public static void addTrace(IO2Finding o2Finding, List<string> values, string key)
{
foreach (string value in values)
{
o2Finding.o2Traces.Add(new O2Trace(key + " = " + value));
}
}
public static IO2Finding createCopy(IO2Finding o2Finding, bool processChildTraces)
{
var newO2Finding = new O2Finding();
newO2Finding.vulnType = o2Finding.vulnType;
newO2Finding.vulnName = o2Finding.vulnName;
newO2Finding.text = createCopy(o2Finding.text);
newO2Finding.severity = o2Finding.severity;
newO2Finding.recordId = o2Finding.recordId;
newO2Finding.propertyIds = o2Finding.propertyIds;
newO2Finding.projectName = o2Finding.projectName;
newO2Finding.ordinal = o2Finding.ordinal;
newO2Finding.lineNumber = o2Finding.lineNumber;
newO2Finding.file = o2Finding.file;
newO2Finding.exclude = o2Finding.exclude;
newO2Finding.confidence = o2Finding.confidence;
newO2Finding.columnNumber = o2Finding.actionObject;
newO2Finding.context = o2Finding.context;
newO2Finding.callerName = o2Finding.callerName;
newO2Finding.actionObject = o2Finding.actionObject;
if (processChildTraces)
newO2Finding.o2Traces = createCopy(o2Finding.o2Traces);
return newO2Finding;
}
public static IO2Finding createCopy(IO2Finding o2Finding, bool processChildTraces)
{
var newO2Finding = new O2Finding
{
actionObject = o2Finding.actionObject,
callerName = o2Finding.callerName,
context = o2Finding.context,
columnNumber = o2Finding.actionObject,
confidence = o2Finding.confidence,
exclude = o2Finding.exclude,
file = o2Finding.file,
lineNumber = o2Finding.lineNumber,
ordinal = o2Finding.ordinal,
projectName = o2Finding.projectName,
propertyIds = o2Finding.propertyIds,
recordId = o2Finding.recordId,
severity = o2Finding.severity,
text = createCopy(o2Finding.text),
vulnName = o2Finding.vulnName,
vulnType = o2Finding.vulnType
};
if (processChildTraces)
newO2Finding.o2Traces = createCopy(o2Finding.o2Traces);
return newO2Finding;
}
public static void addTrace(IO2Finding o2Finding, string value, string key)
{
if (value != null)
{
o2Finding.o2Traces.Add(new O2Trace(key + " = " + value));
}
}
private static void addFindingDataToO2Finding(AssessmentAsmntFileFinding finding, IO2Finding o2Finding, AssessmentRun assessmentRun)
{
AssessmentRunFindingData findingData = assessmentRun.FindingDataPool[finding.data_id-1];
AssessmentRunSite siteData = assessmentRun.SitePool[findingData.site_id - 1];
if (findingData.id != finding.data_id || siteData.id != findingData.site_id)
DI.log.error("in addFindingDataToO2Finding findingData.id != (finding.data_id-1) or siteData.id != (findingData.site_id - 1)");
else
{
o2Finding.actionObject = findingData.ao_id;
o2Finding.callerName = getStringIndexValue(siteData.caller, assessmentRun);
o2Finding.columnNumber = siteData.cn;
o2Finding.confidence = (byte) findingData.conf;
o2Finding.context = getStringIndexValue(siteData.cxt, assessmentRun);
o2Finding.exclude = finding.excluded;
o2Finding.file = getFileIndexValue(siteData.file_id, assessmentRun);
o2Finding.lineNumber = siteData.ln;
o2Finding.method = getStringIndexValue(siteData.method, assessmentRun);
o2Finding.ordinal = siteData.ord;
o2Finding.projectName = getStringIndexValue(findingData.project_name, assessmentRun);
o2Finding.propertyIds = findingData.prop_ids; /**/
o2Finding.recordId = findingData.rec_id;
o2Finding.severity = (byte) findingData.sev;
// o2Finding.signature = getStringIndexValue(siteData.sig, assessmentRun);
o2Finding.text = null; /**/
o2Finding.vulnName = getStringIndexValue(siteData.sig, assessmentRun); /*making the sig the vuln name*/
o2Finding.vulnType = getStringIndexValue(findingData.vtype, assessmentRun);
}
}
public void loadO2Finding(IO2Finding _o2Finding)
{
Threads_ExtensionMethods.invokeOnThread((Control) this, () =>
{
o2Finding = _o2Finding;
showO2TraceTree();
return null;
});
}
public static IO2Finding createCopyAndGlueTraceSinkWithTrace(IO2Finding o2TemplateFinding,
List<IO2Trace> o2TracesToGlue)
{
IO2Finding o2NewFinding = OzasmtCopy.createCopy(o2TemplateFinding);
//IO2Trace newFindingSink = OzasmtUtils.getKnownSink(o2NewFinding.o2Traces);
IO2Trace newFindingSink = OzasmtUtils.getSink(o2NewFinding.o2Traces);
