public static List <IO2Finding> createO2FindingsFromCirFunction(ICirFunction cirFunction, bool createNewFindingOnExternalCall) { var o2FindingsCreated = new List <IO2Finding>(); var filteredSignature = new FilteredSignature(cirFunction); var functionSignature = filteredSignature.sSignature; var rootO2Finding = new O2Finding { method = cirFunction.ClassNameFunctionNameAndParameters, vulnName = functionSignature, vulnType = "O2.CirGeneratedTrace", severity = 2, confidence = 2, file = cirFunction.File }; if (cirFunction.File != null) { UInt32 lineNumber; if (UInt32.TryParse(cirFunction.FileLine, out lineNumber)) { rootO2Finding.lineNumber = lineNumber; } } createTracesAndFindingsFromCirFunction(cirFunction, rootO2Finding.file, rootO2Finding.lineNumber, rootO2Finding.o2Traces, new List <IO2Trace>(), rootO2Finding, o2FindingsCreated, createNewFindingOnExternalCall); // make the first trace a Source rootO2Finding.o2Traces[0].traceType = TraceType.Source; // and add it to the list of Findings Created o2FindingsCreated.Add(rootO2Finding); return(o2FindingsCreated); }
public static List<IO2Finding> createO2FindingsFromCirFunction(ICirFunction cirFunction, bool createNewFindingOnExternalCall) { var o2FindingsCreated = new List<IO2Finding>(); var filteredSignature = new FilteredSignature(cirFunction); var functionSignature = filteredSignature.sSignature; var rootO2Finding = new O2Finding { method = cirFunction.ClassNameFunctionNameAndParameters, vulnName = functionSignature, vulnType = "O2.CirGeneratedTrace", severity = 2, confidence = 2, file= cirFunction.File }; if (cirFunction.File != null) { UInt32 lineNumber; if (UInt32.TryParse(cirFunction.FileLine, out lineNumber)) rootO2Finding.lineNumber = lineNumber; } createTracesAndFindingsFromCirFunction(cirFunction, rootO2Finding.file, rootO2Finding.lineNumber, rootO2Finding.o2Traces, new List<IO2Trace>(), rootO2Finding, o2FindingsCreated, createNewFindingOnExternalCall); // make the first trace a Source rootO2Finding.o2Traces[0].traceType = TraceType.Source; // and add it to the list of Findings Created o2FindingsCreated.Add(rootO2Finding); return o2FindingsCreated; }
public CirFunctionCall(ICirFunction _cirFunction, string _fileName, int _lineNumber, int _sequenceNumber) : this(_cirFunction) { lineNumber = _lineNumber; fileName = _fileName; sequenceNumber = _sequenceNumber; }
public static O2RulePack createRules_SourcesAndSinks(String sCirDataFile) { var rpRulePack = new O2RulePack(); if (false == File.Exists(sCirDataFile)) { DI.log.error("in createRules_SourcesAndSinks, provide CirData file not found: {0}", sCirDataFile); } else { List <String> lsFunctions = MiscUtils.getFunctionsSignaturesFrom02CirData(sCirDataFile); // in this type of scan, there are two rules // if functions make no calls then they are maked as both Sources and Sinks // other cases receive no marking // sinks have preference (for the cases there there are no calls into and from CirData fcdCirData = CirLoad.loadSerializedO2CirDataObject(sCirDataFile); foreach (string sFunction in lsFunctions) { ICirFunction cfCirFunction = fcdCirData.dFunctions_bySignature[sFunction]; if (cfCirFunction.FunctionsCalledUniqueList.Count == 0) { addRule(createRule(O2RuleType.Sink, sFunction, fcdCirData.sDbId), rpRulePack); addRule(createRule(O2RuleType.Source, sFunction, fcdCirData.sDbId), rpRulePack); } } } return(rpRulePack); }
public static bool showCodeSnippetForSelectedFunction(ICirFunction cirFunctionToProcess, bool showCodeSnippet, TreeView treeView, TreeNode currentTreeNode, TreeNode previousTreeNode) { if (cirFunctionToProcess.File != null && File.Exists(cirFunctionToProcess.File)) { int fileStartLine; if (Int32.TryParse(cirFunctionToProcess.FileLine, out fileStartLine)) { int mappedLineNumber = ViewHelpers.GetMappedLineNumber(cirFunctionToProcess.FunctionName, cirFunctionToProcess.File, cirFunctionToProcess.FileLine, false, true); if (mappedLineNumber > 0) { O2Forms.setTreeNodeColor(treeView, currentTreeNode, Color.DarkMagenta); O2Forms.setTreeNodeColor(treeView, previousTreeNode, Color.DarkGreen); if (showCodeSnippet) { mappedLineNumber--; var fileLines = Files.getFileLines(cirFunctionToProcess.File); var numberOfLinesAfter = fileLines.Count - mappedLineNumber; var numberOfLinesToShow = (numberOfLinesAfter > 10) ? 10 : numberOfLinesAfter; var linesToShow = fileLines.GetRange(mappedLineNumber, numberOfLinesToShow); var codeSnippet = StringsAndLists.fromStringList_getText(linesToShow); O2Forms.setToolTipText(treeView, currentTreeNode, codeSnippet); } else { O2Forms.setToolTipText(treeView, currentTreeNode, ""); } return(true); } } } return(false); }
public static ICirFunction getFunctionRef(ICirDataAnalysis cirDataAnalysis, ICirFunction cirFunction) { if (false == cirDataAnalysis.dCirFunction_bySignature.ContainsKey(cirFunction.FunctionSignature)) { cirDataAnalysis.dCirFunction_bySignature.Add(cirFunction.FunctionSignature, cirFunction); } return(cirDataAnalysis.dCirFunction_bySignature[cirFunction.FunctionSignature]); }
// public ICirDataAnalysis cirDataAnalysis { get; set; } /*public static void viewCirFunctionSignature(string functionSignature, ICirDataAnalysis _cirDataAnalysis) * { * if (_cirDataAnalysis.dCirFunction_bySignature.ContainsKey(functionSignature)) * viewCirFunctionSignature(_cirDataAnalysis.dCirFunction_bySignature[functionSignature], _cirDataAnalysis); * }*/ public void viewCirFunction(ICirFunction _rootCirFunction) { if (_rootCirFunction != null) { this.invokeOnThread( () => { showFunctionAttributes(_rootCirFunction); laFunctionViewed.Text = _rootCirFunction.FunctionSignature; rootCirFunction = _rootCirFunction; currentCirClass = _rootCirFunction.ParentClass; //tvFunctionIsCalledBy tvFunctionIsCalledBy.Nodes.Clear(); ViewHelpers.addCirFunctionToTreeNodeCollection(rootCirFunction, "", tvFunctionIsCalledBy.Nodes, rootCirFunction.FunctionIsCalledBy.Count > 0); O2Forms.expandNodes(tvFunctionIsCalledBy); //tvFunctionMakesCallsTo tvFunctionMakesCallsTo.Nodes.Clear(); ViewHelpers.addCirFunctionToTreeNodeCollection(rootCirFunction, "", tvFunctionMakesCallsTo.Nodes, rootCirFunction.FunctionsCalledUniqueList.Count > 0); O2Forms.expandNodes(tvFunctionMakesCallsTo); //tvFunctionInfo tvFunctionInfo.Nodes.Clear(); ViewHelpers.addCirFunctionToTreeNodeCollection(rootCirFunction, "", tvFunctionInfo.Nodes, rootCirFunction.FunctionsCalledUniqueList.Count > 0 || rootCirFunction.FunctionIsCalledBy.Count > 0); O2Forms.expandNodes(tvFunctionInfo); //tvClassSuperClasses tvClassSuperClasses.Nodes.Clear(); if (rootCirFunction.ParentClass != null) { ViewHelpers.addCirClassToTreeNodeCollection(rootCirFunction.ParentClass, "", tvClassSuperClasses.Nodes, rootCirFunction.ParentClass.dSuperClasses.Count > 0); O2Forms.expandNodes(tvClassSuperClasses); } //tvClassSuperClasses tvClassIsSuperClassedBy.Nodes.Clear(); if (rootCirFunction.ParentClass != null) { ViewHelpers.addCirClassToTreeNodeCollection(rootCirFunction.ParentClass, "", tvClassIsSuperClassedBy.Nodes, rootCirFunction.ParentClass.dIsSuperClassedBy.Count > 0); O2Forms.expandNodes(tvClassIsSuperClassedBy); } cbCirFunction_IsTainted.Checked = rootCirFunction.IsTainted; viewClassMethods(); }); } }
