public bool filterDuplicateFindings(List<AssessmentAssessmentFile> lafFilteredAssessmentFiles,
List<AssessmentAssessmentFileFinding> lfFindingsThatMatchCriteria,
AssessmentAssessmentFileFinding fNewFinding,
bool bIgnoreRootCallInvocation)
{
// search the current temp list of Findings (for the current file
foreach (AssessmentAssessmentFileFinding fFinding in lfFindingsThatMatchCriteria)
if (fFinding.Trace != null && fFinding.Trace != null)
if (areCallInvoctionObjectsEqual(fFinding.Trace[0], fNewFinding.Trace[0],
bIgnoreRootCallInvocation))
// bIgnoreRootCallInvocation this will remove all SmartTraces where only the root item (at the top) is different
return false; // we found an equal so return
// and if there are other AssessmentFiles already process it, also analyze them
if (lafFilteredAssessmentFiles != null && lafFilteredAssessmentFiles.Count > 0)
{
foreach (AssessmentAssessmentFile afAssessmentFile in lafFilteredAssessmentFiles)
foreach (AssessmentAssessmentFileFinding fFinding in afAssessmentFile.Finding)
if (fFinding.Trace != null && fFinding.Trace != null)
if (areCallInvoctionObjectsEqual(fFinding.Trace[0], fNewFinding.Trace[0],
bIgnoreRootCallInvocation))
// bIgnoreRootCallInvocation this will remove all SmartTraces where only the root item (at the top) is different
return false;
// we found an equal so return
}
// if we make it this far, means that the current smart trace is unique
lfFindingsThatMatchCriteria.Add(fNewFinding); // only add the different ones*/
return (true);
}
public virtual bool applyFilterAndPopulateList(AssessmentRun arAssessmentRun,
AssessmentAssessmentFileFinding fFinding,
List<AssessmentAssessmentFileFinding>
lfFindingsThatMatchCriteria,
List<AssessmentAssessmentFile> lafFilteredAssessmentFiles)
{
return false;
}
public static String getSource(AssessmentAssessmentFileFinding fFinding, O2AssessmentData_OunceV6 oadF1AssessmentDataOunceV6)
{
CallInvocation ciCallInvocation =
AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnCallInvocation(fFinding.Trace,
TraceType.Source);
if (ciCallInvocation != null)
return OzasmtUtils_OunceV6.getStringIndexValue(ciCallInvocation.sig_id, oadF1AssessmentDataOunceV6);
return "";
}
public static IO2Finding getO2Finding(AssessmentAssessmentFileFinding finding,
AssessmentAssessmentFile assessmentFile, AssessmentRun assessmentRun)
{
var o2Finding = new O2Finding
{
actionObject = finding.actionobject_id,
columnNumber = finding.column_number,
confidence = finding.confidence,
exclude = finding.exclude,
file = assessmentFile.filename,
lineNumber = finding.line_number,
ordinal = finding.ordinal,
propertyIds = finding.property_ids,
recordId = finding.record_id,
severity = finding.severity,
o2Traces = getO2TraceFromCallInvocation(finding.Trace, assessmentRun),
};
if (finding.cxt_id != null)
{
o2Finding.context = getStringIndexValue(UInt32.Parse(finding.cxt_id), assessmentRun);
}
o2Finding.callerName = finding.caller_name;
if (o2Finding.callerName == null && finding.caller_name_id != null)
{
o2Finding.callerName = getStringIndexValue(UInt32.Parse(finding.caller_name_id), assessmentRun);
}
o2Finding.projectName = finding.project_name;
if (o2Finding.projectName == null && finding.project_name_id != null)
{
o2Finding.projectName = getStringIndexValue(UInt32.Parse(finding.project_name_id), assessmentRun);
}
o2Finding.vulnName = finding.vuln_name;
if (o2Finding.vulnName == null && finding.vuln_name_id != null)
{
o2Finding.vulnName = getStringIndexValue(UInt32.Parse(finding.vuln_name_id), assessmentRun);
}
o2Finding.vulnType = finding.vuln_type;
if (o2Finding.vulnType == null && finding.vuln_type_id != null)
{
o2Finding.vulnType = getStringIndexValue(UInt32.Parse(finding.vuln_type_id), assessmentRun);
}
if (finding.Text != null)
{
o2Finding.text = new List <string>(finding.Text);
}
OzasmtUtils.fixExternalSourceSourceMappingProblem(o2Finding);
return(o2Finding);
}
public static AssessmentAssessmentFileFinding getAssessmentAssessmentFileFinding(IO2Finding o2Finding, Dictionary <string, uint> dStringIndexes, Dictionary <string, uint> dFilesIndexes)
{
try
{
var finding = new AssessmentAssessmentFileFinding
{
actionobject_id = o2Finding.actionObject,
caller_name_id =
addTextToStringIndexes(o2Finding.callerName, dStringIndexes).ToString(),
column_number = o2Finding.columnNumber,
confidence = o2Finding.confidence,
cxt_id = addTextToStringIndexes(o2Finding.context, dStringIndexes).ToString(),
exclude = o2Finding.exclude,
line_number = o2Finding.lineNumber,
ordinal = o2Finding.ordinal,
project_name_id =
addTextToStringIndexes(o2Finding.projectName, dStringIndexes).ToString(),
property_ids = o2Finding.propertyIds,
record_id = o2Finding.recordId,
severity = o2Finding.severity,
Text = (o2Finding.text != null) ? o2Finding.text.ToArray(): null,
vuln_name_id = addTextToStringIndexes(o2Finding.vulnName, dStringIndexes).ToString(),
vuln_type_id = addTextToStringIndexes(o2Finding.vulnType, dStringIndexes).ToString()
};
if (o2Finding.o2Traces.Count > 0)
{
var callInvocations = new List <CallInvocation>();
foreach (O2Trace o2trace in o2Finding.o2Traces)
{
callInvocations.Add(getCallInvocationObjectFromO2Trace(o2trace, dStringIndexes, dFilesIndexes));
}
finding.Trace = callInvocations.ToArray();
}
//if (o2Finding.o2Trace != null)
// finding.Trace = new[] {getCallInvocationObjectFromO2Trace((o2Finding.o2Trace), assessmentRun)};
return(finding);
}
catch (Exception ex)
{
DI.log.ex(ex, "in getAssessmentAssessmentFileFinding");
}
return(null);
}