newFindingSink.traceType = TraceType.Root_Call;
foreach (O2Trace o2TraceToGlue in o2TracesToGlue)
{
o2TraceToGlue.traceType = TraceType.Root_Call;
newFindingSink.childTraces.Add(o2TraceToGlue);
}
return o2NewFinding;
}
public static void createAllPartialTraces(IEnumerable<IO2Trace> o2TracesToFollow, ICollection<IO2Trace> o2PartialTraces, IO2Finding parentFinding, ICollection<IO2Finding> findingsCreated)
{
// process all traces
foreach (var o2TraceToFollow in o2TracesToFollow)
{
// create a copy of the current trace
var newO2Trace = OzasmtCopy.createCopy(o2TraceToFollow, false);
//newO2Trace.childTraces = new List<IO2Trace>(); // remove the child traces
// add it to the trace we are building
o2PartialTraces.Add(newO2Trace);
// create a copy of the parent finding
var newO2Finding = OzasmtCopy.createCopy(parentFinding);
findingsCreated.Add(newO2Finding);
// and trigger the recursive execution on all child traces
createAllPartialTraces(o2TraceToFollow.childTraces, newO2Trace.childTraces, parentFinding, findingsCreated);
}
}
private static void addTraceToO2Finding(string traces, IO2Finding o2Finding, AssessmentRun assessmentRun)
{
if (false == string.IsNullOrEmpty(traces))
{
var splittedTraces = traces.Split(',');
var traceStack = new Stack<List<IO2Trace>>(); // use to keep track of where we add the trace
traceStack.Push(o2Finding.o2Traces); // the first one is the main o2Findings.o2Traces
foreach(var traceItem in splittedTraces)
{
var splittedTrace = traceItem.Split('.'); // in this version the dots mean how many nodes we have to go up
int traceIndex;
if (Int32.TryParse(splittedTrace[0], out traceIndex))
{
AssessmentRunTaint taint = assessmentRun.TaintPool[traceIndex - 1];
AssessmentRunSite siteData = assessmentRun.SitePool[taint.site_id - 1];
var o2Trace = new O2Trace
{
caller = getStringIndexValue(siteData.caller, assessmentRun),
columnNumber = siteData.cn,
context = getStringIndexValue(siteData.cxt, assessmentRun),
file = getFileIndexValue(siteData.file_id, assessmentRun),
lineNumber = siteData.ln,
method = getStringIndexValue(siteData.method, assessmentRun),
ordinal = siteData.ord,
signature = getStringIndexValue(siteData.sig, assessmentRun),
argument = taint.arg,
direction = taint.dir,
traceType =((TraceType) Enum.Parse(typeof (TraceType), taint.trace_type.ToString()))
};
//o2Trace.clazz = getStringIndexValue(,assessmentRun); // check if siteData.caller is a good match for clazz
//o2Trace.taintPropagation = ;
//o2Trace.text = ;
traceStack.Peek().Add(o2Trace); // add the current trace as a child of the the item on the top of traceStack
traceStack.Push(o2Trace.childTraces); // and make the current trace the item on the top of traceStack (which will be changed if there were dots in the traceItem (handled below))
}
else
{
DI.log.error("in addTraceToO2Finding , could not parse into int {0} from {1}", splittedTrace[0], traceItem);
}
if (splittedTrace.Length > 1) // means there were dots in the traceitem
for (var i = 1; i < splittedTrace.Length; i++)
traceStack.Pop();
}
o2Finding.o2Traces[0].signature += traces;
}
}
public static List<IO2Finding> applySinkRuleToFindingAndTrace(IO2Finding o2Finding, string traceSignature, IDictionary<string, List<IO2Rule>> indexedRules)
{
var newFindings = new List<IO2Finding>();
if (traceSignature != "" && indexedRules.ContainsKey(traceSignature))
{
// apply rules settings to it
foreach (var o2Rule in indexedRules[traceSignature])
{
// create copy of finding
var newO2Finding = OzasmtCopy.createCopy(o2Finding);
// apply rule
newO2Finding.severity = OzasmtUtils.getSeverityFromString(o2Rule.Severity);
newO2Finding.vulnName = o2Rule.Signature;
newO2Finding.vulnType = o2Rule.VulnType;
newFindings.Add(newO2Finding);
}
}
return newFindings;
}
public static void openInFloatWindow(IO2Finding o2Finding)
{
O2Thread.mtaThread(
() =>
{
var windowName = "Finding Editor for: " + o2Finding;
O2Messages.openControlInGUISync(typeof (ascx_FindingEditor), O2DockState.Float,
windowName);
O2Messages.getAscx(windowName, guiControl =>
{
if (guiControl != null &&
guiControl is ascx_FindingEditor)
{
