private static string fromAssessmentRunFileCreateNewFileWithUniqueTraces(string sPathToNewAssessmentFile, bool bDropDuplicateSmartTraces, bool bIgnoreRootCallInvocation)
        {
            string sTargetFilename;

            DI.log.debug("Create file with unique traces");
            //
            O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6NewFile = null;

            Analysis.loadAssessmentFile(sPathToNewAssessmentFile, false, ref oadO2AssessmentDataOunceV6NewFile);


            Analysis.FindingNameFormat ffnFindingNameFormat = Analysis.FindingNameFormat.FindingType;
            bool bChangeFindingData = false;

            var ffsmFilter = new AnalysisFilters.filter_FindSmartTraces(bDropDuplicateSmartTraces,
                                                                        bIgnoreRootCallInvocation,
                                                                        ffnFindingNameFormat, bChangeFindingData);
            AssessmentRun arFilteredAssessmentRun =
                Analysis.createFilteredAssessmentRunObjectBasedOnCriteria(ffsmFilter, oadO2AssessmentDataOunceV6NewFile);

            DI.log.debug("Completed process of filtering to remove duplicate findings");
            sTargetFilename = sPathToNewAssessmentFile + "_UniqueTraces.ozasmt";
            Analysis.saveFilteredAssessmentRun(arFilteredAssessmentRun, sTargetFilename,
                                               oadO2AssessmentDataOunceV6NewFile);
            return(sTargetFilename);
        }
Exemplo n.º 2
0
 public filter_FindSmartTraces(bool bDropDuplicateSmartTraces, bool bIgnoreRootCallInvocation,
                               Analysis.FindingNameFormat ffnFindingNameFormat, bool bChangeFindingData)
 {
     this.bDropDuplicateSmartTraces = bDropDuplicateSmartTraces;
     this.bIgnoreRootCallInvocation = bIgnoreRootCallInvocation;
     this.ffnFindingNameFormat      = ffnFindingNameFormat;
     this.bChangeFindingData        = bChangeFindingData;
 }
Exemplo n.º 3
0
 public filter_FindSmartTrace_byID(UInt32 uSmartTraceCallID, TraceType tTraceType,
                                   bool bDropDuplicateSmartTraces, bool bIgnoreRootCallInvocation,
                                   Analysis.FindingNameFormat ffnFindingNameFormat, bool bChangeFindingData)
 {
     this.uSmartTraceCallID         = uSmartTraceCallID;
     this.bDropDuplicateSmartTraces = bDropDuplicateSmartTraces;
     this.bIgnoreRootCallInvocation = bIgnoreRootCallInvocation;
     this.ffnFindingNameFormat      = ffnFindingNameFormat;
     this.bChangeFindingData        = bChangeFindingData;
     this.tTraceType = tTraceType;
 }
Exemplo n.º 4
0
 public filter_FindActionObject(String sActionObjectIdToFind, bool bDropFindingsWithNoTraces,
                                bool bFilterDuplicateFindings, bool bIgnoreRootCallInvocation,
                                Analysis.FindingNameFormat ffnFindingNameFormat, bool bChangeFindingData)
 {
     this.sActionObjectIdToFind     = sActionObjectIdToFind;
     this.bDropFindingsWithNoTraces = bDropFindingsWithNoTraces;
     this.bFilterDuplicateFindings  = bFilterDuplicateFindings;
     this.bIgnoreRootCallInvocation = bIgnoreRootCallInvocation;
     this.ffnFindingNameFormat      = ffnFindingNameFormat;
     this.bChangeFindingData        = bChangeFindingData;
 }
        public static void createSavedAssessmentFileWith_LostSinks_Unique(String sPathToFindingsXmlFile_Source,
                                                                          String sPathToFindingsXmlFile_Target)
        {
            O2AssessmentData_OunceV6 fadO2AssessmentDataOunceV6 = null;
            bool bChangeFindingData = true;
            bool bVerbose           = false;

            Analysis.loadAssessmentFile(sPathToFindingsXmlFile_Source, bVerbose, ref fadO2AssessmentDataOunceV6);
            Analysis.FindingNameFormat ffnFindingNameFormat = Analysis.FindingNameFormat.Sink;
            Analysis.createAssessmentFileWithLostSinks_OneExampleEach(sPathToFindingsXmlFile_Target,
                                                                      ffnFindingNameFormat, bChangeFindingData,
                                                                      fadO2AssessmentDataOunceV6);
        }
Exemplo n.º 6
0
            public void applyFindingNameFormat(AssessmentRun arAssessmentRun, AssessmentAssessmentFileFinding fFinding,
                                               Analysis.FindingNameFormat ffnFindingNameFormat)
            {
                switch (ffnFindingNameFormat)
                {
                case Analysis.FindingNameFormat.FindingType:     // do nothing in these cases
                    break;