public static CallInvocation fromSourceFindFirstTraceWithAChildSink(AssessmentAssessmentFileFinding fFinding,
O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6)
{
// first get a list of all Calls to the source
var lciReverseListOfCalls = new List<CallInvocation>();
if (findTraceTypeInSmartTrace_Recursive_returnReverseListOfCallInvocation(fFinding.Trace,
TraceType.Source,
lciReverseListOfCalls))
// now find the first trace that has a sink as a child
foreach (CallInvocation ciCallInvocation in lciReverseListOfCalls)
{
CallInvocation ciSink =
findTraceTypeInSmartTrace_Recursive_returnCallInvocation(ciCallInvocation.CallInvocation1,
TraceType.Known_Sink);
if (ciSink != null)
return ciCallInvocation;
}
return null;
}
private string getNodeTextBasedOnSelectedFilter(String sFilter, AssessmentAssessmentFileFinding fFinding)
{
String sNodeText = "";
switch (sFilter)
{
case "caller_name":
sNodeText = fFinding.caller_name ?? OzasmtUtils_OunceV6.getStringIndexValue(UInt32.Parse(fFinding.caller_name_id),
oadAssessmentData);
/* if (null != fFinding.caller_name)
sNodeText = fFinding.caller_name;
else
if (fFinding.caller_name_id != null)
sNodeText = Analysis.getStringIndexValue(UInt32.Parse(fFinding.caller_name_id), oadAssessmentData);
else
sNodeText = "";*/
break;
case "lost_sink":
sNodeText = Analysis.getSmartTraceNameOfTraceType(fFinding.Trace, TraceType.Lost_Sink,
oadAssessmentData);
break;
case "source":
sNodeText = Analysis.getSmartTraceNameOfTraceType(fFinding.Trace, TraceType.Source,
oadAssessmentData);
break;
case "known_sink":
sNodeText = Analysis.getSmartTraceNameOfTraceType(fFinding.Trace, TraceType.Known_Sink,
oadAssessmentData);
break;
case "source_code":
AssessmentAssessmentFile afAssessmentFile = oadAssessmentData.dFindings[fFinding];
lsSourceCode = Files.loadSourceFileIntoList(afAssessmentFile.filename);
if (fFinding.line_number > 0 && lsSourceCode.Count > fFinding.line_number - 1)
sNodeText = lsSourceCode[(Int32) fFinding.line_number - 1].Replace("\t", "");
;
break;
case "vuln_type":
default:
sNodeText = fFinding.vuln_type;
if (sNodeText == null)
sNodeText = OzasmtUtils_OunceV6.getStringIndexValue(UInt32.Parse(fFinding.vuln_type_id),
oadAssessmentData);
break;
}
return sNodeText;
}
public static AssessmentAssessmentFileFinding getAssessmentAssessmentFileFinding(IO2Finding o2Finding, Dictionary<string, uint> dStringIndexes, Dictionary<string, uint> dFilesIndexes)
{
try
{
var finding = new AssessmentAssessmentFileFinding
{
actionobject_id = o2Finding.actionObject,
caller_name_id =
addTextToStringIndexes(o2Finding.callerName, dStringIndexes).ToString(),
column_number = o2Finding.columnNumber,
confidence = o2Finding.confidence,
cxt_id = addTextToStringIndexes(o2Finding.context, dStringIndexes).ToString(),
exclude = o2Finding.exclude,
line_number = o2Finding.lineNumber,
ordinal = o2Finding.ordinal,
project_name_id =
addTextToStringIndexes(o2Finding.projectName, dStringIndexes).ToString(),
property_ids = o2Finding.propertyIds,
record_id = o2Finding.recordId,
severity = o2Finding.severity,
Text = (o2Finding.text!=null) ? o2Finding.text.ToArray(): null,
vuln_name_id = addTextToStringIndexes(o2Finding.vulnName, dStringIndexes).ToString(),
vuln_type_id = addTextToStringIndexes(o2Finding.vulnType, dStringIndexes).ToString()
};
if (o2Finding.o2Traces.Count > 0)
{
var callInvocations = new List<CallInvocation>();
foreach (O2Trace o2trace in o2Finding.o2Traces)
callInvocations.Add(getCallInvocationObjectFromO2Trace(o2trace, dStringIndexes, dFilesIndexes));
finding.Trace = callInvocations.ToArray();
}
//if (o2Finding.o2Trace != null)
// finding.Trace = new[] {getCallInvocationObjectFromO2Trace((o2Finding.o2Trace), assessmentRun)};
return finding;
}
catch (Exception ex)
{
ex.log("in getAssessmentAssessmentFileFinding");
}
return null;
}
private bool searchInStringAndAddFindingResult(String sTextToSearch, SearchCriteria scCurrentSearchCriteria,
AssessmentAssessmentFileFinding fFinding,
O2AssessmentData_OunceV6 fadO2AssessmentDataOunceV6)
{
bool bRegExMatch = RegEx.execRegExOnText_hasMatches(scCurrentSearchCriteria.reRegex, sTextToSearch);
if ((bRegExMatch && scCurrentSearchCriteria.bNegativeSearch == false) ||
(bRegExMatch == false && scCurrentSearchCriteria.bNegativeSearch))
{
addFindingToListOfFindingsResults(sTextToSearch, scCurrentSearchCriteria, fFinding,
fadO2AssessmentDataOunceV6);
}
return bRegExMatch;
}
public FindingViewItem(AssessmentAssessmentFileFinding fFinding, O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6)
{
this.fFinding = fFinding;
this.oadO2AssessmentDataOunceV6 = oadO2AssessmentDataOunceV6;
}
public static bool applyFilter(AnalysisFilters.filter fFilterToApply,
List<AssessmentAssessmentFileFinding> lfTargetList,
AssessmentAssessmentFileFinding fFinding, AssessmentRun arAssessmentRunToAnalyze)
{
List<AssessmentAssessmentFile> lafFilteredAssessmentFiles = null;
// we are not using this here so make it null (all findings to analyze are provided one by one)
// invoke filter
return fFilterToApply.applyFilterAndPopulateList(arAssessmentRunToAnalyze, fFinding, lfTargetList,
lafFilteredAssessmentFiles);
}
public override bool applyFilterAndPopulateList(AssessmentRun arAssessmentRun,
AssessmentAssessmentFileFinding fFinding,
List<AssessmentAssessmentFileFinding>
lfFindingsThatMatchCriteria,
List<AssessmentAssessmentFile> lafFilteredAssessmentFiles)
{
if (fFinding.Trace != null)
{
int iLostSinkId = AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnSigId(fFinding.Trace,
TraceType.
