsCalledByXrefs: {0}", ex.Message); } }
private void showClassAttributes(ICirClass cirClass) { if (cirClass != null) { tvClassAttributes.Nodes.Clear(); foreach (var attribute in cirClass.ClassAttributes) { var signature = new FilteredSignature(attribute.AttributeClass).sSignature; var treeNode = tvClassAttributes.Nodes.Add(signature); foreach (var parameter in attribute.Parameters) treeNode.Nodes.Add(parameter.Key); } } }