// public ICirDataAnalysis cirDataAnalysis { get; set; } /*public static void viewCirFunctionSignature(string functionSignature, ICirDataAnalysis _cirDataAnalysis) { if (_cirDataAnalysis.dCirFunction_bySignature.ContainsKey(functionSignature)) viewCirFunctionSignature(_cirDataAnalysis.dCirFunction_bySignature[functionSignature], _cirDataAnalysis); }*/ public void viewCirFunction(ICirFunction _rootCirFunction) { if (_rootCirFunction != null) this.invokeOnThread( () => { showFunctionAttributes(_rootCirFunction); laFunctionViewed.Text = _rootCirFunction.FunctionSignature; rootCirFunction = _rootCirFunction; currentCirClass = _rootCirFunction.ParentClass; //tvFunctionIsCalledBy tvFunctionIsCalledBy.Nodes.Clear(); ViewHelpers.addCirFunctionToTreeNodeCollection(rootCirFunction, "", tvFunctionIsCalledBy.Nodes, rootCirFunction.FunctionIsCalledBy.Count > 0); O2Forms.expandNodes(tvFunctionIsCalledBy); //tvFunctionMakesCallsTo tvFunctionMakesCallsTo.Nodes.Clear(); ViewHelpers.addCirFunctionToTreeNodeCollection(rootCirFunction, "", tvFunctionMakesCallsTo.Nodes, rootCirFunction.FunctionsCalledUniqueList.Count > 0); O2Forms.expandNodes(tvFunctionMakesCallsTo); //tvFunctionInfo tvFunctionInfo.Nodes.Clear(); ViewHelpers.addCirFunctionToTreeNodeCollection(rootCirFunction, "", tvFunctionInfo.Nodes, rootCirFunction.FunctionsCalledUniqueList.Count > 0 || rootCirFunction.FunctionIsCalledBy.Count > 0); O2Forms.expandNodes(tvFunctionInfo); //tvClassSuperClasses tvClassSuperClasses.Nodes.Clear(); if (rootCirFunction.ParentClass != null) { ViewHelpers.addCirClassToTreeNodeCollection(rootCirFunction.ParentClass, "", tvClassSuperClasses.Nodes, rootCirFunction.ParentClass.dSuperClasses.Count > 0); O2Forms.expandNodes(tvClassSuperClasses); } //tvClassSuperClasses tvClassIsSuperClassedBy.Nodes.Clear(); if (rootCirFunction.ParentClass != null) { ViewHelpers.addCirClassToTreeNodeCollection(rootCirFunction.ParentClass, "", tvClassIsSuperClassedBy.Nodes, rootCirFunction.ParentClass.dIsSuperClassedBy.Count > 0); O2Forms.expandNodes(tvClassIsSuperClassedBy); } cbCirFunction_IsTainted.Checked = rootCirFunction.IsTainted; viewClassMethods(); }); }
public static void raiseSourceCodeReferenceEvent(bool raiseEvent, ICirFunction cirFunction, bool remapLineNumber) { if (raiseEvent) { if (cirFunction.File != null && cirFunction.FileLine != null) { int mappedLineNumber = GetMappedLineNumber(cirFunction.FunctionName, cirFunction.File, cirFunction.FileLine, false, remapLineNumber); O2Messages.fileOrFolderSelected(cirFunction.File, mappedLineNumber); } } }
/// <summary> /// this will only return the first finding created (which will have all sinks marked) /// </summary> /// <param name="cirFunction"></param> /// <returns></returns> public static IO2Finding createO2FindingFromCirFunction(ICirFunction cirFunction) { var createdO2Findings = createO2FindingsFromCirFunction(cirFunction, false); if (createdO2Findings.Count != 1) { DI.log.error( "in createO2FindingsFromCirFunction, something is wrong since createdO2Findings.Count != 1, and it is: {0}", createdO2Findings.Count); return null; } return createdO2Findings[0]; }
public CirFunctionCall(ICirFunction _cirFunction, string _fileName, string _lineNumber) : this(_cirFunction) { try { lineNumber = Int32.Parse(_lineNumber); // we can't use properties on TryParse fileName = _fileName; } catch (Exception ex ) { DI.log.error("in CirFunctionCall: {0}", ex.Message); } }
public CirFunctionCall(ICirFunction _cirFunction, string _fileName, string _lineNumber) : this(_cirFunction) { try { lineNumber = Int32.Parse(_lineNumber); // we can't use properties on TryParse fileName = _fileName; } catch (Exception ex) { DI.log.error("in CirFunctionCall: {0}", ex.Message); } }
public void Test_getMemberFunction(CirData cirData, TypeDefinition testType, string methodToTest, Type[] methodParameters) { MethodDefinition cecilMethodDefinition = CecilUtils.getMethod(testType, methodToTest, methodParameters); Assert.IsNotNull(cecilMethodDefinition, "cecilMethodDefinition was null for method", methodToTest); ICirFunction cirFunction = cirFactory.processMethodDefinition(cirData, cecilMethodDefinition, null); Assert.IsNotNull(cirFunction, "cecilMethodDefinition was null for method", cecilMethodDefinition); Assert.That(CirCecilCompare.areEqual_MethodDefinitionAndCirFunction(cecilMethodDefinition, cirFunction), "areEqual_MethodDefinitionAndCirFunction failed for method: " + cecilMethodDefinition); }
public static List<ICirFunction> calculateListOfAllFunctionsCalled(ICirFunction cirFunction) { var functionsCalled = new List<ICirFunction>(); if (cirFunction!=null) foreach (var functionCalled in cirFunction.FunctionsCalledUniqueList) { if (false == functionsCalled.Contains(functionCalled)) functionsCalled.Add(functionCalled); functionsCalled.AddRange(calculateListOfAllFunctionsCalled(functionCalled)); } return functionsCalled; }
public void viewCirFunction(ICirFunction _rootCirFunction) { this.invokeOnThread( () => { rootCirFunction = _rootCirFunction; cirTreeView.Nodes.Clear(); ViewHelpers.addCirFunctionToTreeNodeCollection(rootCirFunction, "", cirTreeView.Nodes, true); createTracesAndShowIt(rootCirFunction); cirTreeView.ExpandAll(); }); }
/// <summary> /// this will only return the first finding created (which will have all sinks marked) /// </summary> /// <param name="cirFunction"></param> /// <returns></returns> public static IO2Finding createO2FindingFromCirFunction(ICirFunction cirFunction) { var createdO2Findings = createO2FindingsFromCirFunction(cirFunction, false); if (createdO2Findings.Count != 1) { DI.log.error( "in createO2FindingsFromCirFunction, something is wrong since createdO2Findings.Count != 1, and it is: {0}", createdO2Findings.Count); return(null); } return(createdO2Findings[0]); }
public static void viewCirFunctionSignatureOnNewForm(ICirFunction cirFunction) { O2Thread.mtaThread( () => { var windowName = string.Format("Function Viewer: {0}", cirFunction.FunctionSignature); O2Messages.openControlInGUISync(typeof(ascx_FunctionCalls), O2DockState.Float, windowName); O2Messages.getAscx(windowName, ascxControl => ((ascx_FunctionCalls)ascxControl).viewCirFunction(cirFunction)); } ); }
private void showFunctionAttributes(ICirFunction _rootCirFunction) { showClassAttributes(_rootCirFunction.ParentClass); tvFunctionAttributes.Nodes.Clear(); foreach (var attribute in _rootCirFunction.FunctionAttributes) { var signature = new FilteredSignature(attribute.AttributeClass).sSignature; var treeNode = tvFunctionAttributes.Nodes.Add(signature); foreach (var parameter in attribute.Parameters) { treeNode.Nodes.Add(parameter.Key); } } }
private void populateSignatureObjectsFromCirFunction(ICirFunction cirFunction) { if (cirFunction.CecilSignature != null) { sSignature = cirFunction.FunctionSignature; sParseSignature(); //sSignature = cirFunction.FunctionSignature; //sFunctionClass = (cirFunction.ParentClass!=null) ? cirFunction.ParentClass.FullName: ""; // hack to make the cirTrace creation work cirFunction.ClassNameFunctionNameAndParameters = sSignature.Replace(":" + sReturnClass, ""); } else { sOriginalSignature = cirFunction.FunctionSignature; sFunctionName = cirFunction.FunctionName; sParameters = cirFunction.FunctionNameAndParameters.Replace(sFunctionName + "(", ""); if (sParameters.Length > 0) { sParameters = sParameters.Substring(0, sParameters.Length - 1); sParameters = makeDotNetSignatureCompatibleWithOunceRules(sParameters).Replace(',', ';'); } //if (cirFunction.IsConstructor) //{ if (cirFunction.ParentClassName != null) { sFunctionName = sFunctionName.Replace(".ctor", cirFunction.ParentClassName); } //} if (cirFunction.ReturnType != null) { sReturnClass = cirFunction.ReturnType; } if (sReturnClass != null) { sReturnClass = makeDotNetSignatureCompatibleWithOunceRules(sReturnClass); } sFunctionClass = cirFunction.ParentClassFullName; if (sFunctionClass != null && false == classesToNotApplyDotNetPatch.Contains(sFunctionClass)) { sFunctionClass = makeDotNetSignatureCompatibleWithOunceRules(sFunctionClass); } sSignature = getSignature(); sSignature = sSignature.Replace('/', '+'); // final hack to deal with generic types (need a better solution sSignature = sSignature.Replace("!0", "string").Replace("!1", "string"); } }
public CirFunctionCall(ICirFunction _cirFunction, SequencePoint sequencePoint) : this(_cirFunction) { if (sequencePoint != null) { fileName = sequencePoint.Document.Url; lineNumber = sequencePoint.StartLine; endLine = sequencePoint.EndLine; startColumn = sequencePoint.StartColumn; endColumn = sequencePoint.EndColumn; } else { } }
