private void addBreakpointsToAllMethodsInModule(string moduleToProcess, bool verbose)
{
DI.log.debug("Adding {0} breakpoints", methodsInModule.Count);
O2Thread.mtaThread(() =>
{
var numberOfBreakpointsAdded = 0;
var breakpointOffset = 0;
var timer = new O2Timer("Breakpoint added in").start();
MDbgModule module = DI.o2MDbg.sessionData.getModule(moduleToProcess);
if (module != null)
foreach (Type typeInModule in module.Importer.DefinedTypes)
// no point in adding interfaces or abstract types since they will not be bound (double check on abstract!!)
//if (false == typeInModule.IsInterface && false == typeInModule.IsAbstract) // these are not implemented in the original MDbg :(
foreach (MethodInfo methodInType in typeInModule.GetMethods())
{
DI.o2MDbg.BreakPoints.add(moduleToProcess, typeInModule.FullName,
methodInType.Name, breakpointOffset,
verbose);
if (numberOfBreakpointsAdded++%500 == 0)
DI.log.info(
" update: {0} breakpoints added so far of a max of {1}",
numberOfBreakpointsAdded, methodsInModule.Count);
}
timer.stop();
DI.log.info("There where {0} breakpoints added of a max of {1}", numberOfBreakpointsAdded, methodsInModule.Count);
});
}
public static IEnumerable<string> getUniqueSortedListOfStrings(IEnumerable<string> stringsToFilter, ref int numberOfUniqueStrings)
{
var timer = new O2Timer("O2Linq calculated list of unique strings from " + stringsToFilter.Count() + " strings").start();
var uniqueList = (from string signature in stringsToFilter orderby signature select signature).Distinct();
numberOfUniqueStrings = uniqueList.Count();
timer.stop();
DI.log.info("There are {0} unique signatures", uniqueList.Count());
return uniqueList;
}
public void createUniqueListOfSignatures_forFile(string ozamstFileToTest)
{
DI.log.debug("\n\ntesting file: {0}", ozamstFileToTest);
var timer = new O2Timer("Unique Signatures calculated").start();
var o2Findings = new O2AssessmentLoad_OunceV6().loadFile(ozamstFileToTest).o2Findings;
var uniqueSignatures = RulesAndFindingsUtils.getListOfUniqueSignatures(o2Findings);
Assert.That(uniqueSignatures.Count > 0, "uniqueSignatures ==0");
DI.log.info("Unique Signatures calculated = {0}", uniqueSignatures.Count);
timer.stop();
}
public bool importFile(string fileToLoad, IO2Assessment o2Assessment)
{
try
{
if (canLoadFile(fileToLoad))
{
//o2Assessment.lastOzasmtImportWasItSucessfull = false;
//o2Assessment.lastOzasmtImportFile = fileToLoad;
//o2Assessment.lastOzasmtImportFileSize = Files.getFileSize(fileToLoad);
//DateTime startImportTime = DateTime.Now;
var timer = new O2Timer("Loaded assessment " + fileToLoad + " ").start();
AssessmentRun assessmentRunToImport = OzasmtUtils_OunceV6.LoadAssessmentRun(fileToLoad);
timer.stop();
/* assessmentRun.AssessmentConfig = assessmentRunToImport.AssessmentConfig;
assessmentRun.AssessmentStats = assessmentRunToImport.AssessmentStats;
assessmentRun.Messages = assessmentRunToImport.Messages;
assessmentRun.name = assessmentRunToImport.name ?? OzasmtUtils_OunceV6.calculateAssessmentNameFromScans(assessmentRunToImport);*/
o2Assessment.name = assessmentRunToImport.name ??