Lost_Sink);
if (iLostSinkId > 0) // need to figure out what happens when iLostSinkId =0
{
if (bChangeFindingData) // if required changed the name of this finding
applyFindingNameFormat(arAssessmentRun, fFinding, ffnFindingNameFormat);
if (bDropDuplicateSmartTraces)
return filterDuplicateFindings(lafFilteredAssessmentFiles, lfFindingsThatMatchCriteria,
fFinding, bIgnoreRootCallInvocation);
else
{
lfFindingsThatMatchCriteria.Add(fFinding);
return true;
}
}
}
return false;
}
public static O2TraceBlock_OunceV6 getTraceBlockToGlueFinding(AssessmentAssessmentFileFinding fFinding,
TraceType ttTraceType,
O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6,
Dictionary<String, O2TraceBlock_OunceV6> dO2TraceBlock)
{
CallInvocation ciCallInvocation =
AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnCallInvocation(fFinding.Trace, ttTraceType);
if (ciCallInvocation == null)
return null;
String sSourceSignature = OzasmtUtils_OunceV6.getStringIndexValue(ciCallInvocation.sig_id, oadO2AssessmentDataOunceV6);
String sFile = OzasmtUtils_OunceV6.getFileIndexValue(ciCallInvocation.fn_id, oadO2AssessmentDataOunceV6);
String sLineNumber = ciCallInvocation.line_number.ToString();
String sTraceRootText = OzasmtUtils_OunceV6.getStringIndexValue(fFinding.Trace[0].sig_id, oadO2AssessmentDataOunceV6);
String sUniqueName = String.Format("{0} {1} {2}", sSourceSignature, sFile, sLineNumber);
// need to find a better way to clue the final sinks since at the moment I am getting a couple sinks trown by the cases when a sink also become a source of tainted data
//String sUniqueName = String.Format("{0} {1} {2} {3}", sSourceSignature, sFile, sLineNumber, sTraceRootText);
if (false == dO2TraceBlock.ContainsKey(sUniqueName))
{
dO2TraceBlock.Add(sUniqueName, new O2TraceBlock_OunceV6());
dO2TraceBlock[sUniqueName].sSignature = sSourceSignature;
dO2TraceBlock[sUniqueName].sFile = sFile;
dO2TraceBlock[sUniqueName].sLineNumber = sLineNumber;
dO2TraceBlock[sUniqueName].sTraceRootText = sTraceRootText;
dO2TraceBlock[sUniqueName].sUniqueName = sUniqueName;
}
return dO2TraceBlock[sUniqueName];
}
public void applyFindingNameFormat(AssessmentRun arAssessmentRun, AssessmentAssessmentFileFinding fFinding,
Analysis.FindingNameFormat ffnFindingNameFormat)
{
switch (ffnFindingNameFormat)
{
case Analysis.FindingNameFormat.FindingType: // do nothing in these cases
break;
case Analysis.FindingNameFormat.FindingType_Sink:
fFinding.vuln_type += " " +
resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1);
break;
case Analysis.FindingNameFormat.FindingType_Source:
fFinding.vuln_type += " " +
resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1);
break;
case Analysis.FindingNameFormat.Sink:
fFinding.vuln_type = " " +
resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1);
break;
case Analysis.FindingNameFormat.Source:
fFinding.vuln_type = " " +
resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1);
break;
case Analysis.FindingNameFormat.Sink_Source:
fFinding.vuln_type = resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1) +
" " +
resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1);
break;
case Analysis.FindingNameFormat.Source_Sink:
fFinding.vuln_type = resolveSource(arAssessmentRun, fFinding.Trace[0].CallInvocation1) +
" " +
resolveSink(arAssessmentRun, fFinding.Trace[0].CallInvocation1);
break;
}
}
public override bool applyFilterAndPopulateList(AssessmentRun arAssessmentRun,
AssessmentAssessmentFileFinding fFinding,
List<AssessmentAssessmentFileFinding>
lfFindingsThatMatchCriteria,
List<AssessmentAssessmentFile> lafFilteredAssessmentFiles)
{
if (sActionObjectIdToFind == fFinding.actionobject_id.ToString())
// and the actionObject matches the filter
{
if (false == bDropFindingsWithNoTraces)
{
lfFindingsThatMatchCriteria.Add(fFinding);
// always add to the list when bDropFindingsWithNoTraces is false
return true;
}
else if (null != fFinding.Trace)
// when bDropFindingsWithNoTraces only add the ones with traces
{
if (bChangeFindingData) // if required changed the name of this finding
applyFindingNameFormat(arAssessmentRun, fFinding, ffnFindingNameFormat);
if (bFilterDuplicateFindings)
// and if bFilterDuplicateFindings is true, consolidate the Trace into similar ones
