public static void proccessLoadedFilesIntoO2TraceBlockDictionary(Dictionary <String, O2TraceBlock_OunceV6> dO2TraceBlock, List <O2AssessmentData_OunceV6> lO2AssessmentData, bool bMakeAllLostSinksIntoKnownSinks) { foreach (O2AssessmentData_OunceV6 oadO2AssessmentData in lO2AssessmentData) { if (bMakeAllLostSinksIntoKnownSinks) { onSavedAssessmentData.MakeAllLostSinksIntoKnownSinks(oadO2AssessmentData); } foreach (AssessmentAssessmentFileFinding fFinding in oadO2AssessmentData.dFindings.Keys) { O2TraceBlock_OunceV6 tbToGlueSource = getTraceBlockToGlueFinding(fFinding, TraceType.Source, oadO2AssessmentData, dO2TraceBlock); if (tbToGlueSource != null) { tbToGlueSource.dSinks.Add(fFinding, oadO2AssessmentData); } O2TraceBlock_OunceV6 tbToGlueSink = getTraceBlockToGlueFinding(fFinding, TraceType.Known_Sink, oadO2AssessmentData, dO2TraceBlock); if (tbToGlueSink != null) { tbToGlueSink.dSources.Add(fFinding, oadO2AssessmentData); } } } }
public static void addFindingAsGlueTrace(O2TraceBlock_OunceV6 otbO2TraceBlockOunceV6WithTracesToGlue, AssessmentAssessmentFileFinding fFinding, O2AssessmentData_OunceV6 oadO2AssessmentDataOunceV6, TreeView tvRawData, bool bAddGluedTracesAsRealTraces) { String sUniqueSignature = analyzer.getUniqueSignature(fFinding, TraceType.Known_Sink, oadO2AssessmentDataOunceV6, true); var otbO2TraceBlockWithTracesToReceiveTraces = (O2TraceBlock_OunceV6)tvRawData.Nodes[sUniqueSignature].Tag; foreach (AssessmentAssessmentFileFinding fFindingToGlue in otbO2TraceBlockOunceV6WithTracesToGlue.dSinks.Keys) { if (false == otbO2TraceBlockWithTracesToReceiveTraces.dGluedSinks.ContainsKey(fFindingToGlue)) { otbO2TraceBlockWithTracesToReceiveTraces.dGluedSinks.Add(fFindingToGlue, otbO2TraceBlockOunceV6WithTracesToGlue.dSinks[ fFindingToGlue]); } if (bAddGluedTracesAsRealTraces) // so that the traces show in the Raw View list { if (false == otbO2TraceBlockWithTracesToReceiveTraces.dSinks.ContainsKey(fFindingToGlue)) { otbO2TraceBlockWithTracesToReceiveTraces.dSinks.Add(fFindingToGlue, otbO2TraceBlockOunceV6WithTracesToGlue.dSinks[ fFindingToGlue]); } } } }
public static void calculateO2TraceBlocksIntoTreeView(Dictionary <String, O2TraceBlock_OunceV6> dO2TraceBlock, ref TreeView tvTargetTreeView) { DI.log.info("incalculateO2TraceBlocksIntoTreeView: {0}", dO2TraceBlock.Keys.Count); O2Timer tTimer = new O2Timer("Calculating Raw Data TreeView").start(); tvTargetTreeView = new TreeView(); var itemsProcessed = 0; var itemsToProcess = dO2TraceBlock.Keys.Count; var updateInterval = 1000; foreach (var sSignature in dO2TraceBlock.Keys) { if (itemsProcessed++ % updateInterval == 0) { DI.log.info("[{0}/{1}]", itemsProcessed, itemsToProcess); } O2TraceBlock_OunceV6 otdO2TraceBlockOunceV6 = dO2TraceBlock[sSignature]; //String sRootNodeText = String.Format("{0} {1} {2}", otdO2TraceBlockOunceV6.sSignature, System.IO.Path.GetFileName(otdO2TraceBlockOunceV6.sFile),otdO2TraceBlockOunceV6.sLineNumber); String sRootNodeText = String.Format("{0} {1} {2}", otdO2TraceBlockOunceV6.sSignature, otdO2TraceBlockOunceV6.sFile, otdO2TraceBlockOunceV6.sLineNumber); TreeNode tnRootNode = O2Forms.newTreeNode(sRootNodeText, sRootNodeText, 0, otdO2TraceBlockOunceV6); // handle Sinks TreeNode tnSinks = O2Forms.newTreeNode("Sinks", "Sinks", 0, null); foreach (AssessmentAssessmentFileFinding