public static bool addTaintedInfoToCirFunction(XElement xMethodElement, ICirFunction cirFunction) { var methodParametersAnnotations = from xElement in xMethodElement.Elements("methodAttribute") .Elements("methodAnnotation") where xElement.Attribute("typeName").Value == "org.springframework.web.bind.annotation.RequestMapping" select xElement; if (methodParametersAnnotations.Count() > 0) { //log.info("in addTaintedInfoToCirFunction, found controller for function: {0}", cirFunction.FunctionSignature); cirFunction.IsTainted = true; return(true); } return(false); }
public CirFunctionCall(ICirFunction _cirFunction, SequencePoint sequencePoint) : this(_cirFunction) { if (sequencePoint!=null) { fileName = sequencePoint.Document.Url; lineNumber = sequencePoint.StartLine; endLine = sequencePoint.EndLine; startColumn = sequencePoint.StartColumn; endColumn = sequencePoint.EndColumn; } else { } }
public static List <ICirFunction> calculateListOfAllFunctionsCalled(ICirFunction cirFunction) { var functionsCalled = new List <ICirFunction>(); if (cirFunction != null) { foreach (var functionCalled in cirFunction.FunctionsCalledUniqueList) { if (false == functionsCalled.Contains(functionCalled)) { functionsCalled.Add(functionCalled); } functionsCalled.AddRange(calculateListOfAllFunctionsCalled(functionCalled)); } } return(functionsCalled); }
public static ICirClass getCirClassObjectFromFunctionSignature(String functionSignature, //Dictionary<String, String> dFunctionsNames, ICirData fcdCirData) { //String sSignatureOfFunctionCalled = sFunctionDef; //if (dFunctionsNames.ContainsKey(functionSignature)) if (fcdCirData.dFunctions_bySignature.ContainsKey(functionSignature)) { ICirFunction cirFunction = fcdCirData.dFunctions_bySignature[functionSignature]; //fcdCirData.dFunctions_bySymbolDef[dFunctionsNames[sSignatureOfFunctionCalled]]; return(cirFunction.ParentClass); } DI.log.error("in getCirClassObjectFromFunctionDef, could not resolve class object"); //else return(null); }
public static void mapInterfaces(TreeView tvRawData, ICirData cdCirData, String sHardCodedInterfaceKeywork, bool bAddGluedTracesAsRealTraces) { DI.log.debug("Mapping Interfaces"); O2Timer tTimer = new O2Timer("Interfaces mapping completed").start(); // Int32 iItemsProcessed = 0; Dictionary <AssessmentAssessmentFileFinding, O2AssessmentData_OunceV6> dAllSinkFindings = analyzer.getUniqueListOfSinks(tvRawData); foreach (AssessmentAssessmentFileFinding fFinding in dAllSinkFindings.Keys) { String sSink = AnalysisUtils.getSink(fFinding, dAllSinkFindings[fFinding]); if (sSink != "" && sSink.IndexOf(sHardCodedInterfaceKeywork) > -1) { if (false == cdCirData.dFunctions_bySignature.ContainsKey(sSink)) { DI.log.error("in mapInterfaces, could not find signature in loaded CirData file: {0}", sSink); } else { ICirFunction cfCirFunction = cdCirData.dFunctions_bySignature[sSink]; ICirClass ccCirClass = cfCirFunction.ParentClass; foreach (ICirClass ccIsSuperClassedBy in ccCirClass.dIsSuperClassedBy.Values) { String sMappedMethodName = cfCirFunction.FunctionSignature.Replace(ccCirClass.Signature, ccIsSuperClassedBy. Signature); List <O2TraceBlock_OunceV6> lotdMatches = analyzer.getO2TraceBlocksThatMatchSignature(sMappedMethodName, tvRawData); foreach (O2TraceBlock_OunceV6 otbO2TraceBlockWithTracesToGlue in lotdMatches) { addFindingAsGlueTrace(otbO2TraceBlockWithTracesToGlue, fFinding, dAllSinkFindings[fFinding], tvRawData, bAddGluedTracesAsRealTraces); } } } } } tTimer.stop(); }
private void populateSignatureObjectsFromCirFunction(ICirFunction cirFunction) { if (cirFunction.CecilSignature != null) { sSignature = cirFunction.FunctionSignature; sParseSignature(); //sSignature = cirFunction.FunctionSignature; //sFunctionClass = (cirFunction.ParentClass!=null) ? cirFunction.ParentClass.FullName: ""; // hack to make the cirTrace creation work cirFunction.ClassNameFunctionNameAndParameters = sSignature.Replace(":" + sReturnClass,""); } else { sOriginalSignature = cirFunction.FunctionSignature; sFunctionName = cirFunction.FunctionName; sParameters = cirFunction.FunctionNameAndParameters.Replace(sFunctionName + "(", ""); if (sParameters.Length > 0) { sParameters = sParameters.Substring(0, sParameters.Length - 1); sParameters = makeDotNetSignatureCompatibleWithOunceRules(sParameters).Replace(',', ';'); } //if (cirFunction.IsConstructor) //{ if (cirFunction.ParentClassName != null) sFunctionName = sFunctionName.Replace(".ctor", cirFunction.ParentClassName); //} if (cirFunction.ReturnType != null) sReturnClass = cirFunction.ReturnType; if (sReturnClass != null) sReturnClass = makeDotNetSignatureCompatibleWithOunceRules(sReturnClass); sFunctionClass = cirFunction.ParentClassFullName; if (sFunctionClass != null && false == classesToNotApplyDotNetPatch.Contains(sFunctionClass)) sFunctionClass = makeDotNetSignatureCompatibleWithOunceRules(sFunctionClass); sSignature = getSignature(); sSignature = sSignature.Replace('/', '+'); // final hack to deal with generic types (need a better solution sSignature = sSignature.Replace("!0", "string").Replace("!1", "string"); } }
public void checkThatAllFunctionsMatch(ICirData cirData, AssemblyDefinition testAssembly) { //var assertChecks = true; foreach (MethodDefinition methodDefinition in CecilUtils.getMethods(testAssembly)) { string functionSignature = CirFactoryUtils.getFunctionUniqueSignatureFromMethodReference(methodDefinition); //if (assertChecks) //{ Assert.That(cirData.dFunctions_bySignature.ContainsKey(functionSignature), "Could not find functionSignature in cirData object: " + functionSignature); //} /*else if (cirData.dFunctions_bySignature.ContainsKey(functionSignature) == false) * { * var BaseClass = methodDefinition.DeclaringType.FullName; * * DI.log.error(" **** Could not find functionSignature in cirData object: " + * functionSignature); * return; * }*/ ICirFunction cirFunction = cirData.dFunctions_bySignature[functionSignature]; //if (assertChecks) { Assert.That(CirCecilCompare.areEqual_MethodDefinitionAndCirFunction(methodDefinition, cirFunction), "Function's didn't match: " + functionSignature); } /*else if (CirCecilCompare.areEqual_MethodDefinitionAndCirFunction(methodDefinition, cirFunction) == false) * { * DI.log.error(" **** Function's didn't match: " + functionSignature + " for " + * testAssembly.Name); * }*/ // } }
public ICirFunction addCalledFunction(string calledFunctionSignature, string file, int lineNumber) { ICirFunction calledCirFunction = null; foreach (var existingCirFunctionCallReference in FunctionsCalledUniqueList) { if (calledFunctionSignature == existingCirFunctionCallReference.FunctionSignature) { calledCirFunction = existingCirFunctionCallReference; } } if (calledCirFunction == null) // means we have not mapped a function with this signature before { calledCirFunction = new CirFunction(calledFunctionSignature); calledCirFunction.File = file; FunctionsCalledUniqueList.Add(calledCirFunction); } FunctionsCalled.Add(new CirFunctionCall(calledCirFunction, calledCirFunction.File, lineNumber)); return(calledCirFunction); }
public static void calculateAllTracesFromFunction(String sSignature, TreeNodeCollection tncTraces, List <String> lFunctionsCalled, String sFilter_Signature, String sFilter_Parameter, bool bUseIsCalledBy, ICirDataAnalysis fcdAnalysis) { TreeNode tnNewTreeNode = O2Forms.newTreeNode(sSignature, sSignature, 0, sSignature); tncTraces.Add(tnNewTreeNode); if (fcdAnalysis.dCirFunction_bySignature.ContainsKey(sSignature)) { ICirFunction cfCirFunction = fcdAnalysis.dCirFunction_bySignature[sSignature]; List <ICirFunction> lsFunctions = new List <ICirFunction>(); if (bUseIsCalledBy) { foreach (var cirFunctionCall in cfCirFunction.FunctionIsCalledBy) { lsFunctions.Add(cirFunctionCall.cirFunction); } } else { lsFunctions.AddRange(cfCirFunction.FunctionsCalledUniqueList); } foreach (ICirFunction cirFunction in lsFunctions) { if (false == lFunctionsCalled.Contains(cirFunction.FunctionSignature)) { lFunctionsCalled.Add(cirFunction.FunctionSignature); calculateAllTracesFromFunction(cirFunction.FunctionSignature, tnNewTreeNode.Nodes, lFunctionsCalled, sFilter_Signature, sFilter_Parameter, bUseIsCalledBy, fcdAnalysis); } else { tnNewTreeNode.Nodes.Add("(Circular ref) : " + cirFunction.FunctionSignature); } } } }