                case Analysis.FindingNameFormat.FindingType_Sink:

                    fFinding.vuln_type += "        " +
                                          resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1);
                    break;

                case Analysis.FindingNameFormat.FindingType_Source:
                    fFinding.vuln_type += "        " +
                                          resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1);
                    break;

                case Analysis.FindingNameFormat.Sink:
                    fFinding.vuln_type = "        " +
                                         resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1);
                    break;

                case Analysis.FindingNameFormat.Source:
                    fFinding.vuln_type = "        " +
                                         resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1);
                    break;

                case Analysis.FindingNameFormat.Sink_Source:
                    fFinding.vuln_type = resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1) +
                                         "        " +
                                         resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1);
                    break;

                case Analysis.FindingNameFormat.Source_Sink:
                    fFinding.vuln_type = resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1) +
                                         "        " +
                                         resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1);
                    break;
                }
            }
        public static List <String> getListOf_LostSinks_Unique(String sPathToSavedXmlFile,
                                                               ref O2AssessmentData_OunceV6 fadO2AssessmentDataOunceV6)
        {
            var lMatches = new List <string>();


            bool bChangeFindingData = false;

            Analysis.FindingNameFormat ffnFindingNameFormat = Analysis.FindingNameFormat.FindingType;
            var ffulsFilter = new AnalysisFilters.filter_FindUniqueLostSinks(ffnFindingNameFormat, bChangeFindingData);
            List <AssessmentAssessmentFileFinding> laaffFindings = getListOfFindingsUsingFilter(sPathToSavedXmlFile,
                                                                                                ffulsFilter,
                                                                                                ref fadO2AssessmentDataOunceV6);

            foreach (AssessmentAssessmentFileFinding aaffFinding in laaffFindings)
            {
                lMatches.Add(Analysis.getSmartTraceNameOfTraceType(aaffFinding.Trace, TraceType.Lost_Sink,
                                                                   fadO2AssessmentDataOunceV6));
            }
            return(lMatches);
        }
Exemplo n.º 8
0
 public filter_FindUniqueLostSinks(Analysis.FindingNameFormat ffnFindingNameFormat, bool bChangeFindingData)
 {
     this.ffnFindingNameFormat = ffnFindingNameFormat;
     this.bChangeFindingData = bChangeFindingData;
 }
Exemplo n.º 9
0
 public filter_FindSmartTraces(bool bDropDuplicateSmartTraces, bool bIgnoreRootCallInvocation,
                               Analysis.FindingNameFormat ffnFindingNameFormat, bool bChangeFindingData)
 {
     this.bDropDuplicateSmartTraces = bDropDuplicateSmartTraces;
     this.bIgnoreRootCallInvocation = bIgnoreRootCallInvocation;
     this.ffnFindingNameFormat = ffnFindingNameFormat;
     this.bChangeFindingData = bChangeFindingData;
 }
Exemplo n.º 10
0
 public filter_FindSmartTrace_byID(UInt32 uSmartTraceCallID, TraceType tTraceType,
                                   bool bDropDuplicateSmartTraces, bool bIgnoreRootCallInvocation,
                                   Analysis.FindingNameFormat ffnFindingNameFormat, bool bChangeFindingData)
 {
     this.uSmartTraceCallID = uSmartTraceCallID;
     this.bDropDuplicateSmartTraces = bDropDuplicateSmartTraces;
     this.bIgnoreRootCallInvocation = bIgnoreRootCallInvocation;
     this.ffnFindingNameFormat = ffnFindingNameFormat;
     this.bChangeFindingData = bChangeFindingData;
     this.tTraceType = tTraceType;
 }
Exemplo n.º 11
0
 public filter_FindActionObject(String sActionObjectIdToFind, bool bDropFindingsWithNoTraces,
                                bool bFilterDuplicateFindings, bool bIgnoreRootCallInvocation,
                                Analysis.FindingNameFormat ffnFindingNameFormat, bool bChangeFindingData)
 {
     this.sActionObjectIdToFind = sActionObjectIdToFind;
     this.bDropFindingsWithNoTraces = bDropFindingsWithNoTraces;
     this.bFilterDuplicateFindings = bFilterDuplicateFindings;
     this.bIgnoreRootCallInvocation = bIgnoreRootCallInvocation;
     this.ffnFindingNameFormat = ffnFindingNameFormat;
     this.bChangeFindingData = bChangeFindingData;
 }
Exemplo n.º 12
0
 public filter_FindUniqueLostSinks(Analysis.FindingNameFormat ffnFindingNameFormat, bool bChangeFindingData)
 {
     this.ffnFindingNameFormat = ffnFindingNameFormat;
     this.bChangeFindingData   = bChangeFindingData;
 }