OzasmtUtils_OunceV6.calculateAssessmentNameFromScans(assessmentRunToImport);
// I don't think I need this since the O2Finding objects have the full strings
// map top level objects
/*
assessmentRun.FileIndeces = assessmentRunToImport.FileIndeces;
assessmentRun.StringIndeces = assessmentRunToImport.StringIndeces;*/
// import findings
if (null != assessmentRunToImport.Assessment.Assessment)
foreach (Assessment assessment in assessmentRunToImport.Assessment.Assessment)
if (null != assessment.AssessmentFile)
foreach (AssessmentAssessmentFile assessmentFile in assessment.AssessmentFile)
if (assessmentFile.Finding != null)
foreach (AssessmentAssessmentFileFinding finding in assessmentFile.Finding)
o2Assessment.o2Findings.Add(OzasmtUtils_OunceV6.getO2Finding(finding,
assessmentFile,
assessmentRunToImport));
// if we made it this far all went ok;
//o2Assessment.lastOzasmtImportTimeSpan = DateTime.Now - startImportTime;
//o2Assessment.lastOzasmtImportWasItSucessfull = true;
return true;
}
}
catch
(Exception ex)
{
"in importAssessmentRun: {0}".error(ex.Message);
}
return false;
}
public static Dictionary<String, XmlNode> getAllBeans_RecursiveSearch(String sWebRoot)
{
if (bLoadFromO2VarsIfAvailable && vars.get(sO2VarToHoldBeansDictionary) != null)
if (((Dictionary<String, XmlNode>) vars.get(sO2VarToHoldBeansDictionary)).Count > 0)
return (Dictionary<String, XmlNode>) vars.get(sO2VarToHoldBeansDictionary);
O2Timer tTimer = new O2Timer("Loading all beans from web root").start();
var dBeans = new Dictionary<String, XmlNode>();
var lsXmlFilesInWebRoot = new List<String>();
Files.getListOfAllFilesFromDirectory(lsXmlFilesInWebRoot, sWebRoot, true, "*.xml", false);
DI.log.info("{0} xml files found", lsXmlFilesInWebRoot.Count);
int iFilesProcessed = 0;
foreach (var sXmlFile in lsXmlFilesInWebRoot)
{
try
{
if (Path.GetExtension(sXmlFile).ToLower() == ".xml")
{
DI.log.info("({0}/{1} Processing xml file: {2}", (iFilesProcessed++), lsXmlFilesInWebRoot.Count,
sXmlFile);
var xdXmlDocument = new XmlDocument();
String sXmlFileContents = Files.getFileContents(sXmlFile);
sXmlFileContents = sXmlFileContents.Replace("<!DOCTYPE", "<!--");
sXmlFileContents = sXmlFileContents.Replace(".dtd\">", "-->");
xdXmlDocument.LoadXml(sXmlFileContents);
xdXmlDocument.XmlResolver = null;
XmlNodeList xnlBeans = xdXmlDocument.GetElementsByTagName("bean");
foreach (XmlNode xnNode in xnlBeans)
if (xnNode.Attributes["id"] != null)
{
// first add by id
if (!dBeans.ContainsKey(xnNode.Attributes["id"].Value))
dBeans.Add(xnNode.Attributes["id"].Value, xnNode);
}
else if (xnNode.Attributes["name"] != null) // then add by name
if (!dBeans.ContainsKey(xnNode.Attributes["name"].Value))
dBeans.Add(xnNode.Attributes["name"].Value, xnNode);
}
}
catch (Exception ex)
{
DI.log.ex(ex, "in getAllBeans_RecursiveSearch (inside foreach (var sXmlFile in lsXmlFilesInWebRoot)");
throw;
}
}
vars.set_(sO2VarToHoldBeansDictionary, dBeans);
DI.log.info("{0} beans loaded", dBeans.Count);
tTimer.stop();
return dBeans;
}
public static void backupGac(string zipFileToSaveGacContents)
{
O2Thread.mtaThread(
() =>
{
PublicDI.log.info("Started unzip process of Gac Folder");
var timer = new O2Timer("Gac Backup").start();
new zipUtils().zipFolder(DI.PathToGac, zipFileToSaveGacContents);
var logMessage = String.Format("Contents of \n\n\t{0}\n\n saved to \n\n\t{1}\n\n ", DI.PathToGac, zipFileToSaveGacContents);
timer.stop();