var findingEditor =
(ascx_FindingEditor) guiControl;
findingEditor.loadO2Finding(
o2Finding, false);
}
});
});
}
private static bool applyRuleToTrace(IO2Trace o2Trace, ICollection<IO2Trace> o2PartialTraces, IO2Finding parentO2Finding, List<IO2Finding> findingsCreated, IDictionary<string, List<IO2Rule>> indexedRules)
{
// if (o2Trace.signature.IndexOf("System.Data.SqlClient.SqlCommand") > -1)
// DI.log.info(o2Trace.signature);
var signatureToFind = MakeSignatureCompatibleWithOunceRules(o2Trace.signature);
// if (signatureToFind.IndexOf("System.Data.SqlClient") > -1)
// DI.log.info(signatureToFind);
if (indexedRules.ContainsKey(signatureToFind)) // means we have a match
{
// rename to shouldAbortRulesCreation
if (shouldAbortRulesExecution(indexedRules[signatureToFind]))
{
if (o2Trace.traceType == TraceType.Known_Sink || o2Trace.traceType == TraceType.Lost_Sink)
return false;
return true;
}
// check if we are a sink at the root of the tree with no child nodes (and if so skip trace creation)
if (parentO2Finding.o2Traces.Count == 0 )//; && (o2Trace.traceType == TraceType.Known_Sink || o2Trace.traceType == TraceType.Lost_Sink || o2Trace.traceType == TraceType.Root_Call))
return true;
// check if there are no sources on the trace
if (((O2Finding)parentO2Finding).Source == "")
return false;
var newTrace = OzasmtCopy.createCopy(o2Trace, false); //create new trace (which will be modified
newTrace.traceType = TraceType.Known_Sink; // make the trace a sink
o2PartialTraces.Add(newTrace); // add it to the partial trace
var newFindingWithSinkTrace = OzasmtCopy.createCopy(parentO2Finding); // create template finding which will be applied the rules
findingsCreated.AddRange(FiltersUtils.applySinkRuleToFindingAndTrace(newFindingWithSinkTrace, signatureToFind, indexedRules)); // apply rules and add resulting findings to findingsCreated list
//remove the new trace since the invokeOnAllPartialTraces loop will add its own copy
o2PartialTraces.Remove(newTrace);
}
return true; // in this case return true since we want to process ALL traces
}
public void addO2Finding(IO2Finding o2Finding, bool refresh)
{
try
{
if (false == currentO2Findings.Contains(o2Finding))
if (cbDontLoadFindingsWithNoTraces.Checked == false || o2Finding.o2Traces.Count > 0)
currentO2Findings.Add(o2Finding);
if (refresh)
showCurrentO2Findings();
}
catch (Exception ex)
{
DI.log.error("in addO2Finding: {0}", ex.Message);
}
}
public static void calculateUniqueListOfO2Traces(IO2Finding o2Finding, List<IO2Trace> uniqueO2Traces)
{
calculateUniqueListOfO2Traces(o2Finding.o2Traces, uniqueO2Traces);
}
/// <summary>
/// This will populate the parent finding with all traces from the provided ICirFunction
/// caution: use the createNewFindingOnExternalCall carefully since it can create a stupid amount of traces (and it is much slower)
/// </summary>
/// <param name="cirFunction"></param>
/// <param name="lineNumber"></param>
/// <param name="o2Traces"></param>
/// <param name="parentTraces"></param>
/// <param name="rootO2Finding"></param>
/// <param name="o2FindingsCreated"></param>
/// <param name="createNewFindingOnExternalCall"></param>
/// <param name="fileName"></param>
public static void createTracesAndFindingsFromCirFunction(ICirFunction cirFunction, string fileName, UInt32 lineNumber, List <IO2Trace> o2Traces, List <IO2Trace> parentTraces, IO2Finding rootO2Finding, List <IO2Finding> o2FindingsCreated, bool createNewFindingOnExternalCall)
{
int maxParentDepth = 10; //30; //10;
var maxNumberOfTraces = 20; //50; //300; //50
var filteredSignature = new FilteredSignature(cirFunction);
var functionSignature = filteredSignature.sSignature;
var o2Trace = new O2Trace(functionSignature, cirFunction.ClassNameFunctionNameAndParameters)
{
file = fileName,
lineNumber = lineNumber
};
// add file references
// handle the case where this is a recursive call or a call to a method already added in the current tree
var recursiveCall = false;
foreach (var o2ParentTrace in parentTraces)
{
if (o2ParentTrace.signature == functionSignature)
{
recursiveCall = true;
break;
}
}
parentTraces.Add(o2Trace);