return filterDuplicateFindings(lafFilteredAssessmentFiles, lfFindingsThatMatchCriteria,
fFinding, bIgnoreRootCallInvocation);
else
{
lfFindingsThatMatchCriteria.Add(fFinding);
return true;
}
}
}
return false;
}
public bool appendTrace_FindingSourceToFindingSink(AssessmentAssessmentFileFinding fJoinAtSink,
FindingViewItem fviJoinAtSource)
{
//Get the Sink of the first trace
CallInvocation ciSinkNode =
AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnCallInvocation(fJoinAtSink.Trace,
TraceType.Known_Sink);
if (ciSinkNode == null)
{
// DI.log.error("in appendTrace_FindingSourceToFindingSink, could not find the Sink of fviJoinAtSink");
return false;
}
// get the source of the 2nd trace
// There are 3 possible Gluing Scenarios
// a source that has child nodes (when it is a callback)
// a source trace that has a compatible signature with the sink trace (when it was creted via a source of tainded data rule). For this one we will have to find the correct injection point
// a source trace that has nothing do with the source (interfaces gluing for example) and we have the same two cases above
// the strategy to find a gluing point (on the fviJoinAtSource is to find the first trace that has a sink
// try to get case 1 see if the current source has child nodes
CallInvocation ciSourceNode =
AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnCallInvocation(
fviJoinAtSource.fFinding.Trace, TraceType.Source);
if (ciSourceNode == null)
{
DI.log.error(
"in appendTrace_FindingSourceToFindingSink, could not find the Source of fviJoinAtSource");
return false;
}
if (ciSourceNode.CallInvocation1 == null) // means we are case 2 or 3
{
CallInvocation ciSourceNodeWithSink =
AnalysisSearch.fromSourceFindFirstTraceWithAChildSink(fviJoinAtSource.fFinding,
fviJoinAtSource.oadO2AssessmentDataOunceV6);
if (ciSourceNodeWithSink != null)
// if we found this it means that we are now on Trace that the first child node goes to the source and the 2nd goes to the Sink
ciSourceNode = ciSourceNodeWithSink.CallInvocation1[1];
}
// make the previous Sink that Type 4 that doesn't seem to be used (could make it sources but it is cleaner with using this extra trace type for the joins
ciSinkNode.trace_type = (int) TraceType.Type_4;
CallInvocation[] aciCallInvocation;
if (AnalysisUtils.getSink(fJoinAtSink, oadNewO2AssessmentDataOunceV6) ==
AnalysisUtils.getSource(fviJoinAtSource.fFinding, fviJoinAtSource.oadO2AssessmentDataOunceV6))
aciCallInvocation = ciSourceNode.CallInvocation1;
else
aciCallInvocation = new[] {ciSourceNode};
var lciTempNewCallInvocation = new List<CallInvocation>(); // used by the recursive function
ciSinkNode.CallInvocation1 = updateAssessmentRunWithTraceReferences_recursive(
lciTempNewCallInvocation,
aciCallInvocation,
dNewStringIndex,
dNewFileIndex,
fviJoinAtSource.oadO2AssessmentDataOunceV6);
return true;
}
public AssessmentAssessmentFileFinding AddNewFindingFromExistingOne(
AssessmentAssessmentFileFinding fFinding, O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6)
{
AssessmentAssessmentFileFinding fNewFinding = createNewFindingFromExistingOne(fFinding, dNewStringIndex,
dNewFileIndex,
oadO2AssessmentDataOunceV6);
lfNewFindinds.Add(fNewFinding);
//AssessmentAssessmentFile fNewFile = AnalysisSearch.createNewAssessmentFileFromExistingOne(fviJoinAtSink.oadO2AssessmentDataOunceV6.dFindings[fviJoinAtSink.fFinding]);
AssessmentAssessmentFile fNewFile =
createNewAssessmentFileFromExistingOne(oadO2AssessmentDataOunceV6.dFindings[fFinding]);
fNewFile.Finding = new[] {fNewFinding};
oadNewO2AssessmentDataOunceV6.dFindings =
new Dictionary<AssessmentAssessmentFileFinding, AssessmentAssessmentFile>();
oadNewO2AssessmentDataOunceV6.dFindings.Add(fNewFinding, fNewFile);
fLastFindingAdded = fNewFinding;
return fNewFinding;
}
public static AssessmentAssessmentFileFinding createNewFindingFromExistingOne(
AssessmentAssessmentFileFinding fOriginalFinding, Dictionary<String, UInt32> dNewStringIndex,
Dictionary<String, UInt32> dNewFileIndex, O2AssessmentData_OunceV6 fadOriginalO2AssessmentDataOunceV6)
{
if (fOriginalFinding != null && fOriginalFinding.Trace != null)
{
var fFinding = new AssessmentAssessmentFileFinding();