PublicDI.log.info(logMessage);
//PublicDI.log.showMessageBox(logMessage);
});
}
public static IO2Assessment getO2Assessment(string ozasmtFile)
{
var loadEngine = getLoadEngineForFile(ozasmtFile);
if (loadEngine != null)
{
O2Cmd.log.write("\n[engine {0}]: loading and converting file: {1}", loadEngine.engineName, ozasmtFile);
var timer = new O2Timer("File Loaded").start();
var o2Assessment = loadEngine.loadFile(ozasmtFile);
timer.stop();
O2Cmd.log.write("[engine {0}]: There are {1} Findings in the loaded file\n", loadEngine.engineName, o2Assessment.o2Findings.Count);
return o2Assessment;
}
return null;
}
public static void mapInRulePack_FindingsSourcesAndSinks(O2RulePack o2RulePack, Dictionary<string, List<IO2Rule>> indexedO2Rules, List<IO2Finding> o2Findings, string languageDBId)
{
var timer = new O2Timer("mapInRulePack_FindingsSourcesAndSinks").start();
foreach (O2Finding o2Finding in o2Findings)
updateO2RulePackWithFindingsTraceTypes(o2RulePack, indexedO2Rules, o2Finding.o2Traces, languageDBId,
O2RuleType.Source);
/*updateSourceOrSinkRule(o2RulePack,indexedO2Rules, o2Finding.Source, languageDBId, O2RuleType.Source);
updateSourceOrSinkRule(o2RulePack,indexedO2Rules, o2Finding.KnownSink, languageDBId, O2RuleType.Sink);
updateSourceOrSinkRule(o2RulePack, indexedO2Rules, o2Finding.LostSink, languageDBId, O2RuleType.LostSink); */
timer.stop();
}
public void calculateRulePack_forFile(string ozamstFileToTest, O2RulePack o2RulePackToUse)
{
DI.log.debug("\n\ntesting file: {0}", ozamstFileToTest);
var timer = new O2Timer("Calculate Rule Pack ").start();
// load assesment file and get unique signatures
var o2Findings = new O2AssessmentLoad_OunceV6().loadFile(ozamstFileToTest).o2Findings;
var uniqueSignatures = RulesAndFindingsUtils.getListOfUniqueSignatures(o2Findings);
Assert.That(uniqueSignatures.Count > 0, "uniqueSignatures ==0");
// calculate rulepack for this assessment
var o2RulePackForOzasmt = RulesAndFindingsUtils.createRulePackWithSignatures(o2RulePackToUse, uniqueSignatures,
Path.GetFileName(ozamstFileToTest), true, testLanguageDBId);
Assert.That(o2RulePackForOzasmt.o2Rules.Count > 0, "There were no rules in created o2RulePackForOzasmt");
timer.stop();
}
public void executeSearchAndLoadResults(List<Regex> searchRegExes)
{
this.invokeOnThread(() => lbSearchResultsStats.Text = "Executing search");
// execute search
var timer = new O2Timer("Search execution").start();
var tsrSearchResults = executeSearch(searchRegExes);
timer.stop();
this.invokeOnThread(
() => lbSearchResultsStats.Text =
String.Format("{0} and returned {1} matches", timer.TimeSpanString, tsrSearchResults.Count));
// show Results
showResults(tsrSearchResults);
}
public static object runQuery(string queryText, Hashtable sources)
{
try
{
O2Timer o2Timer = new O2Timer("Executed Link Query (" + queryText + ") in: ").start();
object results = runQueryInternal(queryText, sources);
o2Timer.stop();
return results;
}
catch (Exception ex)
{
DI.log.ex(ex, "in O2NLinkQuery.runQuery");
return null;
}
}
public static string createO2AssessmentWithCallFlowTraces(ICirDataAnalysis cirDataAnalysis)
{
DI.log.info("Creating O2Assessment With Call Flow Traces");
var timer = new O2Timer("Created list of finding").start();
var cirFunctionsToProcess = cirDataAnalysis.dCirFunction_bySignature.Values;
var o2Findings = createO2FindingsFromCirFunctions(cirFunctionsToProcess);
timer.stop();