// add this trace to the current trace tree (since we might need to create a copy of it below
o2Traces.Add(o2Trace);
if (recursiveCall)
{
var nodeText = String.Format("{0} : {1} : {2}", cirFunction, "....(Recursive Call so not expanding child traces", functionSignature);
o2Trace.childTraces.Add(new O2Trace(nodeText));
}
else
{
if (parentTraces.Count > maxParentDepth)
{
o2Trace.childTraces.Add(new O2Trace(" ... {Max trace depth reached} (" + maxParentDepth + ")"));
}
else
{
//
var numberOfTraces = OzasmtUtils.getAllTraces(rootO2Finding.o2Traces);
if (numberOfTraces.Count > maxNumberOfTraces)
{
o2Trace.childTraces.Add(new O2Trace("**** Max number of traces reached(" + maxNumberOfTraces + ") aborting trace execution"));
return;
}
if (cirFunction.FunctionsCalled.Count == 0) // means we don't have the code for this one, so
{
// let make it a lost sink
var originalTraceTypeValue = o2Trace.traceType; // we might need this below
o2Trace.traceType = TraceType.Lost_Sink;
if (createNewFindingOnExternalCall) // and if createNewFindingOnExternalCall add it as finding
{
// create a copy of the parent finding (which incudes the above trace
var newFinding = OzasmtCopy.createCopy(rootO2Finding);
// make the first call a source (so that we have a source-> pair
newFinding.o2Traces[0].traceType = TraceType.Source;
// add it
o2FindingsCreated.Add(newFinding);
// since the crawl will continue we must restore the originalTraceTypeValue
o2Trace.traceType = originalTraceTypeValue;
}
}
else
{
foreach (var functionCalled in cirFunction.FunctionsCalled)
{
createTracesAndFindingsFromCirFunction(functionCalled.cirFunction, functionCalled.fileName, (UInt32)functionCalled.lineNumber, o2Trace.childTraces, parentTraces, rootO2Finding, o2FindingsCreated, createNewFindingOnExternalCall);
}
}
}
}
// now remove the signature since we are only interrested in non repeats on the same parent
parentTraces.Remove(o2Trace);
}
public static AssessmentAssessmentFileFinding getAssessmentAssessmentFileFinding(IO2Finding o2Finding, Dictionary<string, uint> dStringIndexes, Dictionary<string, uint> dFilesIndexes)
{
try
{
var finding = new AssessmentAssessmentFileFinding
{
actionobject_id = o2Finding.actionObject,
caller_name_id =
addTextToStringIndexes(o2Finding.callerName, dStringIndexes).ToString(),
column_number = o2Finding.columnNumber,
confidence = o2Finding.confidence,
cxt_id = addTextToStringIndexes(o2Finding.context, dStringIndexes).ToString(),
exclude = o2Finding.exclude,
line_number = o2Finding.lineNumber,
ordinal = o2Finding.ordinal,
project_name_id =
addTextToStringIndexes(o2Finding.projectName, dStringIndexes).ToString(),
property_ids = o2Finding.propertyIds,
record_id = o2Finding.recordId,
severity = o2Finding.severity,
Text = (o2Finding.text!=null) ? o2Finding.text.ToArray(): null,
vuln_name_id = addTextToStringIndexes(o2Finding.vulnName, dStringIndexes).ToString(),
vuln_type_id = addTextToStringIndexes(o2Finding.vulnType, dStringIndexes).ToString()
};
if (o2Finding.o2Traces.Count > 0)
{
var callInvocations = new List<CallInvocation>();
foreach (O2Trace o2trace in o2Finding.o2Traces)
callInvocations.Add(getCallInvocationObjectFromO2Trace(o2trace, dStringIndexes, dFilesIndexes));
finding.Trace = callInvocations.ToArray();
}
//if (o2Finding.o2Trace != null)
// finding.Trace = new[] {getCallInvocationObjectFromO2Trace((o2Finding.o2Trace), assessmentRun)};
return finding;
}
catch (Exception ex)
{
ex.log("in getAssessmentAssessmentFileFinding");
}
return null;
}
public static bool findingWith_Traces(IO2Finding o2Finding)
{
return o2Finding.o2Traces.Count > 0;
}
public static IO2Finding createCopy(IO2Finding o2Finding)
{
return createCopy(o2Finding, true);
}
public static ascx_SourceCodeViewer show(this ascx_SourceCodeViewer codeViewer, IO2Finding o2Finding)
{
codeViewer.editor().show(o2Finding);
return(codeViewer);
}
public static string sink(this IO2Finding iO2Finding)
{
return(iO2Finding.o2Finding().Sink);
}
public static string source(this IO2Finding iO2Finding)
{
return(iO2Finding.o2Finding().Source);
}
public static ascx_TraceTreeView show(this ascx_TraceTreeView traceViewer, IO2Finding iO2Finding)