private static ICirFunction syncFunctions(ICirDataAnalysis cirDataAnalysis, ICirFunction cirFunctionToSync) { try { var functionRef = getFunctionRef(cirDataAnalysis, cirFunctionToSync); //var functionCalled = cirFunction.FunctionsCalledSequence[i]; if (cirFunctionToSync.GetHashCode() != functionRef.GetHashCode()) { mergeFunctions(cirDataAnalysis, functionRef, cirFunctionToSync); } //cirFunction.FunctionsCalledSequence[i] = functionRef; return(functionRef); } catch (Exception ex) { DI.log.error("in CirDataAnalysisUtils.syncFunctions, for function {1} : {1}", cirFunctionToSync.FunctionSignature, ex.Message); } return(cirFunctionToSync); }
public static void showDecompiledFunctionInSourceCodeViewer(ICirFunction cirFunctionToProcess, string viewerControlName) { DI.log.debug("Showing details for: {0}", cirFunctionToProcess.FunctionName); // if (showFunctionsDecompiledCodeInSourceCodeViewerToolStripMenuItem.Checked) // { // var sourceCodeViewer = //} /* return O2Thread.mtaThread(() => * { * O2Messages.openControlInGUISync(typeof (ascx_FindingsViewer), O2DockState.Float, windowTitle); * O2Messages.getAscx(windowTitle, guiControl => * { * if (guiControl != null && guiControl is ascx_FindingsViewer) * { * var findingsViewer = (ascx_FindingsViewer) guiControl; * findingsViewer.loadO2Findings(o2Findings); * } * }); * }); */ }
public static void showDecompiledFunctionInSourceCodeViewer(ICirFunction cirFunctionToProcess, string viewerControlName) { DI.log.debug("Showing details for: {0}", cirFunctionToProcess.FunctionName); // if (showFunctionsDecompiledCodeInSourceCodeViewerToolStripMenuItem.Checked) // { // var sourceCodeViewer = //} /* return O2Thread.mtaThread(() => { O2Messages.openControlInGUISync(typeof (ascx_FindingsViewer), O2DockState.Float, windowTitle); O2Messages.getAscx(windowTitle, guiControl => { if (guiControl != null && guiControl is ascx_FindingsViewer) { var findingsViewer = (ascx_FindingsViewer) guiControl; findingsViewer.loadO2Findings(o2Findings); } }); }); */ }
public void Test_processTypeDefinition(ICirData cirData, ICirClass cirClass) { Assert.That(cirClass != null, "cirClass was null"); Assert.That(cirClass.dFunctions.Count == 7, "cirClass.dFunctions.Count != 7 , it was " + cirClass.dFunctions.Count); // check if we can get the functions by name ICirFunction testMethodA = cirClass.getFunction("testMethodA()"); Assert.IsNotNull(testMethodA, "could not get testMethodA from cirClass object"); ICirFunction testMethodB = cirClass.getFunction("testMethodB()"); Assert.IsNotNull(testMethodB, "could not get testMethodB from cirClass object"); Assert.IsNotNull(cirClass.getFunction("testMethodB(System.String)"), "could not get testMethodB(string) from cirClass object"); Assert.IsNotNull(cirClass.getFunction("testMethodD(System.String,System.Type)"), "could not get testMethodD(System.String,System.Type) from cirClass object"); ICirFunction testMethodC = cirClass.getFunction("testMethodC"); // check if we have the calls and isCalledBy Assert.That(testMethodA.FunctionsCalledUniqueList.Contains(testMethodB), "failed on testMethodA.FunctionsCalledUniqueList.Contains(testMethodB)"); Assert.That(testMethodA.FunctionsCalledUniqueList.Contains(testMethodC), "failed on testMethodA.FunctionsCalledUniqueList.Contains(testMethodB)"); var found = false; foreach (var calledByFunction in testMethodB.FunctionIsCalledBy) { if (calledByFunction.cirFunction == testMethodA) { found = true; } } Assert.That(found, "failed on testMethodB.FunctionIsCalledBy.Contains(testMethodA)"); }
public static O2RulePack createRules_CallBacksOnEdges_And_ExternalSinks(String sCirDataFile) { var rpRulePack = new O2RulePack(); if (false == File.Exists(sCirDataFile)) { DI.log.error( "in createRules_CallBacksOnEdges_And_ExternalSinks, provide CirData file not found: {0}", sCirDataFile); } else { List <String> lsFunctions = MiscUtils.getFunctionsSignaturesFrom02CirData(sCirDataFile); // in this type of scan, there are two rules // if functions make no calls it is a Sink // if nobody calls the function it is a callback // sinks have preference (for the cases there there are no calls into and from ICirData fcdCirData = CirLoad.loadSerializedO2CirDataObject(sCirDataFile); foreach (string sFunction in lsFunctions) { ICirFunction cfCirFunction = fcdCirData.dFunctions_bySignature[sFunction]; if (cfCirFunction.FunctionsCalledUniqueList.Count == 0) { addRule(createRule(O2RuleType.Sink, sFunction, fcdCirData.sDbId), rpRulePack); } // DI.log.error(" Make no Calls (make sink): {0}" , cfCirFunction.sSignature); else if (cfCirFunction.FunctionIsCalledBy.Count == 0) { addRule(createRule(O2RuleType.Callback, sFunction, fcdCirData.sDbId), rpRulePack); } } } return(rpRulePack); }
public void showDataForSignature_thread(String sSignatureToShow) { if (cirDataAnalysis == null) { DI.log.error("in ascx_CirViewer_Signature.showDataForSignature , fcdAnalysis == null"); } else { lbClassesBeingViewed.Text = sSignatureToShow; if (false == cirDataAnalysis.dCirFunction_bySignature.ContainsKey(sSignatureToShow) || cirDataAnalysis.dCirFunction_bySignature.ContainsKey(sSignatureToShow) && cirDataAnalysis.dCirFunction_bySignature[sSignatureToShow].HasControlFlowGraph == false) { DI.log.debug("{0} is not recognized as a full signature, trying to resolve it by name", sSignatureToShow); foreach (CirFunction ccFunction in cirDataAnalysis.dCirFunction_bySignature.Values) { String sFunctionFullNameWithNoParamsAndReturnvalue = new FilteredSignature(ccFunction.FunctionSignature).sFunctionFullName; if (sFunctionFullNameWithNoParamsAndReturnvalue.IndexOf(sSignatureToShow) > -1) { DI.log.debug("Found a match:{0}", ccFunction.FunctionSignature); sSignatureToShow = ccFunction.FunctionSignature; break; } } } if (cirDataAnalysis.dCirFunction_bySignature.ContainsKey(sSignatureToShow)) { ICirFunction ccCirFunction = cirDataAnalysis.dCirFunction_bySignature[sSignatureToShow]; afv_Calls.showSignatures(ViewHelpers.getCirFunctionStringList(ccCirFunction.FunctionsCalledUniqueList)); afv_IsCalledBy.showSignatures(ViewHelpers.getCirFunctionStringList(ccCirFunction.FunctionIsCalledBy)); lbBoxSsaVariables.Items.Clear(); lBoxVariables.Items.Clear(); foreach (SsaVariable cfSSaVariable in ccCirFunction.dSsaVariables.Values) { String sVariableMapping = String.Format("{0} = {1}", cfSSaVariable.sBaseName, cfSSaVariable.sPrintableType); lbBoxSsaVariables.Items.Add(sVariableMapping); // DI.log.debug(sVariableMapping); } foreach (FunctionVariable fvVariable in ccCirFunction.dVariables.Values) { lBoxVariables.Items.Add(String.Format("[def:{0}] [ref:{1}] {2}", fvVariable.sSymbolDef, fvVariable.refSymbol, fvVariable.sUniqueID)); } ViewHelpers.showFunctionBlocksInWebBrower(((CirFunction)ccCirFunction).lcfgBasicBlocks, wbControlFlowGraphsOFSelectedMethod); asv_CalledFunctions.showDataForSignature(sSignatureToShow); asv_IsCalledBy.showDataForSignature(sSignatureToShow); } else { var lsEmpty = new List <string>(); afv_Calls.showSignatures(lsEmpty); afv_IsCalledBy.showSignatures(lsEmpty); lbBoxSsaVariables.Items.Clear(); lBoxVariables.Items.Clear(); asv_CalledFunctions.showDataForSignature(sSignatureToShow); asv_IsCalledBy.showDataForSignature(sSignatureToShow); } } // lBoxVariables.Items.Add(fcdO2CirData_ofThisFunction.getSymbol(sVariable)); }
public static void viewCirFunctionSignatureOnNewForm(ICirFunction cirFunction) { O2Thread.mtaThread( () => { var windowName = string.Format("Function Viewer: {0}",cirFunction.FunctionSignature); O2Messages.openControlInGUISync(typeof(ascx_FunctionCalls), O2DockState.Float, windowName); O2Messages.getAscx(windowName, ascxControl => ((ascx_FunctionCalls)ascxControl).viewCirFunction(cirFunction)); } ); }
