示例#1
0
        public FlawType UpdateCategoryName(FlawType flawType)
        {
            var rename = _renameRepository.GetAll().SingleOrDefault(x => x.CweId.Equals(flawType.cweid));

            if (rename != null)
            {
                flawType.categoryname = rename.Rename;
            }

            return(flawType);
        }
示例#2
0
        public KeyValuePair <FlawType, AutoResponse[]> GetResponse(FlawType flaw)
        {
            var returnList = new List <AutoResponse>();
            var responses  = _responseRepository.GetAll();

            foreach (var response in responses)
            {
                if (response.PropertyConditions.All(x => HaveIBeenMet(flaw, x)))
                {
                    returnList.Add(response);
                }
            }
            return(new KeyValuePair <FlawType, AutoResponse[]>(flaw, returnList.ToArray()));
        }
示例#3
0
        private void WriteFlawToFile(FlawType flaw, TextWriter outFile)
        {
            var mitigations = FormatMitigations(flaw.mitigations);
            var exploitabilityAdjustments = FormatExploitabilityAdjustments(flaw.exploitability_adjustments);
            var severity = SeverityStringFromNum(flaw.severity);

            var csvLine = CSVFormatter.FormatLine(
                new List <string>
            {
                flaw.issueid,
                flaw.cweid,
                flaw.categoryname,
                flaw.description,
                flaw.affects_policy_compliance ? "True" : "False",
                flaw.exploit_desc,
                flaw.severity_desc,
                flaw.remediation_desc,
                flaw.date_first_occurrence,
                flaw.module,
                flaw.sourcefile,
                flaw.sourcefilepath,
                flaw.type,
                flaw.functionprototype,
                flaw.line,
                flaw.functionrelativelocation == "-1"
                            ? string.Empty
                            : flaw.functionrelativelocation,
                flaw.scope,
                severity,
                exploitabilityAdjustments,
                flaw.grace_period_expires,
                flaw.remediation_status,
                flaw.mitigation_status,
                flaw.mitigation_status_desc,
                mitigations
            });

            outFile.WriteLine(csvLine);
        }
示例#4
0
 public static bool hasLocalSourceCodeFile(this API_Veracode_DetailedXmlFindings apiVeracode, FlawType flaw)
 {
     return(apiVeracode.sourceCodeFile(flaw).fileExists());
 }
示例#5
0
        public static string sourceCodeFile(this API_Veracode_DetailedXmlFindings apiVeracode, FlawType flaw)
        {
            var sourceCodeFile = flaw.sourceCodeFile();

            if (apiVeracode.LocalFileMappingsCache.hasKey(sourceCodeFile))
            {
                return(apiVeracode.LocalFileMappingsCache[sourceCodeFile]);
            }

            foreach (var path in apiVeracode.SourceCodePaths)
            {
                var sourceCodePath = path.pathCombine(sourceCodeFile);
                if (sourceCodePath.fileExists())
                {
                    apiVeracode.LocalFileMappingsCache.add(sourceCodeFile, sourceCodePath);
                    return(sourceCodePath);
                }
            }
            apiVeracode.FilesThatCouldNotMappedLocally.add_If_Not_There(sourceCodeFile);
            apiVeracode.LocalFileMappingsCache.add(sourceCodeFile, sourceCodeFile);
            return(sourceCodeFile);
        }
示例#6
0
 public static string sourceCodeFile(this FlawType flaw)
 {
     return("{0}{1}".format(flaw.sourcefilepath, flaw.sourcefile));
 }
示例#7
0
 public bool HaveIBeenMet(FlawType flaw, PropertyCondition condition)
 => flaw.GetType().GetProperties()
 .Any(prop => prop.Name.ToLower() == condition.Property.ToLower() &&
      $"{prop.GetValue(flaw)}".ToLower().Contains(condition.Condition.ToLower()));