fFinding.actionobject_id = fOriginalFinding.actionobject_id;
fFinding.caller_name = fOriginalFinding.caller_name;
//fFinding.caller_name_id = fOriginalFinding.caller_name_id;
fFinding.caller_name_id = (fOriginalFinding.caller_name_id == null)
? null
: updateNewAssessmentRunWithStringID(
UInt32.Parse(fOriginalFinding.caller_name_id), dNewStringIndex,
fadOriginalO2AssessmentDataOunceV6).ToString();
fFinding.confidence = fOriginalFinding.confidence;
fFinding.context = fOriginalFinding.context;
fFinding.exclude = fOriginalFinding.exclude;
fFinding.line_number = fOriginalFinding.line_number;
fFinding.ordinal = fOriginalFinding.ordinal;
fFinding.project_name = fOriginalFinding.project_name;
fFinding.property_ids = fOriginalFinding.property_ids;
fFinding.record_id = fOriginalFinding.record_id;
fFinding.severity = fOriginalFinding.severity;
fFinding.Text = fOriginalFinding.Text;
fFinding.vuln_name = fOriginalFinding.vuln_name;
fFinding.vuln_name_id = (fOriginalFinding.vuln_name_id == null)
? null
: updateNewAssessmentRunWithStringID(
UInt32.Parse(fOriginalFinding.vuln_name_id), dNewStringIndex,
fadOriginalO2AssessmentDataOunceV6).ToString();
fFinding.vuln_type = fOriginalFinding.vuln_type;
fFinding.vuln_type_id = (fOriginalFinding.vuln_type_id == null)
? null
: updateNewAssessmentRunWithStringID(
UInt32.Parse(fOriginalFinding.vuln_type_id), dNewStringIndex,
fadOriginalO2AssessmentDataOunceV6).ToString();
//fFinding.vuln_name = (fOriginalFinding.vuln_name != null) ? fOriginalFinding.vuln_name : Analysis.getStringIndexValue(UInt32.Parse(fOriginalFinding.vuln_name_id), fadOriginalO2AssessmentDataOunceV6);
//fFinding.vuln_type = (fOriginalFinding.vuln_type != null) ? fOriginalFinding.vuln_type : Analysis.getStringIndexValue(UInt32.Parse(fOriginalFinding.vuln_type_id), fadOriginalO2AssessmentDataOunceV6);
var lciNewCallInvocation = new List<CallInvocation>();
// fOriginalFinding.Trace = updateAssessmentRunWithTraceReferences_recursive(lciNewCallInvocation, fOriginalFinding.Trace, dNewStringIndex, dNewFileIndex, fadOriginalO2AssessmentDataOunceV6);
fFinding.Trace = updateAssessmentRunWithTraceReferences_recursive(lciNewCallInvocation,
fOriginalFinding.Trace,
dNewStringIndex, dNewFileIndex,
fadOriginalO2AssessmentDataOunceV6);
return fFinding;
}
return fOriginalFinding;
}
public void showFindingDetailsInDataGridViewAndTreeView(AssessmentAssessmentFileFinding fSelectedFinding,
String sPathToSourceFile)
{
try
{
FindingsView.showFindingDetailsInDataGridView(dgvFindingData, fSelectedFinding, oadAssessmentData);
/*dgvFindingData.Rows.Clear();
dgvFindingData.Rows.Add("vuln Name", (fSelectedFinding.vuln_name != null) ? fSelectedFinding.vuln_name : Analysis.getStringIndexValue(UInt32.Parse(fSelectedFinding.vuln_name_id), oadAssessmentData));
dgvFindingData.Rows.Add("Vuln Type", (fSelectedFinding.vuln_type != null) ? fSelectedFinding.vuln_type : Analysis.getStringIndexValue(UInt32.Parse(fSelectedFinding.vuln_type_id), oadAssessmentData));
if (fSelectedFinding.context!= null) dgvFindingData.Rows.Add("Context", fSelectedFinding.context.ToString());
dgvFindingData.Rows.Add("Severity", fSelectedFinding.severity.ToString());
dgvFindingData.Rows.Add("Confidence", fSelectedFinding.confidence.ToString());
*/
// dgvFindingData.Rows.Add("Action Object", Lddb.getActionObjectName(fSelectedFinding.actionobject_id.ToString()));
//loadSourceFileIntoList(sPathToSourceFile);
//showFindingInWebBrowser(wbSourceCodeSnippet_Finding, fSelectedFinding.line_number);
showCallInSourceCodeEditor(sPathToSourceFile, fSelectedFinding.line_number);
if (fSelectedFinding.Trace != null)
{
showSmartTraceInTreeView(tvSmartTrace, fSelectedFinding.Trace, fSelectedFinding);
aGLEE.addTreeNodeToComboxWithNodesToPlot(tvSmartTrace.Nodes[0], fSelectedFinding, oadAssessmentData);
// the way the Smart traces are build we want to add the 1st child
}
}
catch (Exception ex)
{
DI.log.error("in showFindingDetailsInDataGridViewAndTreeView :{0}", ex.Message);
}
}
public override bool applyFilterAndPopulateList(AssessmentRun arAssessmentRun,
AssessmentAssessmentFileFinding fFinding,
List<AssessmentAssessmentFileFinding>
lfFindingsThatMatchCriteria,
List<AssessmentAssessmentFile> lafFilteredAssessmentFiles)
{
if (fFinding.Trace != null)