timer = new O2Timer("Saved Assessment").start();
var o2Assessment = new O2Assessment();
o2Assessment.o2Findings = o2Findings;
var savedFile = o2Assessment.save(new O2AssessmentSave_OunceV6());
DI.log.info("Saved O2Asssessment file created: {0}", savedFile);
timer.stop();
return savedFile;
}
public static O2AssessmentData_OunceV6 loadAssessmentRunFileAndAddItToList(String sPathToFile)
{
var bDropDuplicateSmartTraces = true;
var bIgnoreRootCallInvocation = true;
var ffFindingFilter = Analysis.FindingFilter.AllFindings;
O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6 = null;
O2Timer tTimer = new O2Timer("Loaded SavedAssessmentFile").start();
Analysis.loadAssessmentFile(sPathToFile, false, ref oadO2AssessmentDataOunceV6);
// Calculate Xrefs into fadAssessmentData
Analysis.populateDictionariesWithXrefsToLoadedAssessment(ffFindingFilter, bDropDuplicateSmartTraces,
bIgnoreRootCallInvocation, oadO2AssessmentDataOunceV6);
tTimer.stop();
return oadO2AssessmentDataOunceV6;
}
public bool loadOzastFilesUsingEngine(IO2AssessmentLoad o2LoadEngineToUse, string fileToLoad, bool expectLoadFail)
{
DI.log.info("Loading file {0} using engine {1}",Path.GetFileName(fileToLoad), o2LoadEngineToUse.engineName);
var timer = new O2Timer("File loaded").start();
var o2Assessment = o2LoadEngineToUse.loadFile(fileToLoad);
if (expectLoadFail)
Assert.That(o2Assessment == null ,"on this file for this engine the, o2Assessment was expected to be null");
else
{
Assert.That(o2Assessment != null, "o2Assessment was null");
Assert.That(o2Assessment.o2Findings.Count > 0, "o2Assessment.o2Findings.Count == 0");
DI.log.info("There were {0} findings in file loaded: {0}", o2Assessment.o2Findings.Count);
}
timer.stop();
return true;
}
private static void fixFunctionsCalledXRefs(ICirData cirData)
{
if (cirData != null && cirData.dFunctions_bySignature != null)
{
var timer = new O2Timer("fixFunctionsCalledXRefs").start();
foreach (CirFunction cirFunction in cirData.dFunctions_bySignature.Values)
{
if (cirFunction.FunctionName == null)
{
var filteredSignature = new FilteredSignature(cirFunction.FunctionSignature);
cirFunction.FunctionName = filteredSignature.sFunctionName;
cirFunction.FunctionNameAndParameters = filteredSignature.sFunctionNameAndParams;
cirFunction.ClassNameFunctionNameAndParameters = filteredSignature.sFunctionClass + "." +
filteredSignature.sFunctionNameAndParams;
}
}
timer.stop();
}
}
public string ProcessRequest(string page)
{
O2Gui.open<System.Windows.Forms.Panel>("Util - LogViewer", 400,140).add_LogViewer();
"Current Directory: {0}".info(Environment.CurrentDirectory);
var o2Timer = new O2Timer("ProcessRequest for file: {0}".info(page)).start();
Page = page ?? Page;
var stringWriter = new StringWriter();
simpleWorkerRequest = new SimpleWorkerRequest(Page, string.Empty, stringWriter);
//openScript();
//"Good Morning".execute_InScriptEditor_InSeparateAppDomain();
"processing request for: {0}".info(Page);
HttpRuntime.ProcessRequest(simpleWorkerRequest);
var Html = stringWriter.str();
o2Timer.stop();
return Html;
}
public static void populateGuidanceItemsFileMappings()
{
var o2Timer = new O2Timer("populateGuidanceExplorersFileMappings").start();
foreach(var filePath in TM_Xml_Database.Path_XmlLibraries.files(true, "*.xml"))
{
var fileId = filePath.fileName().remove(".xml");
if (fileId.isGuid())
{
//"[populateGuidanceItemsFileMappings] loading GuidanceItem ID {0}".info(fileId);
