이지윤
......@@ -65,10 +65,6 @@ namespace VulnCrawler
/* 메인 동작 함수 */
public static void Run() {
// Repository 폴더들이 있는 주소를 지정하면 하위 폴더 목록을 가져옴(Repository 목록)
Regex.CacheSize = 50;
......@@ -88,35 +84,6 @@ namespace VulnCrawler
{
continue;
}
//var crawler = new VulnC();
//crawler.Init(directory);
//Tree commitTree1 = crawler.Repository.Lookup<Commit>("e589db7a6a9c8f1557007f2cc765ee28ad7a1edd").Tree;
////Tree parentTree1 = crawler.Repository.Lookup<Commit>("344ba37bdc299660e1b1693b6999e5fe116893e1").Tree;
//Commit commit = crawler.Repository.Lookup<Commit>("e589db7a6a9c8f1557007f2cc765ee28ad7a1edd");
//foreach (var parent in commit.Parents)
//{
// Console.WriteLine($"Parent ID:{parent.Sha}");
// Tree commitTree = commit.Tree;
// Tree parentTree = parent.Tree;
// var patch = crawler.Repository.Diff.Compare<Patch>(commitTree, parentTree.);
// foreach (var item in patch.Where(p => p.OldPath.EndsWith(".c")))
// {
// Console.WriteLine(item.Status);
// Console.WriteLine(item.Path);
// Console.WriteLine(item.Patch);
// }
// Console.ReadLine();
//}
////Console.WriteLine(patch.Content);
//Console.ReadLine();
// 템플릿 패턴화 T : VulnAbstractCrawler
VulnWorker.Run<VulnC>(directory);
}
......
......@@ -31,7 +31,7 @@ namespace VulnCrawler
public string FuncName { get; set; }
public string Hash { get; set; }
public string Path { get; set; }
public string Url { get; set; }
public override bool Equals(object obj)
{
var block = obj as UserBlock;
......@@ -131,7 +131,7 @@ namespace VulnCrawler
/// <summary>
/// 커밋에서 검색할 정규식 문자열
/// </summary>
public string SearchCommitPattern => @"CVE[ -](\d{4})[ -](\d{4,})";
public string SearchCommitPattern => @"CVE[ -](201[5-8])[ -](\d{4,})";
/// <summary>
/// 패치 코드에서 함수 찾을 정규식 패턴 문자열
/// </summary>
......
......@@ -891,15 +891,10 @@ namespace VulnCrawler
var regex2 = new Regex(stringPattern, RegexOptions.Compiled);
var regex3 = new Regex(commentPattern2, RegexOptions.Compiled);
var regex4 = new Regex(commentPattern, RegexOptions.Compiled);
bool found3 = false;
bool com = false;
while (!reader.EndOfStream)
{
string line = reader.ReadLine();
string trim = line.Trim();
if (commentLine)
......@@ -915,7 +910,6 @@ namespace VulnCrawler
continue;
}
}
// /* ~ 패턴
if (regex3.IsMatch(trim))
{
......@@ -941,20 +935,18 @@ namespace VulnCrawler
if (found3)
{
string obStr = oldBuilder.ToString();
Console.WriteLine(obStr);
//Console.WriteLine(obStr);
obStr = Abstract(obStr, new Dictionary<string, string>(), new Dictionary<string, string>());
byte[] obStrBytes = Encoding.Unicode.GetBytes(obStr);
string absObStrBase64 = Convert.ToBase64String(obStrBytes);
Console.WriteLine(obStr);
// Console.WriteLine(obStr);
//Console.WriteLine("HASH: " + MD5HashFunc(obStr));
//Console.WriteLine(absObStrBase64);
if (!dict.ContainsKey(absObStrBase64.Length))
{
dict[absObStrBase64.Length] = new HashSet<UserBlock>();
}
string funcName = new string(oldBuilder.ToString().TakeWhile(c => c != '{').ToArray());
(dict[absObStrBase64.Length] as HashSet<UserBlock>).Add(new UserBlock
{
Hash = MD5HashFunc(absObStrBase64),
......@@ -1090,11 +1082,11 @@ namespace VulnCrawler
if (found3)
{
string obStr = oldBuilder.ToString();
Console.WriteLine(obStr);
// Console.WriteLine(obStr);
obStr = Abstract(obStr, new Dictionary<string, string>(), new Dictionary<string, string>());
byte[] obStrBytes = Encoding.Unicode.GetBytes(obStr);
string absObStrBase64 = Convert.ToBase64String(obStrBytes);
Console.WriteLine(obStr);
// Console.WriteLine(obStr);
if (!dict.ContainsKey(absObStrBase64.Length))
{
dict[absObStrBase64.Length] = new HashSet<UserBlock>();
......
......@@ -67,6 +67,7 @@ namespace VulnCrawler
public string FileName { get; set; } = "NULL"; /* FileName */
public string FuncName { get; set; } = "NULL"; /* funcName */
public string Url { get; set; } = "NULL"; /* Url */
public string Product { get; set; }
}
//connect
......@@ -242,7 +243,7 @@ namespace VulnCrawler
{
Connection = Conn,
//db에 추가
CommandText = "INSERT INTO vulnDetail(type, year, level, userName, cveName, publish_date,update_date, cveDetail,fileName, funcName, url) VALUES(@type, @year, @level, @userName, @cveName, @publish_date,@update_date, @cveDetail,@fileName, @funcName,@url)"
CommandText = "INSERT INTO vulnDetail(type, year, level, userName, cveName, publish_date,update_date, cveDetail,fileName, funcName, url, product) VALUES(@type, @year, @level, @userName, @cveName, @publish_date,@update_date, @cveDetail,@fileName, @funcName,@url,@product)"
};
cmd.Parameters.AddWithValue("@type", $"{vuln.Type}");
cmd.Parameters.AddWithValue("@year", $"{vuln.Year}");
......@@ -255,16 +256,16 @@ namespace VulnCrawler
cmd.Parameters.AddWithValue("@fileName", $"{vuln.FileName}");
cmd.Parameters.AddWithValue("@funcName", $"{vuln.FuncName}");
cmd.Parameters.AddWithValue("@url", $"{vuln.Url}");
cmd.Parameters.AddWithValue("@product", $"{vuln.Product}");
cmd.ExecuteNonQuery();
//콘솔출력용
sql = "INSERT INTO vulnDetail(type, year, level, userName, cveName, publish_date,update_date, cveDetail,fileName, funcName, url) " +
$"VALUES({vuln.Type}, {vuln.Year}, {vuln.Level}, {vuln.UserName}, {vuln.CveName},{vuln.Publish_date}, {vuln.Update_date}, {vuln.CveDetail}, {vuln.FileName}, {vuln.FuncName}, {vuln.Url})";
Console.WriteLine(sql);
// Console.WriteLine(sql);
}
catch (Exception e)
{
Console.WriteLine(e.ToString());
// Console.WriteLine(e.ToString());
string es = e.ToString();
if (es.Contains("Connection must be valid and open"))
{
......