{
if (bChangeFindingData) // if required changed the name of this finding
applyFindingNameFormat(arAssessmentRun, fFinding, ffnFindingNameFormat);
if (bDropDuplicateSmartTraces)
return filterDuplicateFindings(lafFilteredAssessmentFiles, lfFindingsThatMatchCriteria, fFinding,
bIgnoreRootCallInvocation);
else
{
lfFindingsThatMatchCriteria.Add(fFinding);
return true;
}
}
return false;
}
/* public void showFindingInWebBrowser(WebBrowser wbTargetWebBrowser, UInt32 uLineNumber)
{
if (uLineNumber > 0)
{
uLineNumber--;
if (uLineNumber > lsSourceCode.Count)
{
DI.log.error("In showFindingInWebBrowser uLineNumber > lsSourceCode.Count");
return;
}
else
{
lsSourceCode[(int)uLineNumber] = "<font color='red'><b>" + lsSourceCode[(int)uLineNumber] + "</b></font>";
int iNumberOfLinesToShowBefore = 15;
int iNumberOfLinesToShowAfter = 20;
int iNumberOfLinesToShow = iNumberOfLinesToShowBefore + iNumberOfLinesToShowAfter;
String sConvertedSourceCode = "";
int iStartSection = ((int)uLineNumber - iNumberOfLinesToShowBefore > 0) ? (int)uLineNumber - iNumberOfLinesToShowBefore : 0;
int iSectionLength = (lsSourceCode.Count - ((int)uLineNumber + iNumberOfLinesToShow) < 1) ? lsSourceCode.Count - (int)uLineNumber + iNumberOfLinesToShowBefore : iNumberOfLinesToShow;
if (iSectionLength > lsSourceCode.Count - iStartSection)
iSectionLength = lsSourceCode.Count - iStartSection - 1;
for (int i = iStartSection; i < (iStartSection + iSectionLength); i++)
{
int iIndexOfComment = lsSourceCode[i].IndexOf("//");
if (iIndexOfComment != -1)
lsSourceCode[i] = lsSourceCode[i].Substring(0, iIndexOfComment) + "<font color='darkgreen'>" + lsSourceCode[i].Substring(iIndexOfComment) + "</font>";
int iIndexOfDot = lsSourceCode[i].IndexOf('.');
if (iIndexOfDot != -1)
{
int iIndexOfParentis = lsSourceCode[i].Substring(iIndexOfDot).IndexOf('(');
if (iIndexOfParentis != -1)
{
String sToReplace = lsSourceCode[i].Substring(iIndexOfDot, iIndexOfParentis);
lsSourceCode[i] = lsSourceCode[i].Replace(sToReplace, "<b>" + sToReplace + "</b>");
}
}
}
for (int i = iStartSection; i < (iStartSection + iSectionLength); i++)
sConvertedSourceCode += i.ToString() + " : " + lsSourceCode[i].Replace("\t", "  ") + "<br/>";
// apply global formating (this should be done in a complete different way (at least RegEx should be used :) )
sConvertedSourceCode = "<font face='Verdana' size='1'>" + sConvertedSourceCode + "</font>";
sConvertedSourceCode = sConvertedSourceCode.Replace("{", "<font color='gray'>{</font>").Replace("}", "<font color='gray'>}</font>");
sConvertedSourceCode = sConvertedSourceCode.Replace("try", "<font color='darkblue'><b>try</b></font>");
sConvertedSourceCode = sConvertedSourceCode.Replace("catch", "<font color='darkblue'><b>catch</b></font>");
sConvertedSourceCode = sConvertedSourceCode.Replace("public", "<font color='darkblue'><b>public</b></font>");
sConvertedSourceCode = sConvertedSourceCode.Replace("private", "<font color='darkblue'><b>private</b></font>");
wbSourceCodeSnippet_Finding.DocumentText = sConvertedSourceCode;
}
}
else
{
DI.log.error("In showFindingInWebBrowser uLineNumber was <1 ");
wbSourceCodeSnippet_Finding.DocumentText = "";
}
}
*/
public void showSmartTraceInTreeView(TreeView tvTargetTreeView, CallInvocation[] cCallInvocations,
AssessmentAssessmentFileFinding fSelectedFinding)
{
tvTargetTreeView.Nodes.Clear();
//String sNodeText = (fSelectedFinding.caller_name != null) ? fSelectedFinding.caller_name : Analysis.getStringIndexValue(UInt32.Parse(fSelectedFinding.caller_name_id), oadAssessmentData);
String sNodeText = "O2 Trace";
var tnRootNode = new TreeNode(sNodeText);
tnRootNode.Tag = fSelectedFinding;
AnalysisUtils.addCallsToNode_Recursive(cCallInvocations, tnRootNode, oadAssessmentData, stfSmartTraceFilter);
tvTargetTreeView.Nodes.Add(tnRootNode.Nodes[0]);
tvTargetTreeView.ExpandAll();
}
public override bool applyFilterAndPopulateList(AssessmentRun arAssessmentRun,
AssessmentAssessmentFileFinding fFinding,
List<AssessmentAssessmentFileFinding>
lfFindingsThatMatchCriteria,
List<AssessmentAssessmentFile> lafFilteredAssessmentFiles)
{
if (fFinding.Trace != null)
{
int iLostSinkId = AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnSigId(fFinding.Trace,
TraceType.