var guid = fileId.guid();
if (TM_Xml_Database.GuidanceItems_FileMappings.hasKey(guid))
{
"[populateGuidanceItemsFileMappings] duplicate GuidanceItem ID found {0}".error(guid);
}
else
TM_Xml_Database.GuidanceItems_FileMappings.Add(guid, filePath);
}
}
o2Timer.stop();
"There are {0} files mapped in GuidanceItems_FileMappings".info(TM_Xml_Database.GuidanceItems_FileMappings.size());
}
public static List<TeamMentor_Article> xmlDB_Load_GuidanceItemsV3(this TM_Xml_Database tmDatabase, Guid libraryId, List<string> guidanceItemsFullPaths)
{
var o2Timer = new O2Timer("xmlDB_GuidanceItems").start();
var itemsLoaded = 0;
//var maxToLoad = 1000;
var guidanceItems = new List<TeamMentor_Article>();
foreach(var fullPath in guidanceItemsFullPaths)
{
var guidanceItemId = fullPath.fileName().remove(".xml");
if (guidanceItemId.isGuid())
{
var guidanceItem = tmDatabase.xmlDB_GuidanceItem(guidanceItemId.guid(),fullPath);
if (guidanceItem.notNull())
{
guidanceItems.add(guidanceItem);
guidanceItem.Metadata.Library_Id = libraryId;
}
//if (maxToload-- < 1)
// break;
if (itemsLoaded++ % 200 == 0)
"loaded {0} items".info(itemsLoaded);
}
//if (itemsLoaded > maxToLoad)
// break;
}
o2Timer.stop();
return guidanceItems;
}
public static TM_Xml_Database xmlDB_Load_GuidanceItems(this TM_Xml_Database tmDatabase)
{
var pathXmlLibraries = TM_Xml_Database.Current.Path_XmlLibraries;
if (pathXmlLibraries.notNull() && pathXmlLibraries.notNull())
lock (pathXmlLibraries)
{
if (tmDatabase.getCacheLocation().fileExists().isFalse())
{
"[TM_Xml_Database] in xmlDB_Load_GuidanceItems, cache file didn't exist, so creating it".debug();
var o2Timer = new O2Timer("loaded GuidanceItems from disk").start();
//Load GuidanceItem from the disk
foreach (var guidanceExplorer in tmDatabase.xmlDB_GuidanceExplorers())
{
var libraryId = guidanceExplorer.library.name.guid();
var pathToLibraryGuidanceItems = pathXmlLibraries.pathCombine(guidanceExplorer.library.caption);
"libraryId: {0} : {1}".info(libraryId, pathToLibraryGuidanceItems);
var filesToLoad = pathToLibraryGuidanceItems.files(true, "*.xml");
tmDatabase.xmlDB_Load_GuidanceItemsV3(libraryId, filesToLoad);
}
//save it to the local cache file (reduces load time from 8s to 0.5s)
tmDatabase.save_GuidanceItemsToCache();
o2Timer.stop();
tmDatabase.ensureFoldersAndViewsIdsAreUnique();
tmDatabase.removeMissingGuidanceItemsIdsFromViews();
}
}
return tmDatabase;
}
public static IIS_Log_File logFile_Convert(this string file)
{
var o2Timer = new O2Timer("created IIS_Log_File object from file: {0}".format(file)).start();
var logFile = new IIS_Log_File();
logFile.File = file;
logFile.convertData();
o2Timer.stop();
return logFile;
}
public void createHost()
{
//if (WebServerHost.isNull())
{
var o2Timer = new O2Timer("Creating WebServer host").start();
WebServerHost = (WebServerHost)ApplicationHost.CreateApplicationHost(typeof(WebServerHost), "/", WebRootDir);
//WebServerHost = ApplicationHost.CreateApplicationHost(typeof(WebServerHost), "/", WebRootDir);
o2Timer.stop();
}
}
public FVDL loadFvdl_Raw(string fvdlFile)
{
"Loading fvdl file: {0}".info(fvdlFile);
try
{
var chachedFvdl = (FVDL)O2LiveObjects.get(fvdlFile);
if (chachedFvdl.notNull())
return chachedFvdl;
}
catch { }
var o2Timer = new O2Timer("loading {0} file".format(fvdlFile.fileName())).start();
var _fvdl = FVDL.Load(fvdlFile);
O2LiveObjects.set(fvdlFile,_fvdl);
o2Timer.stop();
return _fvdl;
}