{
traceViewer.loadO2Finding(iO2Finding);
return(traceViewer);
}
public static O2Finding o2Finding(this IO2Finding iO2Finding)
{
return((O2Finding)iO2Finding);
}
public static ascx_FindingsViewer show(this ascx_FindingsViewer findingsViewer, IO2Finding o2Finding)
{
return(findingsViewer.show(o2Finding.wrapOnList()));
}
public TreeNode getO2FindingTreeNode( IO2Finding o2Finding,string treeNodeText, string propertyUsed)
{
return O2Forms.newTreeNode(treeNodeText, propertyUsed,
(o2Finding.o2Traces.Count > 0)
? icon_findingWithTrace
: icon_findingWithNoTrace
, o2Finding);
}
public static Thread openInFloatWindow(IO2Finding o2Finding)
{
return openInFloatWindow(new List<IO2Finding> { o2Finding });
}
public static bool trace_Contains(this IO2Finding iO2Finding, string text)
{
return(iO2Finding.allTraces().values().filter(text).size() > 0);
}
public static void createAllPartialTraces(IEnumerable <IO2Trace> o2TracesToFollow, ICollection <IO2Trace> o2PartialTraces, IO2Finding parentFinding, ICollection <IO2Finding> findingsCreated)
{
// process all traces
foreach (var o2TraceToFollow in o2TracesToFollow)
{
// create a copy of the current trace
var newO2Trace = OzasmtCopy.createCopy(o2TraceToFollow, false);
//newO2Trace.childTraces = new List<IO2Trace>(); // remove the child traces
// add it to the trace we are building
o2PartialTraces.Add(newO2Trace);
// create a copy of the parent finding
var newO2Finding = OzasmtCopy.createCopy(parentFinding);
findingsCreated.Add(newO2Finding);
// and trigger the recursive execution on all child traces
createAllPartialTraces(o2TraceToFollow.childTraces, newO2Trace.childTraces, parentFinding, findingsCreated);
}
}
public static IO2Finding copy(this IO2Finding o2Finding)
{
return(OzasmtCopy.createCopy(o2Finding));
}
public static IO2Trace add_Trace(this IO2Finding o2Finding, string text)
{
return(o2Finding.o2Traces.add_Trace(text));
}
public static List <IO2Trace> allTraces(this IO2Finding iO2Finding)
{
return(OzasmtUtils.getListWithAllTraces(iO2Finding.o2Finding()));
}
private static void addFindingDataToO2Finding(AssessmentAsmntFileFinding finding, IO2Finding o2Finding, AssessmentRun assessmentRun)
{
AssessmentRunFindingData findingData = assessmentRun.FindingDataPool[finding.data_id - 1];
AssessmentRunSite siteData = assessmentRun.SitePool[findingData.site_id - 1];
if (findingData.id != finding.data_id || siteData.id != findingData.site_id)
{
DI.log.error("in addFindingDataToO2Finding findingData.id != (finding.data_id-1) or siteData.id != (findingData.site_id - 1)");
}
else
{
o2Finding.actionObject = findingData.ao_id;
o2Finding.callerName = getStringIndexValue(siteData.caller, assessmentRun);
o2Finding.columnNumber = siteData.cn;
o2Finding.confidence = (byte)findingData.conf;
o2Finding.context = getStringIndexValue(siteData.cxt, assessmentRun);
o2Finding.exclude = finding.excluded;
o2Finding.file = getFileIndexValue(siteData.file_id, assessmentRun);
o2Finding.lineNumber = siteData.ln;
o2Finding.method = getStringIndexValue(siteData.method, assessmentRun);
o2Finding.ordinal = siteData.ord;
o2Finding.projectName = getStringIndexValue(findingData.project_name, assessmentRun);
o2Finding.propertyIds = findingData.prop_ids; /**/
o2Finding.recordId = findingData.rec_id;
o2Finding.severity = (byte)findingData.sev;
// o2Finding.signature = getStringIndexValue(siteData.sig, assessmentRun);
o2Finding.text = null; /**/
o2Finding.vulnName = getStringIndexValue(siteData.sig, assessmentRun); /*making the sig the vuln name*/
o2Finding.vulnType = getStringIndexValue(findingData.vtype, assessmentRun);
}
}
public static string getVariableNameFromThisObject(IO2Finding o2Finding)
{
return(getVariableNameFromThisObject(o2Finding.context));
}
public static IO2Finding createCopyAndGlueTraceSinkWithTrace(IO2Finding o2TemplateFinding, IO2Trace o2TracesToGlue)
{
return(createCopyAndGlueTraceSinkWithTrace(o2TemplateFinding, new List <IO2Trace> {
o2TracesToGlue
}));
}
private void createNewDynamicO2Finding()
{
currentDynamicO2Finding = new O2Finding();
currentO2Trace = null;
reloadTraceViewer();
}