Lost_Sink);
if (iLostSinkId > 0) // need to figure out what happens when iLostSinkId =0
{
if (false == iLostSinksProcessed.Contains(iLostSinkId))
{
if (bChangeFindingData) // if required changed the name of this finding
applyFindingNameFormat(arAssessmentRun, fFinding, ffnFindingNameFormat);
lfFindingsThatMatchCriteria.Add(fFinding);
iLostSinksProcessed.Add(iLostSinkId);
return true;
}
}
}
return false;
}
public static String getUniqueSignature(AssessmentAssessmentFileFinding fFinding, TraceType ttTraceType,
O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6, bool bShowFullPathForFileName)
{
CallInvocation ciCallInvocation =
AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnCallInvocation(fFinding.Trace, ttTraceType);
if (ciCallInvocation == null)
return null;
String sSourceSignature = OzasmtUtils_OunceV6.getStringIndexValue(ciCallInvocation.sig_id, oadO2AssessmentDataOunceV6);
String sFile = OzasmtUtils_OunceV6.getFileIndexValue(ciCallInvocation.fn_id, oadO2AssessmentDataOunceV6);
String sLineNumber = ciCallInvocation.line_number.ToString();
if (bShowFullPathForFileName)
return String.Format("{0} {1} {2}", sSourceSignature, sFile, sLineNumber);
else
return String.Format("{0} {1} {2}", sSourceSignature, Path.GetFileName(sFile), sLineNumber);
}
private void addFindingToListOfFindingsResults(String sTextToSearch, SearchCriteria scCurrentSearchCriteria,
AssessmentAssessmentFileFinding fFinding,
O2AssessmentData_OunceV6 fadO2AssessmentDataOunceV6)
{
var frFindingResult = new FindingsResult(fadO2AssessmentDataOunceV6);
frFindingResult.sStringThatMatchedCriteria = sTextToSearch;
frFindingResult.fFinding = fFinding;
frFindingResult.fFile = dtfTargetFindings[fFinding];
frFindingResult.scSearchCriteria = scCurrentSearchCriteria;
// so that we can trace back to the criteria that created this Finding Result
lfrFindingsResults.Add(frFindingResult);
}
public FindingViewItem(AssessmentAssessmentFileFinding fFinding, String sText,
AnalysisSearch.FindingsResult frFindingResult, O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6)
{
this.fFinding = fFinding;
this.sText = sText;
this.oadO2AssessmentDataOunceV6 = oadO2AssessmentDataOunceV6;
this.frFindingResult = frFindingResult;
}
public void addTreeNodeToComboxWithNodesToPlot(TreeNode tnTreeNodeToAdd,
AssessmentAssessmentFileFinding fFinding,
O2AssessmentData_OunceV6 fadAssessmentDataOunceV6)
{
try
{
if (false == cbGLEE_MultiNodes.Checked)
tvGLEE_NodesToGraph.Nodes.Clear();
foreach (TreeNode tnTreeNode in tvGLEE_NodesToGraph.Nodes)
if (tnTreeNode.Tag == tnTreeNodeToAdd.Tag)
{
DI.log.debug("Trace was already in list of nodes to graph");
return;
}
//lfFindingsToGraph.Add(fFinding);
tvGLEE_NodesToGraph.Nodes.Add((TreeNode) tnTreeNodeToAdd.Clone());
// loadSmartTraceGraphInGleeViewer(fadO2AssessmentData);
}
catch (Exception ex)
{
DI.log.ex(ex, "in addTreeNodeToComboxWithNodesToPlot");
}
}
public static IO2Finding getO2Finding(AssessmentAssessmentFileFinding finding,
AssessmentAssessmentFile assessmentFile, AssessmentRun assessmentRun)
{
var o2Finding = new O2Finding
{
actionObject = finding.actionobject_id,
columnNumber = finding.column_number,
confidence = finding.confidence,
exclude = finding.exclude,
file = assessmentFile.filename,
lineNumber = finding.line_number,
ordinal = finding.ordinal,
propertyIds = finding.property_ids,
recordId = finding.record_id,
severity = finding.severity,
o2Traces = getO2TraceFromCallInvocation(finding.Trace, assessmentRun),
};
if (finding.cxt_id != null)
o2Finding.context = getStringIndexValue(UInt32.Parse(finding.cxt_id), assessmentRun);
o2Finding.callerName = finding.caller_name;
if (o2Finding.callerName == null && finding.caller_name_id != null)
o2Finding.callerName = getStringIndexValue(UInt32.Parse(finding.caller_name_id), assessmentRun);
o2Finding.projectName = finding.project_name;
if (o2Finding.projectName == null && finding.project_name_id != null)
o2Finding.projectName = getStringIndexValue(UInt32.Parse(finding.project_name_id), assessmentRun);
o2Finding.vulnName = finding.vuln_name;
if (o2Finding.vulnName == null && finding.vuln_name_id != null)
o2Finding.vulnName = getStringIndexValue(UInt32.Parse(finding.vuln_name_id), assessmentRun);
o2Finding.vulnType = finding.vuln_type;
if (o2Finding.vulnType == null && finding.vuln_type_id != null)
o2Finding.vulnType = getStringIndexValue(UInt32.Parse(finding.vuln_type_id), assessmentRun);
if (finding.Text != null)
o2Finding.text = new List<string>(finding.Text);
OzasmtUtils.fixExternalSourceSourceMappingProblem(o2Finding);
return o2Finding;
}
public static void showFindingDetailsInDataGridView(DataGridView dgvDataGridView,
AssessmentAssessmentFileFinding fSelectedFinding,
O2AssessmentData_OunceV6 oadAssessmentDataOunceV6)
{
try
{
dgvDataGridView.Columns.Clear();
O2Forms.addToDataGridView_Column(dgvDataGridView, "Name", 90);
O2Forms.addToDataGridView_Column(dgvDataGridView, "Value", -1);
dgvDataGridView.Rows.Add("vuln Name",
fSelectedFinding.vuln_name ??
OzasmtUtils_OunceV6.getStringIndexValue(UInt32.Parse(fSelectedFinding.vuln_name_id),
oadAssessmentDataOunceV6));
dgvDataGridView.Rows.Add("Vuln Type",
fSelectedFinding.vuln_type ??