public static string saveGuidanceItemsToCache(this string pathXmlLibraries)
{
var cacheFile = pathXmlLibraries.getCacheLocation();
var o2Timer = new O2Timer("saveGuidanceItemsToCache").start();
lock(TM_Xml_Database.Cached_GuidanceItems)
{
TM_Xml_Database.Cached_GuidanceItems.Values.toList().saveAs(cacheFile);
}
o2Timer.stop();
return pathXmlLibraries;
}
private void processFiles_(List<String> lsFilesToProcess, TreeView tvTargetTreeView)
{
O2Timer tO2Timer = new O2Timer("Processing files").start();
fcdCirData.init();
CirLoad.loadCirDumpXmlFiles_andPopulateDictionariesWithXrefs(lsFilesToProcess, fcdCirData,
false /*bVerbose*/);
showO2CirDataInTreeViewAndListBox(fcdCirData, tvTargetTreeView, lbO2CirData_Functions);
tO2Timer.stop();
}
public void processFile(String sPathToFileToProcess, TreeView tvTargetTreeView)
{
O2Timer tO2TimerLoadingCallTracesInTreeView = new O2Timer("Loaded Cir Dump data ").start();
CommonIRDump cidCommonIrDump =
CirLoad.loadCirDumpXmlFile_justReturnCommonIRDump(sPathToFileToProcess,
true);
tvTargetTreeView.Tag = cidCommonIrDump;
if (rb_ClearO2CirDataObjectOnLoad.Checked)
fcdCirData.init();
// calculate Xref objects
fcdCirData.bVerbose = true;
CirDataUtils.populateDictionariesWithXrefs(cidCommonIrDump, fcdCirData);
showO2CirDataInTreeViewAndListBox(fcdCirData, tvTargetTreeView, lbO2CirData_Functions);
tO2TimerLoadingCallTracesInTreeView.stop();
}
private void step3()
{
btCreateTraces.Enabled = false;
DI.log.debug("Creating Traces");
O2Timer tTimer = new O2Timer("Creating Traces").start();
string textFilter = "";
//TreeView _tvRawData = tvRawData;
ICirData _cdCirData = cdCirData;
Dictionary<String, O2TraceBlock_OunceV6> _dO2TraceBlock = dO2TraceBlock;
Dictionary<string, O2TraceBlock_OunceV6> dRawData = JoinTracesUtils.calculateDictionaryWithRawData(tvRawData);
const bool bOnlyProcessTracesWithNoCallers = false;
string targetFolder = DI.config.O2TempDir;
string fileNamePrefix = Path.GetFileNameWithoutExtension(lbCirFileLoaded.Text);
const bool bCreateFileWithAllTraces = true;
const bool bCreateFileWithUniqueTraces = false;
const bool bDropDuplicateSmartTraces = false;
const bool bIgnoreRootCallInvocation = false;
JoinTracesUtils.createAssessessmentFileWithJoinnedTraces(
textFilter, dRawData, _cdCirData, _dO2TraceBlock,
bOnlyProcessTracesWithNoCallers, targetFolder, fileNamePrefix, bCreateFileWithAllTraces,
bCreateFileWithUniqueTraces, bDropDuplicateSmartTraces, bIgnoreRootCallInvocation, null,
sAssessmentFile =>
{
this.invokeOnThread(
() =>
{
lbCreatedAssessmentFile.Text = sAssessmentFile;
lbCreatedAssessmentFile.Visible = true;
btCreateTraces.Enabled = true;
});
tTimer.stop();
if (sAssessmentFile != "")
findingsViewerfor_JoinnedTraces.loadO2Assessment(sAssessmentFile);
return sAssessmentFile;
});
}
public static void addSuportForDynamicMethodsOnSinks(TreeView tvRawData, ICirData cdCirData,
bool bAddGluedTracesAsRealTraces)
{
O2Timer tTimer = new O2Timer("Adding Support for Dynamic Methods on Sinks").start();
// first get a unique list of Sink Traces
Dictionary<AssessmentAssessmentFileFinding, O2AssessmentData_OunceV6> dAllSinkFindings =
analyzer.getUniqueListOfSinks(tvRawData);
//List<String> lsMatches = new List<string>();
foreach (AssessmentAssessmentFileFinding fFinding in dAllSinkFindings.Keys)
{
CallInvocation ciSink =
AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnCallInvocation(fFinding.Trace,
TraceType.