fFinding in otdO2TraceBlockOunceV6.dSinks.Keys) { String sSink = getUniqueSignature(fFinding, TraceType.Known_Sink, otdO2TraceBlockOunceV6.dSinks[fFinding], true); // analysis.Analysis.getSink(fFinding, otdO2TraceBlockOunceV6.dSinks[fFinding]); if (!string.IsNullOrEmpty(sSink) || sSink != sRootNodeText) { TreeNode tnSink = O2Forms.newTreeNode(sSink, sSink, 0, null); tnSinks.Nodes.Add(tnSink); } } tnRootNode.Nodes.Add(tnSinks); TreeNode tnSources = O2Forms.newTreeNode("Sources", "Sources", 0, null); foreach (AssessmentAssessmentFileFinding fFinding in otdO2TraceBlockOunceV6.dSources.Keys) { String sSource = getUniqueSignature(fFinding, TraceType.Source, otdO2TraceBlockOunceV6.dSources[fFinding], true); if (sSource == "" || sSource == null || sSource != sRootNodeText) { TreeNode tnSource = O2Forms.newTreeNode(sSource, sSource, 0, null); tnSources.Nodes.Add(tnSource); } } tnRootNode.Nodes.Add(tnSources); tvTargetTreeView.Nodes.Add(tnRootNode); } DI.log.info("[{0}/{1}]", itemsProcessed, itemsToProcess); //tvTargetTreeView.Sort(); // removed for performance reasons //tvAllTraces.Nodes.AddRange(tvRawData.Nodes); //tvAllTraces = tvRawData; tTimer.stop(); DI.log.info("Tree View with Raw Data Calculated: It has {0} ({1}) Nodes (SubNodes)", tvTargetTreeView.GetNodeCount(false), tvTargetTreeView.GetNodeCount(true)); }
public static List <String> GetTracesThatAreFromTheSameTraceSequence(O2TraceBlock_OunceV6 otbO2TraceBlockOunceV6Root, O2TraceBlock_OunceV6 otbO2TraceBlockOunceV6Child, String sKeyword) { var lsTracesFromSameSequence = new List <string>(); // TreeNode tnTreeForTrace_Root = new TreeNode(); // o2.analysis.Analysis.SmartTraceFilter stfSmartTraceFilter = o2.analysis.Analysis.SmartTraceFilter.MethodName; // o2.analysis.Analysis.addCallsToNode_Recursive(otbO2TraceBlockOunceV6Root, tnTreeForTrace_Root, fviFindingViewItem.oadO2AssessmentDataOunceV6, stfSmartTraceFilter); return(lsTracesFromSameSequence); }
public static TreeNode getRootNodeToView(O2TraceBlock_OunceV6 otbO2TraceBlockOfRootNode, String sMode) { //var tnTreeNode = new TreeNode(sRootFunction); var tnTreeNode = new TreeNode(otbO2TraceBlockOfRootNode.sUniqueName); if (sMode == "Sinks") { Dictionary <AssessmentAssessmentFileFinding, O2AssessmentData_OunceV6> dSinks = otbO2TraceBlockOfRootNode.dSinks; foreach (AssessmentAssessmentFileFinding fFinding in dSinks.Keys) { var fviFindingViewItem = new FindingViewItem(fFinding, fFinding.vuln_name, null, dSinks[fFinding]); String sNodeText = analyzer.getUniqueSignature(fFinding, TraceType.Known_Sink, dSinks[fFinding], true); if (sNodeText != null) { TreeNode tnChildNode = O2Forms.newTreeNode(sNodeText, sNodeText, 0, fviFindingViewItem); tnTreeNode.Nodes.Add(tnChildNode); } } } return(tnTreeNode); }
public static bool addCompatibleTracesToNode_recursive(TreeNode tnTargetNode, FindingViewItem fviFindingViewItem, O2TraceBlock_OunceV6 otbO2TraceBlockOunceV6OfToProcess, String sMode, Dictionary <String, O2TraceBlock_OunceV6> dRawData) //TreeView tvRawData) { //TreeNode tnParentNode = O2Forms.getRootNode(tnTargetNode); //int iNumberOfNodes = tnParentNode.GetNodeCount(true); var iNumberOfNodes = O2Forms.getRootNode(tnTargetNode).GetNodeCount(true); if (O2Forms.getRootNode(tnTargetNode).GetNodeCount(true) > 1500) { DI.log.info(String.Format("Max number