// not the best way to discover these calls , but this recursive search seems to work quite well public static void fromBasicBlock_populateDictionaryWithCalls_Recursive(ICirData cirData, Object oBlock, ICirFunction cfCirFunction) { String sSymbolRef; if (oBlock == null) return; // look for a match for 'call' in the current object if (oBlock.GetType().Name.ToUpper().IndexOf("CALL") > -1) { sSymbolRef = DI.reflection.getProperty("SymbolRef", oBlock).ToString(); mapFunctionCall(cirData, cfCirFunction, sSymbolRef, DI.reflection.getProperty("FunctionName", oBlock).ToString()); //cfCirFunction.dInCode_MethodsCalled.Add(sSymbolRef, Reflection.getProperty("FunctionName", oBlock).ToString()); return; } // if it is not on the curret object, lets look in its properties PropertyInfo[] pProperties = oBlock.GetType().GetProperties(); foreach (PropertyInfo pProperty in pProperties) { // DI.log.info(oBlock.GetType().Name + " . " + pProperty.Name); // get property live object Object oLiveObjectOfProperty = DI.reflection.getProperty(pProperty.Name, oBlock); if (null != oLiveObjectOfProperty) // if it is not null if (oLiveObjectOfProperty.GetType().IsArray) // if it is an array seach on them { foreach (Object oObject in (Object[])oLiveObjectOfProperty) fromBasicBlock_populateDictionaryWithCalls_Recursive(cirData, oObject, cfCirFunction); } else // look for a match for 'call' in the current property { if (pProperty.Name.ToUpper().IndexOf("CALL") > -1) { // DI.log.info(oBlock.GetType().Name + " . ** " + pProperty.Name); sSymbolRef = DI.reflection.getProperty("SymbolRef", oLiveObjectOfProperty).ToString(); mapFunctionCall(cirData, cfCirFunction, sSymbolRef, DI.reflection.getProperty("FunctionName", oLiveObjectOfProperty).ToString()); //cfCirFunction.dInCode_MethodsCalled.Add(sSymbolRef, Reflection.getProperty("FunctionName", oLiveObjectOfProperty).ToString()); } } } }
public ICirFunction processMethodDefinition(ICirData cirData, MethodDefinition methodDefinition, SequencePoint sequencePoint) { try { //var functionSignature = methodDefinition.ToString(); var functionSignature = CirFactoryUtils.getFunctionUniqueSignatureFromMethodReference(methodDefinition); var functionClass = CirFactoryUtils.getTypeUniqueSignatureFromTypeReference(methodDefinition.DeclaringType); var cirFunction = getCirFunction(cirData, functionSignature, functionClass); if (false == cirFunction.HasBeenProcessedByCirFactory) { if (methodDefinition.CustomAttributes != null && methodDefinition.CustomAttributes.Count > 0) { foreach (CustomAttribute customAttribute in methodDefinition.CustomAttributes) { var constructorSignature = CirFactoryUtils.getFunctionUniqueSignatureFromMethodReference(customAttribute.Constructor); var cirAttribute = new CirAttribute(constructorSignature); foreach (var constructorParameter in customAttribute.ConstructorParameters) { var type = constructorParameter.GetType().FullName; } if (customAttribute.Fields.Count > 0 || customAttribute.Properties.Count > 0) { } // PublicDI.log.debug("Added attribute {0} to {1}", customAttribute.Constructor.Name, cirFunction.FunctionName); cirFunction.FunctionAttributes.Add(cirAttribute); } } // map the common values with MethodReference processMethodReference(cirData, methodDefinition, sequencePoint); cirFunction.HasBeenProcessedByCirFactory = true; // we need to put this in here or we will have an infinite loop on recursive functions cirFunction.HasControlFlowGraph = true; // ControlFlowGraph is use by the Viewers to determine if we have more than just a reference to this method cirFunction.ParentClass.bClassHasMethodsWithControlFlowGraphs = true; // also mark the parent class cirFunction.IsStatic = methodDefinition.IsStatic; cirFunction.IsUnmanaged = methodDefinition.IsUnmanaged; cirFunction.IsUnmanagedExport = methodDefinition.IsUnmanagedExport; cirFunction.IsVirtual = methodDefinition.IsVirtual; cirFunction.IsSetter = methodDefinition.IsSetter; cirFunction.IsGetter = methodDefinition.IsGetter; cirFunction.IsRuntime = methodDefinition.IsRuntime; cirFunction.IsPublic = methodDefinition.IsPublic; cirFunction.IsPrivate = methodDefinition.IsPrivate; cirFunction.IsPInvokeImpl = methodDefinition.IsPInvokeImpl; cirFunction.IsNative = methodDefinition.IsNative; cirFunction.IsManaged = methodDefinition.IsManaged; cirFunction.IsInternalCall = methodDefinition.IsInternalCall; cirFunction.IsIL = methodDefinition.IsIL; cirFunction.IsConstructor = methodDefinition.IsConstructor; cirFunction.IsAbstract = methodDefinition.IsAbstract; cirFunction.HasSecurity = methodDefinition.HasSecurity; cirFunction.HasBody = methodDefinition.HasBody; // try to find the location of the current method by going for the first line of the first method if (methodDefinition.HasBody) { foreach (Instruction instruction in methodDefinition.Body.Instructions) { if (instruction.SequencePoint != null) { cirFunction.File = instruction.SequencePoint.Document.Url; if (instruction.SequencePoint.StartLine == 16707566) // means there is no source code ref { cirFunction.FileLine = "0"; } else { cirFunction.FileLine = instruction.SequencePoint.StartLine.ToString(); } break; } } } // map method parameters (this could be on the MethodReference but if so we would have to check for doing it more than once: foreach (ParameterDefinition parameter in methodDefinition.Parameters) { ICirFunctionParameter functionParameter = new CirFunctionParameter { ParameterName = parameter.ToString(), ParameterType = parameter.ParameterType.FullName, Constant = (parameter.Constant != null) ? parameter.Constant.ToString() : "", HasConstant = parameter.HasConstant, HasDefault = parameter.HasDefault, Method = parameter.Method.ToString() }; cirFunction.FunctionParameters.Add(functionParameter); } // map the calls made and the IsCalledBy foreach (var methodCalled in CecilUtils.getMethodsCalledInsideMethod(methodDefinition)) { ICirFunction cirCalledFunction = processMemberReference(cirData, methodCalled.memberReference, methodCalled.sequencePoint); if (cirCalledFunction != null) { // store the fucntion called sequence cirFunction.FunctionsCalled.Add(new CirFunctionCall(cirCalledFunction, methodCalled.sequencePoint)); // store the unique list of funcions called if (false == cirFunction.FunctionsCalledUniqueList.Contains(cirCalledFunction)) { cirFunction.FunctionsCalledUniqueList.Add(cirCalledFunction); } // map the FunctionCalled and FunctionIsCalledBy var cirFunctionCall = new CirFunctionCall(cirCalledFunction, sequencePoint); //cirFunction.FunctionsCalled.Add(cirFunctionCall); cirCalledFunction.FunctionIsCalledBy.Add(cirFunctionCall); //if (false == cirCalledFunction.FunctionIsCalledBy.Contains(cirFunction)) // cirCalledFunction.FunctionIsCalledBy.Add(cirFunction); } } } // to implement if needed /* foreach (var methodOverride in methodDefinition.Overrides) * { * var name = methodOverride.GetType(); * }*/ return(cirFunction); } catch (Exception ex) { DI.log.ex(ex, "in CirFactory.processMethodDefinition", true); return(null); } }
// for now only add the mappings, but need to check for all other variables public static void mergeFunctions(ICirDataAnalysis cirDataAnalysis, ICirFunction functionHost, ICirFunction functionToMerge) { // map properties foreach (var propertyInfo in DI.reflection.getProperties(typeof(ICirFunction))) // assign value if for this property: // functionHost == null && functionToMerge != null // functionHost == false && functionToMerge == true if ((DI.reflection.getProperty(propertyInfo.Name, functionHost) == null && DI.reflection.getProperty(propertyInfo.Name, functionToMerge) != null) || (DI.reflection.getProperty(propertyInfo.Name, functionHost) != null && DI.reflection.getProperty(propertyInfo.Name, functionHost) is bool && (bool)DI.reflection.getProperty(propertyInfo.Name, functionHost) == false && DI.reflection.getProperty(propertyInfo.Name, functionToMerge) != null && (bool)DI.reflection.getProperty(propertyInfo.Name, functionToMerge) == true)) DI.reflection.setProperty(propertyInfo.Name, functionHost, DI.reflection.getProperty(propertyInfo.Name, functionToMerge)); // ensure the class bClassHasMethodsWithControlFlowGraphs value is uptodate if (functionHost.HasControlFlowGraph && functionHost.ParentClass != null) functionHost.ParentClass.bClassHasMethodsWithControlFlowGraphs = true; for (int i = 0; i < functionToMerge.FunctionIsCalledBy.Count; i++) { var isCalledBy = functionToMerge.FunctionIsCalledBy[i]; var cirFunctionRef = getFunctionRef(cirDataAnalysis, isCalledBy.cirFunction); // big change here when isCalledBy was changed to be a CirFunctionCall object (check if this works ok) bool found = false; foreach (var functionCall in functionHost.FunctionIsCalledBy) if (functionCall.cirFunction == cirFunctionRef) found = true; if (found == false) functionHost.FunctionIsCalledBy.Add(new CirFunctionCall(cirFunctionRef)); // make sure the is calledBy is there //if (false == functionHost.FunctionIsCalledBy.Contains(cirFunctionRef)) // functionHost.FunctionIsCalledBy.Add(cirFunctionRef); /* if (isCalledBy != cirFunctionRef) // means they are different and we need to fix the xRef functionToMerge.FunctionIsCalledBy[i] = cirFunctionRef;*/ } if (functionToMerge.FunctionsCalled.Count > 0 && functionHost.FunctionsCalled.Count != functionToMerge.FunctionsCalled.Count) { if (functionHost.FunctionsCalled.Count == 0) functionHost.FunctionsCalled = functionToMerge.FunctionsCalled; else DI.log.error("something is wrong in mergeFunctions (on functionHost.FunctionsCalledSequence.Count == 0) for {0}", functionHost.FunctionSignature); } if (functionToMerge.FunctionsCalledUniqueList.Count > 0 && functionHost.FunctionsCalledUniqueList.Count != functionToMerge.FunctionsCalledUniqueList.Count) { if (functionHost.FunctionsCalledUniqueList.Count == 0) functionHost.FunctionsCalledUniqueList = functionToMerge.FunctionsCalledUniqueList; else DI.log.error("something is wrong in mergeFunctions (on functionHost.FunctionsCalledUniqueList.Count == 0) for {0}", functionHost.FunctionSignature); } /*foreach (var isCalledBy in functionToMerge.) { var cirFunctionRef = getFunctionRef(cirDataAnalysis, isCalledBy); if (false == functionHost.FunctionIsCalledBy.Contains(cirFunctionRef)) functionHost.FunctionIsCalledBy.Add(cirFunctionRef); }*/ }
private static void addFunction(ICirDataAnalysis cirDataAnalysis, ICirFunction cirFunction) { cirDataAnalysis.dCirFunction_bySignature.Add(cirFunction.FunctionSignature, cirFunction); }
private void showFunctionAttributes(ICirFunction _rootCirFunction) { showClassAttributes(_rootCirFunction.ParentClass); tvFunctionAttributes.Nodes.Clear(); foreach (var attribute in _rootCirFunction.FunctionAttributes) { var signature = new FilteredSignature(attribute.AttributeClass).sSignature; var treeNode = tvFunctionAttributes.Nodes.Add(signature); foreach (var parameter in attribute.Parameters) treeNode.Nodes.Add(parameter.Key); } }
public static bool showCodeSnippetForSelectedFunction(ICirFunction cirFunctionToProcess, bool showCodeSnippet ,TreeView treeView, TreeNode currentTreeNode, TreeNode previousTreeNode) { if (cirFunctionToProcess.File != null && File.Exists(cirFunctionToProcess.File)) { int fileStartLine; if (Int32.TryParse(cirFunctionToProcess.FileLine, out fileStartLine)) { int mappedLineNumber = ViewHelpers.GetMappedLineNumber(cirFunctionToProcess.FunctionName, cirFunctionToProcess.File, cirFunctionToProcess.FileLine, false, true); if (mappedLineNumber > 0) { O2Forms.setTreeNodeColor(treeView, currentTreeNode, Color.DarkMagenta); O2Forms.setTreeNodeColor(treeView, previousTreeNode, Color.DarkGreen); if (showCodeSnippet) { mappedLineNumber--; var fileLines = Files.getFileLines(cirFunctionToProcess.File); var numberOfLinesAfter = fileLines.Count - mappedLineNumber; var numberOfLinesToShow = (numberOfLinesAfter > 10) ? 10 : numberOfLinesAfter; var linesToShow = fileLines.GetRange(mappedLineNumber, numberOfLinesToShow); var codeSnippet = StringsAndLists.fromStringList_getText(linesToShow); O2Forms.setToolTipText(treeView, currentTreeNode, codeSnippet); } else O2Forms.setToolTipText(treeView, currentTreeNode, ""); return true; } } } return false; }
public CirFunctionCall(ICirFunction _cirFunction) : this() { cirFunction = _cirFunction; }
public static void mapFunctionCall(ICirData cirData, ICirFunction cfCirFunction, String sSymbolRef, String sSignature) { ICirFunction cfCalledCirFunction = getFunction_bySignature(cirData, sSymbolRef, sSignature); // add 'functions called' mapping if (false == cfCirFunction.FunctionsCalledUniqueList.Contains(cfCalledCirFunction)) cfCirFunction.FunctionsCalledUniqueList.Add(cfCalledCirFunction); // map the FunctionCalled and FunctionIsCalledBy var cirFunctionCall = new CirFunctionCall(cfCalledCirFunction); cfCirFunction.FunctionsCalled.Add(cirFunctionCall); //if (false == cfCalledCirFunction.FunctionIsCalledBy.Contains(cfCirFunction)) cfCalledCirFunction.FunctionIsCalledBy.Add(cirFunctionCall); /* if (false == cfCalledCirFunction.FunctionIsCalledBy.Contains(FunctionSignature)) { cfCalledCirFunction.FunctionIsCalledBy.Add(FunctionSignature); }*/ }
private void createTracesAndShowIt(ICirFunction cirFunction) { traceTreeView.loadO2Finding(CirTraces.createO2FindingFromCirFunction(cirFunction)); }
public static void processFunctionVariables(ICirData cirData,ICirFunction cfCirFunction, Object oFunction) { if (cfCirFunction.dVariables.Count > 0) // only do this once return; Object oVariables = DI.reflection.getProperty("Variable", oFunction); if (oVariables != null) { var aVariables = (Variable[])oVariables; foreach (Variable vVariable in aVariables) { //this.addSymbol(vVariable.SymbolDef, vVariable.UniqueID); // this.addSymbol(vVariable.SymbolRef, vVariable.PrintableType); // also add this mapping since there doesn't seem to be a SymbolDef for this symbol (and they all seem to be the same) bool oldVerbose = cirData.bVerbose; // so that we don't get a pile of errors for Symbold not defined cirData.bVerbose = false; String sDef = getSymbol(cirData, vVariable.SymbolDef); String sRef = getSymbol(cirData, vVariable.SymbolRef); cirData.bVerbose = oldVerbose; cfCirFunction.dVariables.Add(vVariable.SymbolDef, new FunctionVariable(vVariable, sRef, sDef)); } } }
public FilteredSignature(ICirFunction cirFunction) { populateSignatureObjectsFromCirFunction(cirFunction); }
// not 100% with the data created by these public static void fromControlFlowGraph_resolveVariablesUsedInFunction(ICirData cirData, ICirFunction cfCirFunction) { foreach (SsaVariable cmSsaVariable in cfCirFunction.dSsaVariables.Values) if (false == cfCirFunction.UsedTypes.Contains(cmSsaVariable.sSymbolRef)) cfCirFunction.UsedTypes.Add(cmSsaVariable.sSymbolRef); foreach (FunctionVariable fvVariable in cfCirFunction.dVariables.Values) if (false == cfCirFunction.UsedTypes.Contains(fvVariable.sSymbolRef)) cfCirFunction.UsedTypes.Add(fvVariable.sSymbolRef); }
public static bool areEqual_MethodDefinitionAndCirFunction(MethodDefinition cecilMethodDefintion, ICirFunction cirFunction) { try { if (cecilMethodDefintion == null || cirFunction == null) return false; var cirFunctionProperties = new Dictionary<string, object>(); foreach (var property in DI.reflection.getProperties(cirFunction.GetType())) { cirFunctionProperties.Add(property.Name, DI.reflection.getProperty(property.Name, cirFunction)); // DI.log.info("prop: {0} = {1}", property.Name, cirFunctionProperties[property.Name]); } var methodsCalledInsideMethod = CecilUtils.getMethodsCalledInsideMethod(cecilMethodDefintion); var moduleName = (cecilMethodDefintion.DeclaringType.Module != null) ? cecilMethodDefintion.DeclaringType.Module.Assembly.Name.ToString() : "[NullModule]"; foreach (var property in cirFunctionProperties.Keys) switch (property) { case "FunctionSignature": if (cirFunctionProperties[property].ToString() != String.Format("{0}!{1}", moduleName , cecilMethodDefintion)) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: cirFunction[FunctionSignature]!