Known_Sink);
if (ciSink != null)
{
String sContext = OzasmtUtils_OunceV6.getStringIndexValue(ciSink.cxt_id, dAllSinkFindings[fFinding]);
// var fsFilteredSignature = new FilteredSignature(sContext);
if (sContext.IndexOf("java.lang.Object.getClass()") > -1 && sContext.IndexOf("new") > -1 &&
sContext.IndexOf("$") > -1)
{
// we have a match lets get the class out
String sClass = sContext.Substring(sContext.IndexOf("new") + 4);
sClass = sClass.Substring(0, sClass.IndexOf(' '));
// Find traces that match the found class and add them as GluedSinks
foreach (TreeNode tnMatchNode in tvRawData.Nodes)
if (tnMatchNode.Text.IndexOf(sClass) > -1)
{
addFindingAsGlueTrace((O2TraceBlock_OunceV6) tnMatchNode.Tag, fFinding,
dAllSinkFindings[fFinding], tvRawData,
bAddGluedTracesAsRealTraces);
}
}
}
}
tTimer.stop();
}
public static void mapInterfaces(TreeView tvRawData, ICirData cdCirData, String sHardCodedInterfaceKeywork,
bool bAddGluedTracesAsRealTraces)
{
DI.log.debug("Mapping Interfaces");
O2Timer tTimer = new O2Timer("Interfaces mapping completed").start();
// Int32 iItemsProcessed = 0;
Dictionary<AssessmentAssessmentFileFinding, O2AssessmentData_OunceV6> dAllSinkFindings =
analyzer.getUniqueListOfSinks(tvRawData);
foreach (AssessmentAssessmentFileFinding fFinding in dAllSinkFindings.Keys)
{
String sSink = AnalysisUtils.getSink(fFinding, dAllSinkFindings[fFinding]);
if (sSink != "" && sSink.IndexOf(sHardCodedInterfaceKeywork) > -1)
{
if (false == cdCirData.dFunctions_bySignature.ContainsKey(sSink))
DI.log.error("in mapInterfaces, could not find signature in loaded CirData file: {0}",
sSink);
else
{
ICirFunction cfCirFunction = cdCirData.dFunctions_bySignature[sSink];
ICirClass ccCirClass = cfCirFunction.ParentClass;
foreach (ICirClass ccIsSuperClassedBy in ccCirClass.dIsSuperClassedBy.Values)
{
String sMappedMethodName = cfCirFunction.FunctionSignature.Replace(ccCirClass.Signature,
ccIsSuperClassedBy.