public static void calculateUniqueListOfO2Traces(IO2Finding o2Finding, List <IO2Trace> uniqueO2Traces)
{
calculateUniqueListOfO2Traces(o2Finding.o2Traces, uniqueO2Traces);
}
public void CreateFinding()
{
string sFileToCreate = DI.config.TempFileNameInTempDirectory;
const string file = @"c:\O2\Temp\testFile.cs";
const uint record_id = 1;
const uint line_number = 2;
const uint column_number = 3;
const uint actionobject_id = 4;
const byte severity = 3;
const byte confidence = 2;
const bool exclude = false;
const uint ordinal = 1;
const string context = "context";
const string vuln_name = "vuln_name";
const string caller_name = "caller_name";
const string vuln_type = "vuln_type";
const string project_name = "project_name";
const string property_ids = "property_ids";
var o2Assessment = new O2Assessment();
// create test O2Finding objects
var o2Finding1 = new O2Finding
{
actionObject = actionobject_id,
confidence = confidence,
file = file,
columnNumber = column_number,
exclude = exclude,
lineNumber = line_number,
ordinal = ordinal,
recordId = record_id,
severity = severity,
context = context,
vulnName = vuln_name,
callerName = caller_name,
vulnType = vuln_type,
projectName = project_name,
propertyIds = property_ids
};
var o2Finding2 = new O2Finding(vuln_name, vuln_type, context, caller_name);
// add O2Findings and saved assessment run
o2Assessment.o2Findings.Add(o2Finding1);
o2Assessment.o2Findings.Add(o2Finding2);
o2Assessment.save(o2AssessmentSave, sFileToCreate);
// check that file created is ok
var loadedO2Assessment = new O2Assessment(o2AssessmentLoad, sFileToCreate);
Assert.IsTrue(loadedO2Assessment.o2Findings.Count == 2, "There should be 2 findings saved");
IO2Finding loadedO2Fiding = loadedO2Assessment.o2Findings[0];
Assert.IsTrue(loadedO2Fiding.actionObject == actionobject_id, "actionobject_id");
Assert.IsTrue(loadedO2Fiding.confidence == confidence, "confidence");
Assert.IsTrue(loadedO2Fiding.file == file, "file");
Assert.IsTrue(loadedO2Fiding.columnNumber == column_number, "column_number");
Assert.IsTrue(loadedO2Fiding.exclude == exclude, "exclude");
Assert.IsTrue(loadedO2Fiding.lineNumber == line_number, "line_number");
Assert.IsTrue(loadedO2Fiding.ordinal == ordinal, "ordinal");
Assert.IsTrue(loadedO2Fiding.recordId == record_id, "record_id");
Assert.IsTrue(loadedO2Fiding.severity == severity, "severity");
Assert.IsTrue(loadedO2Fiding.context == context, "context");
Assert.IsTrue(loadedO2Fiding.vulnName == vuln_name, "vuln_name");
Assert.IsTrue(loadedO2Fiding.callerName == caller_name, "caller_name");
Assert.IsTrue(loadedO2Fiding.vulnType == vuln_type, "vuln_type");
Assert.IsTrue(loadedO2Fiding.projectName == project_name, "project_name");
Assert.IsTrue(loadedO2Fiding.propertyIds == property_ids, "property_ids");
}
public void addO2Finding(IO2Finding o2Finding)
{
this.invokeOnThread(() => addO2Finding(o2Finding, true));
}
public static bool findingWith_Traces_LostSinks(IO2Finding o2Finding)
{
return ((O2Finding)o2Finding).LostSink != "";
}
private static string calculateTreeNodeText(IO2Finding o2Finding, string propertyToUse, string filterToUse)
{
string nodeText;
try
{
switch (propertyToUse)
{
case "severity":
return OzasmtUtils.getSeverityFromId(o2Finding.severity);
case "confidence":
return OzasmtUtils.getConfidenceFromId(o2Finding.confidence);
case "o2Traces":
var allO2Traces = OzasmtUtils.getAllTraces(o2Finding.o2Traces);
return (allO2Traces.Keys.Count > 0) ? string.Format("# nodes: {0}", allO2Traces.Keys.Count) : "";
default:
nodeText = DI.reflection.getProperty(propertyToUse, o2Finding).ToString();
break;
}
if (nodeText != "")
if (RegEx.findStringInString(nodeText, filterToUse) || nodeText.IndexOf(filterToUse) > -1)
return nodeText;
else
return "";
return nodeText;
}
catch (Exception ex)
{
DI.log.error("in calculateTreeNodeText: {0}", ex.Message);
return "[O2 Error (check logs for details)]";
}
}
private void loadO2Finding(IO2Finding o2Finding, bool fromSerializedData)
{
o2FindingLoadedViaSerializedData = fromSerializedData;
loadO2Finding(o2Finding);
}
private static void openO2FindingOnNewGuiWindow(IO2Finding o2FindingToOpen)