OzasmtUtils_OunceV6.getStringIndexValue(UInt32.Parse(fSelectedFinding.vuln_type_id),
oadAssessmentDataOunceV6));
dgvDataGridView.Rows.Add("Caller Name",
fSelectedFinding.caller_name ?? ((fSelectedFinding.caller_name_id != null)
? OzasmtUtils_OunceV6.getStringIndexValue(
UInt32.Parse(fSelectedFinding.caller_name_id),
oadAssessmentDataOunceV6)
: ""));
dgvDataGridView.Rows.Add("Context",
fSelectedFinding.context ?? ((fSelectedFinding.cxt_id != null)
? OzasmtUtils_OunceV6.getStringIndexValue(
UInt32.Parse(fSelectedFinding.cxt_id), oadAssessmentDataOunceV6)
: ""));
dgvDataGridView.Rows.Add("Severity", fSelectedFinding.severity.ToString());
dgvDataGridView.Rows.Add("Confidence", fSelectedFinding.confidence.ToString());
dgvDataGridView.Rows.Add("Action Object Id", fSelectedFinding.actionobject_id.ToString());
dgvDataGridView.Rows.Add("Project",
(fSelectedFinding.project_name != null)
? fSelectedFinding.project_name
: (fSelectedFinding.project_name_id != null)
? OzasmtUtils_OunceV6.getStringIndexValue(
UInt32.Parse(fSelectedFinding.project_name_id),
oadAssessmentDataOunceV6)
: "");
dgvDataGridView.Rows.Add("Column Number", fSelectedFinding.column_number.ToString());
dgvDataGridView.Rows.Add("Line Number", fSelectedFinding.line_number.ToString());
dgvDataGridView.Rows.Add("Ordinal", fSelectedFinding.ordinal.ToString());
dgvDataGridView.Rows.Add("Exclude", fSelectedFinding.exclude.ToString());
dgvDataGridView.Rows.Add("Property IDs", fSelectedFinding.property_ids);
dgvDataGridView.Rows.Add("Record ID", fSelectedFinding.record_id.ToString());
if (fSelectedFinding.Text != null)
{
var sbText = new StringBuilder();
foreach (String sLine in fSelectedFinding.Text)
sbText.AppendLine(sLine);
dgvDataGridView.Rows.Add("Text", sbText.ToString());
}
if (fSelectedFinding.Trace != null)
dgvDataGridView.Rows.Add("Trace", "Yes");
else
dgvDataGridView.Rows.Add("Trace", "No");
// dgvFindingData.Rows.Add("Action Object", Lddb.getActionObjectName(fSelectedFinding.actionobject_id.ToString()));
}
catch (Exception ex)
{
DI.log.error("in showFindingDetailsInDataGridView :{0}", ex.Message);
}
}
public static void addFindingAsGlueTrace(O2TraceBlock_OunceV6 otbO2TraceBlockOunceV6WithTracesToGlue,
AssessmentAssessmentFileFinding fFinding,
O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6, TreeView tvRawData,
bool bAddGluedTracesAsRealTraces)
{
String sUniqueSignature = analyzer.getUniqueSignature(fFinding, TraceType.Known_Sink,
oadO2AssessmentDataOunceV6, true);
var otbO2TraceBlockWithTracesToReceiveTraces = (O2TraceBlock_OunceV6) tvRawData.Nodes[sUniqueSignature].Tag;
foreach (AssessmentAssessmentFileFinding fFindingToGlue in otbO2TraceBlockOunceV6WithTracesToGlue.dSinks.Keys)
{
if (false == otbO2TraceBlockWithTracesToReceiveTraces.dGluedSinks.ContainsKey(fFindingToGlue))
otbO2TraceBlockWithTracesToReceiveTraces.dGluedSinks.Add(fFindingToGlue,
otbO2TraceBlockOunceV6WithTracesToGlue.dSinks[
fFindingToGlue]);
if (bAddGluedTracesAsRealTraces) // so that the traces show in the Raw View list
if (false == otbO2TraceBlockWithTracesToReceiveTraces.dSinks.ContainsKey(fFindingToGlue))
otbO2TraceBlockWithTracesToReceiveTraces.dSinks.Add(fFindingToGlue,
otbO2TraceBlockOunceV6WithTracesToGlue.dSinks[
fFindingToGlue]);
}
}
public void loadDetailsForFindingObject(AssessmentAssessmentFileFinding fFinding)
{
if (bExpandingFindingsTreeview == false)
// only load details if we are not during the process of expanding the Findings treeview
{
if (oadAssessmentData.dFindings.ContainsKey(fFinding))
{
String sPathToAssessmentFile = oadAssessmentData.dFindings[fFinding].filename;
showFindingDetailsInDataGridViewAndTreeView(fFinding, sPathToAssessmentFile);
// MySqlEvents.raiseEvent_ShowCustomRulesDetails_MethodSignature(fFinding.actionobject_id.ToString());
}
}
}
//public void addNodeToGraph(TreeNode tnNodeToAdd)
public void addNodeToGraph(TreeNode tnNodeToAdd, AssessmentAssessmentFileFinding fFinding)
{
//lfFindingsToGraph.Add(fFinding);
tvGLEE_NodesToGraph.Nodes.Add(tnNodeToAdd);
}
public bool findTextInSmartTrace_Recursive(CallInvocation[] cCallInvocations,
SearchCriteria scSearchCriteria, List<CallInvocation> lciMatches,
AssessmentAssessmentFileFinding fFinding,
O2AssessmentData_OunceV6 fadO2AssessmentDataOunceV6)
{
if (cCallInvocations == null)
return false;
foreach (CallInvocation ciCallInvocation in cCallInvocations)
{
// execute searches
String sTextToSearch = "";
switch (scSearchCriteria.stSearchType)
{
case SearchType.Trace_Text:
sTextToSearch = OzasmtUtils_OunceV6.getStringIndexValue(ciCallInvocation.sig_id, fadO2AssessmentDataOunceV6);
break;
case SearchType.Trace_Context:
sTextToSearch = OzasmtUtils_OunceV6.getStringIndexValue(ciCallInvocation.cxt_id, fadO2AssessmentDataOunceV6);
break;
case SearchType.Trace_SourceCode:
if (ciCallInvocation.line_number > 0)
sTextToSearch = OzasmtUtils_OunceV6.getLineFromSourceCode(ciCallInvocation, fadO2AssessmentDataOunceV6);
break;
}
if (scSearchCriteria.bNegativeSearch)
{
if (RegEx.execRegExOnText_hasMatches(scSearchCriteria.reRegex, sTextToSearch))
// if we have a match remove this trace
return true;
}
else if (sTextToSearch != "")
{
searchInStringAndAddFindingResult(sTextToSearch, scSearchCriteria, fFinding, fadO2AssessmentDataOunceV6);
// // stop searching when we have a match
}
// transverse the other call
if (null != ciCallInvocation.CallInvocation1)
if (findTextInSmartTrace_Recursive(ciCallInvocation.CallInvocation1, scSearchCriteria,
lciMatches, fFinding, fadO2AssessmentDataOunceV6))
return true;
}
return false;
}