Signature);
List<O2TraceBlock_OunceV6> lotdMatches =
analyzer.getO2TraceBlocksThatMatchSignature(sMappedMethodName, tvRawData);
foreach (O2TraceBlock_OunceV6 otbO2TraceBlockWithTracesToGlue in lotdMatches)
{
addFindingAsGlueTrace(otbO2TraceBlockWithTracesToGlue, fFinding,
dAllSinkFindings[fFinding], tvRawData,
bAddGluedTracesAsRealTraces);
}
}
}
}
}
tTimer.stop();
}
public static void findSpringAttributes(TreeView tvRawData)
{
String sFunctionSignature = "ModelMap.addAttribute";
O2Timer tTimer = new O2Timer("Resolving attribute based function: {0} ").start();
Dictionary<AssessmentAssessmentFileFinding, O2AssessmentData_OunceV6> dMatches =
analyzer.getSinksFindingsThatMatchRegEx(tvRawData, sFunctionSignature);
foreach (AssessmentAssessmentFileFinding fFinding in dMatches.Keys)
{
// resolve addAddtibute name
String sSinkContext = AnalysisUtils.getSinkContext(fFinding, dMatches[fFinding]);
var fsFilteredSignature = new FilteredSignature(sSinkContext);
String sParameters = fsFilteredSignature.sParameters.Replace("\"", "");
String sSpringParameter = sParameters.Substring(0, sParameters.IndexOf(',')).Trim();
// create a unique name for it:
String sSink = AnalysisUtils.getSink(fFinding, dMatches[fFinding]);
String sSinkWithAttributeName = sSink.Replace("(", "_" + sSpringParameter + "(");
// make sure we have not added this already
if (sSink.IndexOf(sSpringParameter) == -1)
{
// String sSinkWithAttributeName = sSink.Replace("(", "_" + sSpringParameter + "(");
// String sSinkWithAttributeName = sSpringParameter;
String sUniqueSignature = analyzer.getUniqueSignature(fFinding, TraceType.Known_Sink,
dMatches[fFinding], true);
var otbO2TraceBlockOfThisFinding = (O2TraceBlock_OunceV6) tvRawData.Nodes[sUniqueSignature].Tag;
CallInvocation ciCallInvocation =
AnalysisSearch.findTraceTypeInSmartTrace_Recursive_returnCallInvocation(
fFinding.Trace, TraceType.Known_Sink);
UInt32 uNewId = OzasmtUtils_OunceV6.addTextToStringIndexes(sSinkWithAttributeName,
dMatches[fFinding].arAssessmentRun);
;
ciCallInvocation.sig_id = uNewId;
DI.log.debug(" Found spring attribute '{0}' on sinks and modified to {1}", sSpringParameter,
sSinkWithAttributeName);
//o2.analysis.Analysis.getSink(fFinding, dMatches[fFinding]));
otbO2TraceBlockOfThisFinding.sSignature = sSinkWithAttributeName;
otbO2TraceBlockOfThisFinding.sUniqueName = analyzer.getUniqueSignature(fFinding,
TraceType.
Known_Sink,
dMatches[fFinding], true);
List<O2TraceBlock_OunceV6> lotbO2TraceBlockWithVelocityMappings =
analyzer.getO2TraceBlocksThatMatchSignature(sSinkWithAttributeName, tvRawData);
/* String sVelocityMapping = String.Format("{0} 0", sSinkWithAttributeName);
TreeNode tnVelocityNode = tvRawData.Nodes[sVelocityMapping];
if (tnVelocityNode != null)
*/
foreach (
O2TraceBlock_OunceV6 otbO2TraceBlockWithVelocityMappings in lotbO2TraceBlockWithVelocityMappings)
{
if (otbO2TraceBlockWithVelocityMappings.sFile.IndexOf(".vm") > -1)
//O2TraceBlock_OunceV6 otbO2TraceBlockWithVelocityMappings = (O2TraceBlock_OunceV6)tnVelocityNode.Tag;
foreach (
AssessmentAssessmentFileFinding fVelocityFinding in
otbO2TraceBlockWithVelocityMappings.dSinks.Keys)
{
if (false == otbO2TraceBlockOfThisFinding.dGluedSinks.ContainsKey(fVelocityFinding))
otbO2TraceBlockOfThisFinding.dGluedSinks.Add(fVelocityFinding,
otbO2TraceBlockWithVelocityMappings
.dSinks[fVelocityFinding]);
if (false == otbO2TraceBlockOfThisFinding.dSinks.ContainsKey(fVelocityFinding))
otbO2TraceBlockOfThisFinding.dSinks.Add(fVelocityFinding,
otbO2TraceBlockWithVelocityMappings.
dSinks[fVelocityFinding]);
}
}
}
}
tTimer.stop();
}
public static Fortify_Scan mapFvdlData(this Fortify_Scan fortifyScan)
{
var o2Timer = new O2Timer("Mapped Fvdl Data").start();
fortifyScan.mapScanDetails()
.mapContextPool()
.mapDescriptions()
.mapCalledWithNoDefs()
.mapSinks()
.mapSources()
.mapSnippets()
.mapVulnerabilities();
o2Timer.stop();
return fortifyScan;
}