{
O2Thread.mtaThread(() =>
{
var findingEditorControlName = string.Format("Findings Editor for: {0} ({1})", o2FindingToOpen, Guid.NewGuid());
O2Messages.openControlInGUISync(typeof (ascx_FindingEditor), O2DockState.Float,
findingEditorControlName);
O2Messages.getAscx(findingEditorControlName, controlObject =>
{
if(controlObject!=null && controlObject is ascx_FindingEditor)
{
var findingEditor = (ascx_FindingEditor)controlObject;
findingEditor.loadO2Finding(o2FindingToOpen);
}
});
// can't use this because we can't serialized O2Finding (since it has interfaces on it)
/*
var serializedO2Finding = OzasmtUtils.createSerializedXmlStringFromO2Finding(o2FindingToOpen);
O2Messages.executeOnAscx(findingEditorControlName, "loadSerializedO2Finding",
new[] {serializedO2Finding});
* */
});
}
public static ascx_TraceTreeView show(this ascx_TraceTreeView traceViewer, IO2Finding iO2Finding)
{
traceViewer.loadO2Finding(iO2Finding);
return traceViewer;
}
private static bool applyRuleToTrace(IO2Trace o2Trace, ICollection <IO2Trace> o2PartialTraces, IO2Finding parentO2Finding, List <IO2Finding> findingsCreated, IDictionary <string, List <IO2Rule> > indexedRules)
{
// if (o2Trace.signature.IndexOf("System.Data.SqlClient.SqlCommand") > -1)
// DI.log.info(o2Trace.signature);
var signatureToFind = MakeSignatureCompatibleWithOunceRules(o2Trace.signature);
// if (signatureToFind.IndexOf("System.Data.SqlClient") > -1)
// DI.log.info(signatureToFind);
if (indexedRules.ContainsKey(signatureToFind)) // means we have a match
{
// rename to shouldAbortRulesCreation
if (shouldAbortRulesExecution(indexedRules[signatureToFind]))
{
if (o2Trace.traceType == TraceType.Known_Sink || o2Trace.traceType == TraceType.Lost_Sink)
{
return(false);
}
return(true);
}
// check if we are a sink at the root of the tree with no child nodes (and if so skip trace creation)
if (parentO2Finding.o2Traces.Count == 0) //; && (o2Trace.traceType == TraceType.Known_Sink || o2Trace.traceType == TraceType.Lost_Sink || o2Trace.traceType == TraceType.Root_Call))
{
return(true);
}
// check if there are no sources on the trace
if (((O2Finding)parentO2Finding).Source == "")
{
return(false);
}
var newTrace = OzasmtCopy.createCopy(o2Trace, false); //create new trace (which will be modified
newTrace.traceType = TraceType.Known_Sink; // make the trace a sink
o2PartialTraces.Add(newTrace); // add it to the partial trace
var newFindingWithSinkTrace = OzasmtCopy.createCopy(parentO2Finding); // create template finding which will be applied the rules
findingsCreated.AddRange(FiltersUtils.applySinkRuleToFindingAndTrace(newFindingWithSinkTrace, signatureToFind, indexedRules)); // apply rules and add resulting findings to findingsCreated list
//remove the new trace since the invokeOnAllPartialTraces loop will add its own copy
o2PartialTraces.Remove(newTrace);
}
return(true); // in this case return true since we want to process ALL traces
}
public static Thread openInFloatWindow(IO2Finding o2Finding)
{
return(openInFloatWindow(new List <IO2Finding> {
o2Finding
}));
}
private void findingsViewerMappedFindings__onFindingSelected(IO2Finding o2SelectedFinding)
{
onFindingSelectedEvent(o2SelectedFinding);
}
private void loadO2Finding(IO2Finding o2Finding, bool fromSerializedData)
{
o2FindingLoadedViaSerializedData = fromSerializedData;
loadO2Finding(o2Finding);
}
/*public bool loadReferenceFindings(string ozasmtFileWithReferenceFindings)
{
if (File.Exists(ozasmtFileWithReferenceFindings) && Path.GetExtension(ozasmtFileWithReferenceFindings).ToLower() == ".ozasmt")
{
O2Thread.mtaThread(
() =>
{
var thread =
findingsViewerfor_ReferenceFindings.loadO2Assessment(ozasmtFileWithReferenceFindings);
thread.Join();
this.invokeOnThread(
() =>
{
lbNumberOfReferenceFindingsLoaded.Text =
findingsViewerfor_ReferenceFindings.currentO2Findings.Count.ToString();
mapFindingsToSourceCode(findingsViewerfor_ReferenceFindings.currentO2Findings, dgvfunctionsMappings);
});
});
return true;
}
return false;
}*/
/*public void mapFindingsToSourceCode()
{
this.invokeOnThread(() =>mapFindingsToSourceCode(findingsViewerfor_ReferenceFindings.currentO2Findings, dgvfunctionsMappings));