=cecilMethodDefintion"); return false; } break; case "IsPrivate": case "IsStatic": case "IsConstructor": case "IsUnmanaged": case "IsUnmanagedExport": case "IsVirtual": case "IsSetter": case "IsGetter": case "IsRuntime": case "IsPublic": case "IsPInvokeImpl": case "IsNative": case "IsManaged": case "IsInternalCall": case "IsIL": case "IsAbstract": case "HasSecurity": case "HasBody": if ((bool) cirFunctionProperties[property] != (bool) DI.reflection.getProperty(property, cecilMethodDefintion)) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: (bool)cirFunctionProperties[" + property + "] != (bool)DI.reflection.getProperty(" + property + ", cecilMethodDefintion)"); return false; } break; case "ParentClass": var cirClass1 = (CirClass) cirFunctionProperties[property]; if (cirClass1.Signature != CirFactoryUtils.getTypeUniqueSignatureFromTypeReference(cecilMethodDefintion.DeclaringType)) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: cirFunction[ParentClass]!=cecilMethodDefintion == " + cecilMethodDefintion.DeclaringType.FullName); return false; } break; case "ParentClassFullName": var parentClassFullName = (string)cirFunctionProperties[property]; if (parentClassFullName != cecilMethodDefintion.DeclaringType.FullName) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: cirFunction[ParentClassFullName]!=cecilMethodDefintion.FullName " + cecilMethodDefintion.DeclaringType.FullName); return false; } break; case "ParentClassName": var parentClassName = (string)cirFunctionProperties[property]; if (parentClassName != cecilMethodDefintion.DeclaringType.Name) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: cirFunction[parentClassName]!=cecilMethodDefintion.FullName " + cecilMethodDefintion.DeclaringType.Name); return false; } break; case "FunctionParameters": var cirFunctionParameters = (List<ICirFunctionParameter>)cirFunctionProperties[property]; if (cecilMethodDefintion.Parameters.Count != cirFunctionParameters.Count) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: the FunctionParameters count didn't match"); return false; } foreach (ParameterDefinition parameter in cecilMethodDefintion.Parameters) if (false == ViewHelpers.getCirParameterTypeStringList(cirFunctionParameters).Contains(parameter.ParameterType.FullName)) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: the FunctionParameters signatures didn't match"); return false; } break; case "FunctionsCalledUniqueList": var functionsCalledUniqueList = (List<ICirFunction>)cirFunctionProperties[property]; foreach (MethodCalled methodCalled in methodsCalledInsideMethod) if (false == ViewHelpers.getCirFunctionStringList(functionsCalledUniqueList).Contains(CirFactoryUtils.getFunctionUniqueSignatureFromMethodReference(methodCalled.memberReference))) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: there was a missing function in the FunctionsCalledUniqueList"); return false; } break; case "FunctionsCalledSequence": var functionsCalledSequence = (List<ICirFunction>)cirFunctionProperties[property]; if (functionsCalledSequence.Count != methodsCalledInsideMethod.Count) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: functionsCalledSequence.Count != methodsCalledInsideMethod.Count"); return false; } for (int i = 0; i < methodsCalledInsideMethod.Count; i++) { if (CirFactoryUtils.getFunctionUniqueSignatureFromMethodReference(methodsCalledInsideMethod[i].memberReference) != ViewHelpers.getCirFunctionStringList(functionsCalledSequence)[i]) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: the FunctionsCalledSequence does match"); return false; } } break; case "ReturnType": if (cecilMethodDefintion.ReturnType.ReturnType.FullName != cirFunctionProperties[property].ToString()) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: ReturnType don't match"); return false; } break; case "CecilSignature": if (cecilMethodDefintion.ToString() != cirFunctionProperties[property].ToString()) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: CecilSignature din't match"); return false; } break; case "FunctionNameAndParameters": if (CecilUtils.getMethodNameAndParameters(cecilMethodDefintion) != cirFunctionProperties[property].ToString()) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: FunctionNameAndParameters din't match"); return false; } break; case "FunctionName": if (cecilMethodDefintion.Name != cirFunctionProperties[property].ToString()) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: FunctionName din't match"); return false; } break; case "Module": if (moduleName != cirFunctionProperties[property].ToString()) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: Module din't match"); return false; } break; case "ClassNameFunctionNameAndParameters": var classNameFunctionNameAndParameters = cirFunctionProperties[property].ToString(); var expectedClassNameFunctionNameAndParameters = string.Format("{0}.{1}", cirFunction.ParentClassFullName, cirFunction.FunctionNameAndParameters); if (classNameFunctionNameAndParameters != expectedClassNameFunctionNameAndParameters) { DI.log.error( "in areEqual_MethodDefinitionAndCirFunction: classNameFunctionNameAndParameters din't match"); return false; } break; // ignore these ones case "IsSource": case "IsSink": case "FunctionParameterTypes": case "lcfgBasicBlocks": case "SymbolDef": case "ReflectionSignature": case "O2MDbgSignature": case "UsedTypes": case "FunctionIsCalledBy": case "dSsaVariables": case "dVariables": case "HasControlFlowGraph": case "OnlyShowFunctionNameInToString": case "HasBeenProcessedByCirFactory": break; // case "": //break; default: DI.log.error(" property not handled: {0}", property); break; } return true; } catch (Exception ex) { DI.log.ex(ex, "in areEqual_MethodDefinitionAndCirFunction", true); return false; } }
public static void raiseSourceCodeReferenceEvent(bool raiseEvent, ICirFunction cirFunction, bool remapLineNumber) { if (raiseEvent) if (cirFunction.File != null && cirFunction.FileLine != null) { int mappedLineNumber = GetMappedLineNumber(cirFunction.FunctionName, cirFunction.File, cirFunction.FileLine, false, remapLineNumber); O2Messages.fileOrFolderSelected(cirFunction.File, mappedLineNumber); } }
public static bool addTaintedInfoToCirFunction(XElement xMethodElement, ICirFunction cirFunction) { var methodParametersAnnotations = from xElement in xMethodElement.Elements("methodAttribute") .Elements("methodAnnotation") where xElement.Attribute("typeName").Value == "org.springframework.web.bind.annotation.RequestMapping" select xElement; if (methodParametersAnnotations.Count() > 0) { //log.info("in addTaintedInfoToCirFunction, found controller for function: {0}", cirFunction.FunctionSignature); cirFunction.IsTainted = true; return true; } return false; }
public static TreeNode addCirFunctionToTreeNodeCollection(ICirFunction cirFunction, string treeNodeNamePrefix, TreeNodeCollection treeNodeCollection, bool addDummyChildNode) { int mappedLineNumber = GetMappedLineNumber(cirFunction.FunctionName, cirFunction.File, cirFunction.FileLine, false, true); return addCirFunctionToTreeNodeCollection(new CirFunctionCall(cirFunction, cirFunction.File, mappedLineNumber), treeNodeNamePrefix, treeNodeCollection, addDummyChildNode); }