of subnodes reached (250), aborting this root node: {0}", O2Forms.getRootNode(tnTargetNode).Text)); return(false); } if (new StackTrace().FrameCount > 50) { DI.log.info(String.Format("Max StackTrace reached (50), aborting this leaf:{0}", tnTargetNode.Text)); return(false); } var tnTreeFor_Root = new TreeNode(); AnalysisUtils.addCallsToNode_Recursive(fviFindingViewItem.fFinding.Trace, tnTreeFor_Root, fviFindingViewItem.oadO2AssessmentDataOunceV6, Analysis.SmartTraceFilter.MethodName); if (sMode == "Sinks") { // first add the normal sinks foreach (AssessmentAssessmentFileFinding fFinding in otbO2TraceBlockOunceV6OfToProcess.dSinks.Keys) { var tnTreeFor_ChildTrace = new TreeNode(); var fviFindingViewItemForChildTrace = new FindingViewItem(fFinding, fFinding.vuln_name ?? OzasmtUtils_OunceV6.getStringIndexValue( UInt32.Parse( fFinding.vuln_name_id), otbO2TraceBlockOunceV6OfToProcess. dSinks[fFinding]), null, otbO2TraceBlockOunceV6OfToProcess.dSinks[fFinding ]); AnalysisUtils.addCallsToNode_Recursive(fviFindingViewItemForChildTrace.fFinding.Trace, tnTreeFor_ChildTrace, fviFindingViewItemForChildTrace.oadO2AssessmentDataOunceV6, Analysis.SmartTraceFilter.MethodName); TreeNode tnRootNode_Sink = getTreeNodeOfTraceType_recursive(tnTreeFor_Root, TraceType.Known_Sink); TreeNode tnRootNode_Source = getTreeNodeOfTraceType_recursive(tnTreeFor_ChildTrace, TraceType.Source); if (AreNodesCompatible(tnRootNode_Sink, tnRootNode_Source)) { String sNodeText = getUniqueSignature(fFinding, TraceType.Known_Sink, otbO2TraceBlockOunceV6OfToProcess.dSinks[fFinding], true); // ensures we don't add the same source more that once per line (needs to be more optimized List <String> ltnAllNodesAddedSofar = O2Forms.getStringListWithAllParentNodesText(tnTargetNode); if (false == ltnAllNodesAddedSofar.Contains(sNodeText)) { if (sNodeText != tnTargetNode.Text) // don't add if the child call is the same as the parent { tnTargetNode.Nodes.Add(O2Forms.newTreeNode(sNodeText, sNodeText, 0, fviFindingViewItemForChildTrace)); } if (sNodeText == null) { return(false); } } } } // then add the Glued Sinks foreach (AssessmentAssessmentFileFinding fFinding in otbO2TraceBlockOunceV6OfToProcess.dGluedSinks.Keys) { var fviFindingViewItemForChildTrace = new FindingViewItem(fFinding, fFinding.vuln_name ?? OzasmtUtils_OunceV6.getStringIndexValue( UInt32.Parse( fFinding.vuln_name_id), otbO2TraceBlockOunceV6OfToProcess. dGluedSinks[fFinding]), null, otbO2TraceBlockOunceV6OfToProcess.dGluedSinks[ fFinding]); String sNodeText = getUniqueSignature(fFinding, TraceType.Known_Sink, otbO2TraceBlockOunceV6OfToProcess.dGluedSinks[fFinding], true); tnTargetNode.Nodes.Add(O2Forms.newTreeNode(sNodeText, sNodeText, 0, fviFindingViewItemForChildTrace)); } } foreach (TreeNode tnChildNode in tnTargetNode.Nodes) { // int iNodeCount = tnChildNode.GetNodeCount(true); // DI.log.info(iNodeCount + " " + tnChildNode.Text); //if (tvRawData.Nodes[tnChildNode.Text] != null) if (dRawData.ContainsKey(tnChildNode.Text)) { // (now back to false) was true (check side effects) if (false == addCompatibleTracesToNode_recursive(tnChildNode, (FindingViewItem)tnChildNode.Tag, dRawData[tnChildNode.Text], // (O2TraceBlock_OunceV6) tvRawData.Nodes[tnChildNode.Text].Tag, "Sinks", dRawData)) { //tvRawData)) return(false); } } } return(true); }