}
public void mapFindingsToSourceCode(List<IO2Finding> o2FindingsToMap,DataGridView targetDataGridView)
{
DI.log.info("Mapping findings to Source Code");
var o2time = new O2Timer("Compled mapping").start();
var mappedMethodsToSourceCode = new Dictionary<string, string>();
foreach (var o2Finding in o2FindingsToMap)
{
addFindingToMappedSourceCode(o2Finding, mappedMethodsToSourceCode);
}
showMethodsMappedToSourceCodeInDataGridView(mappedMethodsToSourceCode, targetDataGridView);
o2time.stop();
}*/
public void addFindingToMappedSourceCode(IO2Finding o2Finding, Dictionary<string, string> mappedMethodsToSourceCode)
{
var findingUniqueTraces = ((O2Finding) o2Finding).getUniqueTraces();
foreach (O2Trace o2Trace in findingUniqueTraces)
if (doesSignatureRepresentAMethodOnTheFilenameReference(o2Trace.signature, o2Trace.SourceCode))
{
string sourceCodeReference = string.Format("{0}::{1}", o2Finding.file, o2Finding.lineNumber);
if (!mappedMethodsToSourceCode.ContainsKey(o2Finding.vulnName))
mappedMethodsToSourceCode.Add(o2Finding.vulnName, sourceCodeReference);
else if (mappedMethodsToSourceCode[o2Finding.vulnName] != sourceCodeReference)
{
}
}
}
public void loadO2Finding(IO2Finding o2Finding)
{
currentO2Finding = o2Finding;
// show O2Finding In DataGrid View
showO2FindingDetails();
updateVisibilityOfSaveButton();
}
public static bool findingWith_Traces_KnownSinks(IO2Finding o2Finding)
{
return ((O2Finding)o2Finding).KnownSink != "";
}
public static AssessmentAssessmentFileFinding getAssessmentAssessmentFileFinding(IO2Finding o2Finding, Dictionary <string, uint> dStringIndexes, Dictionary <string, uint> dFilesIndexes)
{
try
{
var finding = new AssessmentAssessmentFileFinding
{
actionobject_id = o2Finding.actionObject,
caller_name_id =
addTextToStringIndexes(o2Finding.callerName, dStringIndexes).ToString(),
column_number = o2Finding.columnNumber,
confidence = o2Finding.confidence,
cxt_id = addTextToStringIndexes(o2Finding.context, dStringIndexes).ToString(),
exclude = o2Finding.exclude,
line_number = o2Finding.lineNumber,
ordinal = o2Finding.ordinal,
project_name_id =
addTextToStringIndexes(o2Finding.projectName, dStringIndexes).ToString(),
property_ids = o2Finding.propertyIds,
record_id = o2Finding.recordId,
severity = o2Finding.severity,
Text = (o2Finding.text != null) ? o2Finding.text.ToArray(): null,
vuln_name_id = addTextToStringIndexes(o2Finding.vulnName, dStringIndexes).ToString(),
vuln_type_id = addTextToStringIndexes(o2Finding.vulnType, dStringIndexes).ToString()
};
if (o2Finding.o2Traces.Count > 0)
{
var callInvocations = new List <CallInvocation>();
foreach (O2Trace o2trace in o2Finding.o2Traces)
{
callInvocations.Add(getCallInvocationObjectFromO2Trace(o2trace, dStringIndexes, dFilesIndexes));
}
finding.Trace = callInvocations.ToArray();
}
//if (o2Finding.o2Trace != null)
// finding.Trace = new[] {getCallInvocationObjectFromO2Trace((o2Finding.o2Trace), assessmentRun)};
return(finding);
}
catch (Exception ex)
{
ex.log("in getAssessmentAssessmentFileFinding");
}
return(null);
}
public static IO2Finding createCopy(IO2Finding o2Finding)
{
return(createCopy(o2Finding, true));
}
public static bool findingWith_Traces(IO2Finding o2Finding)
{
return(o2Finding.o2Traces.Count > 0);
}
public static ascx_FindingsViewer show(this ascx_FindingsViewer findingsViewer, IO2Finding o2Finding)
{
return findingsViewer.show(o2Finding.wrapOnList());
}
public static bool findingWith_Traces_LostSinks(IO2Finding o2Finding)
{
return(((O2Finding)o2Finding).LostSink != "");
}
public static ascx_SourceCodeViewer show(this ascx_SourceCodeViewer codeViewer, IO2Finding o2Finding)
{
"in show".info();
codeViewer.open(o2Finding.file);
if (o2Finding.lineNumber > 0)
{
codeViewer.editor().gotoLine((int)o2Finding.lineNumber-1);
//codeViewer.editor().caret_Line();
codeViewer.editor().caret_Line((int)o2Finding.lineNumber-1);
codeViewer.editor().caret_Column((int)o2Finding.columnNumber);
}
return codeViewer;
}
public void addO2Finding(IO2Finding o2Finding)
{
this.invokeOnThread(() => addO2Finding(o2Finding, true));
}