public ICirClass processTypeDefinition(ICirData cirData, TypeDefinition typeDefinition) { try { var classSignature = CirFactoryUtils.getTypeUniqueSignatureFromTypeReference(typeDefinition); var cirClass = getCirClass(cirData, classSignature); // map attributes for this classs if (typeDefinition.CustomAttributes != null && typeDefinition.CustomAttributes.Count > 0) { foreach (CustomAttribute customAttribute in typeDefinition.CustomAttributes) { var constructorSignature = CirFactoryUtils.getFunctionUniqueSignatureFromMethodReference(customAttribute.Constructor); var cirAttribute = new CirAttribute(constructorSignature); foreach (var constructorParameter in customAttribute.ConstructorParameters) { // var type = constructorParameter.GetType().FullName; cirAttribute.Parameters.Add(constructorParameter.ToString(), constructorParameter.GetType().FullName); } if (customAttribute.Fields.Count > 0 || customAttribute.Properties.Count > 0) { } cirClass.ClassAttributes.Add(cirAttribute); } } if (false == cirClass.HasBeenProcessedByCirFactory) { cirClass.HasBeenProcessedByCirFactory = true; cirClass.Name = typeDefinition.Name; cirClass.FullName = typeDefinition.FullName; cirClass.Module = typeDefinition.Module.Name; cirClass.Namespace = cirClass.Namespace; cirClass.SymbolDef = Guid.NewGuid().ToString(); cirClass.IsAbstract = typeDefinition.IsAbstract; // cirClass.IsAnonymous = typeDefinition. cirClass.IsClass = typeDefinition.IsClass; cirClass.IsEnum = typeDefinition.IsEnum; cirClass.IsInterface = typeDefinition.IsInterface; cirClass.IsImport = typeDefinition.IsImport; cirClass.IsNotPublic = typeDefinition.IsNotPublic; cirClass.IsPublic = typeDefinition.IsPublic; cirClass.HasSecurity = typeDefinition.HasSecurity; } else { DI.log.info("This Class has already been processed, so only adding any possible extra methods: {0}", cirClass.Name); } // handle constuctors foreach (MethodDefinition methodDefinition in typeDefinition.Constructors) { ICirFunction cirFunction = processMethodDefinition(cirData, methodDefinition, null); if (false == cirClass.dFunctions.ContainsValue(cirFunction)) { cirClass.dFunctions.Add(cirFunction.FunctionSignature, cirFunction); } // try to find source code reference if (cirFunction.FunctionsCalled.Count > 0 && cirClass.FileLine == null) { if (false == string.IsNullOrEmpty(cirFunction.FunctionsCalled[0].fileName)) { cirClass.File = cirFunction.FunctionsCalled[0].fileName; cirClass.FileLine = "0"; // set it to zero and try to map it later } } } // handle methods foreach (MethodDefinition methodDefinition in typeDefinition.Methods) { ICirFunction cirFunction = processMethodDefinition(cirData, methodDefinition, null); if (false == cirClass.dFunctions.ContainsValue(cirFunction)) { cirClass.dFunctions.Add(cirFunction.FunctionSignature, cirFunction); } } return(cirClass); } catch (Exception ex) { DI.log.ex(ex, "in CirFactory.processTypeDefinition", true); return(null); } }
/// <summary> /// This will populate the parent finding with all traces from the provided ICirFunction /// caution: use the createNewFindingOnExternalCall carefully since it can create a stupid amount of traces (and it is much slower) /// </summary> /// <param name="cirFunction"></param> /// <param name="lineNumber"></param> /// <param name="o2Traces"></param> /// <param name="parentTraces"></param> /// <param name="rootO2Finding"></param> /// <param name="o2FindingsCreated"></param> /// <param name="createNewFindingOnExternalCall"></param> /// <param name="fileName"></param> public static void createTracesAndFindingsFromCirFunction(ICirFunction cirFunction, string fileName, UInt32 lineNumber,List<IO2Trace> o2Traces, List<IO2Trace> parentTraces, IO2Finding rootO2Finding, List<IO2Finding> o2FindingsCreated, bool createNewFindingOnExternalCall) { int maxParentDepth = 10; //30; //10; var maxNumberOfTraces = 20; //50; //300; //50 var filteredSignature = new FilteredSignature(cirFunction); var functionSignature = filteredSignature.sSignature; var o2Trace = new O2Trace(functionSignature, cirFunction.ClassNameFunctionNameAndParameters) { file = fileName, lineNumber = lineNumber }; // add file references // handle the case where this is a recursive call or a call to a method already added in the current tree var recursiveCall = false; foreach(var o2ParentTrace in parentTraces) if (o2ParentTrace.signature == functionSignature) { recursiveCall = true; break; } parentTraces.Add(o2Trace); // add this trace to the current trace tree (since we might need to create a copy of it below o2Traces.Add(o2Trace); if (recursiveCall) { var nodeText = String.Format("{0} : {1} : {2}", cirFunction, "....(Recursive Call so not expanding child traces", functionSignature); o2Trace.childTraces.Add(new O2Trace(nodeText)); } else { if (parentTraces.Count > maxParentDepth) o2Trace.childTraces.Add(new O2Trace(" ... {Max trace depth reached} (" + maxParentDepth + ")")); else { // var numberOfTraces = OzasmtUtils.getAllTraces(rootO2Finding.o2Traces); if (numberOfTraces.Count > maxNumberOfTraces) { o2Trace.childTraces.Add(new O2Trace("**** Max number of traces reached(" + maxNumberOfTraces + ") aborting trace execution")); return; } if (cirFunction.FunctionsCalled.Count == 0) // means we don't have the code for this one, so { // let make it a lost sink var originalTraceTypeValue = o2Trace.traceType; // we might need this below o2Trace.traceType = TraceType.Lost_Sink; if (createNewFindingOnExternalCall) // and if createNewFindingOnExternalCall add it as finding { // create a copy of the parent finding (which incudes the above trace var newFinding = OzasmtCopy.createCopy(rootO2Finding); // make the first call a source (so that we have a source-> pair newFinding.o2Traces[0].traceType = TraceType.Source; // add it o2FindingsCreated.Add(newFinding); // since the crawl will continue we must restore the originalTraceTypeValue o2Trace.traceType = originalTraceTypeValue; } } else foreach (var functionCalled in cirFunction.FunctionsCalled) createTracesAndFindingsFromCirFunction(functionCalled.cirFunction, functionCalled.fileName, (UInt32)functionCalled.lineNumber, o2Trace.childTraces, parentTraces, rootO2Finding, o2FindingsCreated, createNewFindingOnExternalCall); } } // now remove the signature since we are only interrested in non repeats on the same parent parentTraces.Remove(o2Trace); }
public static ICirFunction getFunctionRef(ICirDataAnalysis cirDataAnalysis, ICirFunction cirFunction) { if (false == cirDataAnalysis.dCirFunction_bySignature.ContainsKey(cirFunction.FunctionSignature)) cirDataAnalysis.dCirFunction_bySignature.Add(cirFunction.FunctionSignature, cirFunction); return cirDataAnalysis.dCirFunction_bySignature[cirFunction.FunctionSignature]; }
public static bool processControlFlowGraph(ICirData cirData, ICirFunction cfCirFunction, Object oFunction) { if (cfCirFunction.HasControlFlowGraph) // only do this once return true; Object oControlFlowGraph = DI.reflection.getProperty("ControlFlowGraph", oFunction); if (oControlFlowGraph != null) { // cast ControlFlowGraph object cfCirFunction.HasControlFlowGraph = true; var cfgControlFlowGraph = (ControlFlowGraph)oControlFlowGraph; // add SsaVariables Objects if (cfgControlFlowGraph.SsaVariable != null) foreach (ControlFlowGraphSsaVariable cfgSsaVariable in cfgControlFlowGraph.SsaVariable) { // this.addSymbol(cfgSsaVariable.SymbolDef, cfgSsaVariable.Name); // I can't ADD this data since the SymbolDef is not unique addSymbol(cirData, cfgSsaVariable.SymbolRef, cfgSsaVariable.PrintableType); // also add this mapping since there doesn't seem to be a SymbolDef for this symbol (and they all seem to be the same) cfCirFunction.dSsaVariables.Add(cfgSsaVariable.SymbolDef, new SsaVariable(cfgSsaVariable)); } // populate BasicBlocks Object if (cfgControlFlowGraph.BasicBlock != null) foreach (ControlFlowGraphBasicBlock cfgBasicBlock in cfgControlFlowGraph.BasicBlock) { if (cirData.bStoreControlFlowBlockRawDataInsideCirDataFile) ((CirFunction)cfCirFunction).lcfgBasicBlocks.Add(cfgBasicBlock); // find methods called in ControlFlowBlock if (null != cfgBasicBlock.Items) { Object[] oBlocks = cfgBasicBlock.Items; foreach (Object oBlock in oBlocks) fromBasicBlock_populateDictionaryWithCalls_Recursive(cirData, oBlock, cfCirFunction); } } fromControlFlowGraph_resolveVariablesUsedInFunction(cirData, cfCirFunction); } else cfCirFunction.HasControlFlowGraph = false; return cfCirFunction.HasControlFlowGraph; }
private static ICirFunction syncFunctions(ICirDataAnalysis cirDataAnalysis, ICirFunction cirFunctionToSync) { try { var functionRef = getFunctionRef(cirDataAnalysis, cirFunctionToSync); //var functionCalled = cirFunction.FunctionsCalledSequence[i]; if (cirFunctionToSync.GetHashCode() != functionRef.GetHashCode()) mergeFunctions(cirDataAnalysis, functionRef, cirFunctionToSync); //cirFunction.FunctionsCalledSequence[i] = functionRef; return functionRef; } catch (Exception ex) { DI.log.error("in CirDataAnalysisUtils.syncFunctions, for function {1} : {1}", cirFunctionToSync.FunctionSignature, ex.Message); } return cirFunctionToSync; }