Toggle navigation
Toggle navigation
This project
Loading...
Sign in
노현종
/
2018-1-Capstone1-VulnNotti
Go to a project
Toggle navigation
Toggle navigation pinning
Projects
Groups
Snippets
Help
Project
Activity
Repository
Pipelines
Graphs
Issues
0
Merge Requests
0
Snippets
Network
Create a new issue
Builds
Commits
Issue Boards
Authored by
노현종
2018-05-17 19:32:59 +0900
Browse Files
Options
Browse Files
Download
Email Patches
Plain Diff
Commit
5e7bb17ec4945a4458c33ea83e4fd8a47bd008f4
5e7bb17e
1 parent
856c913e
크리티컬 변수 추출 보완
Hide whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
68 additions
and
55 deletions
Vulnerablity_DB/VulnCrawler/CReserved.txt
Vulnerablity_DB/VulnCrawler/Program.cs
Vulnerablity_DB/VulnCrawler/VulnAbstractCrawler.cs
Vulnerablity_DB/VulnCrawler/VulnCrawler.csproj
Vulnerablity_DB/VulnCrawler/CReserved.txt
deleted
100644 → 0
View file @
856c913
auto
bool
break
case
char
const
continue
default
defined
do
double
else
enum
extern
float
for
goto
if
int
long
register
return
short
signed
sizeof
static
struct
switch
typedef
union
unsigned
void
volatile
while
\ No newline at end of file
Vulnerablity_DB/VulnCrawler/Program.cs
View file @
5e7bb17
...
...
@@ -69,7 +69,7 @@ namespace VulnCrawler
// var fields = VulnWorker.GetCriticalVariant(@"return _is_safe_url(url, host) and _is_safe_url(url.replace('\\', '/'), host)");
var
c
=
new
VulnC
();
var
fields
=
c
.
GetCriticalVariant
(
@"
if(i + inl < bl) {
"
);
var
fields
=
c
.
GetCriticalVariant
(
@"
cs64_chunk.chunkSize64 = 12345678;
"
);
foreach
(
var
item
in
fields
)
{
Console
.
WriteLine
(
item
);
...
...
Vulnerablity_DB/VulnCrawler/VulnAbstractCrawler.cs
View file @
5e7bb17
...
...
@@ -46,13 +46,14 @@ namespace VulnCrawler
var
lines
=
File
.
ReadLines
(
ReservedFileName
,
Encoding
.
Default
);
foreach
(
var
item
in
lines
)
{
if
(
string
.
IsNullOrWhiteSpace
(
item
))
{
continue
;
}
ReservedList
.
Add
(
item
);
}
}
catch
(
FileNotFoundException
)
{
...
...
@@ -169,13 +170,36 @@ namespace VulnCrawler
/// <returns></returns>
public
IEnumerable
<
string
>
GetCriticalVariant
(
string
line
)
{
line
=
line
.
Trim
();
if
(
line
.
StartsWith
(
"//"
))
{
yield
break
;
}
string
declarePattern
=
@"(?<Declare>[a-zA-Z0-9_\.]+) [a-zA-Z0-9_\.]+ ="
;
// 메서드 정규식 패턴
string
methodPattern
=
@"(\w+)\("
;
string
methodPattern
=
@"(\w+)\
s*\
("
;
// 변수 정규식 패턴
string
fieldPattern
=
@"\w+"
;
string
fieldPattern
=
@"^*?[a-zA-Z0-9_\.]+"
;
string
invalidPattern
=
@"^[\d\.]+"
;
string
commentPattern
=
@"("".*"")"
;
line
=
Regex
.
Replace
(
line
,
commentPattern
,
""
);
// 메서드 목록
var
methodSets
=
new
HashSet
<
string
>();
// 선언 타입명 추출
var
declareMatch
=
Regex
.
Match
(
line
,
declarePattern
);
string
declareName
=
string
.
Empty
;
if
(
declareMatch
.
Success
)
{
declareName
=
declareMatch
.
Groups
[
"Declare"
]?.
Value
??
string
.
Empty
;
}
//Console.WriteLine($"선언 : {declareName}");
var
methods
=
Regex
.
Matches
(
line
,
methodPattern
);
// 현재 코드 라인에서 메서드 목록 추가
foreach
(
var
met
in
methods
)
...
...
@@ -188,24 +212,37 @@ namespace VulnCrawler
}
}
Console
.
WriteLine
(
"----"
);
var
vars
=
Regex
.
Matches
(
line
,
fieldPattern
);
// 변수 목록에서 메서드 목록에 있는 것 제외하고 반환
var
vars
=
Regex
.
Matches
(
line
,
fieldPattern
)
.
Cast
<
Match
>()
.
Where
(
m
=>
{
if
(
m
.
Value
.
Equals
(
declareName
))
{
return
false
;
}
/* 제일 앞자리가 숫자로 시작하면 넘어감 */
if
(
Regex
.
IsMatch
(
m
.
Value
,
invalidPattern
))
{
return
false
;
}
/* 전 단계에서 구한 메서드 목록에 있으면 넘어감 */
if
(
methodSets
.
Contains
(
m
.
Value
))
{
return
false
;
}
/* 예약어 목록에 있으면 넘어감 */
if
(
ReservedList
.
Contains
(
m
.
Value
))
{
return
false
;
}
return
true
;
})
.
Distinct
(
new
MatchComparer
());
foreach
(
var
x
in
vars
)
{
var
field
=
x
as
Match
;
if
(
field
.
Success
)
{
/* 전 단계에서 구한 메서드 목록에 있으면 넘어감 */
if
(
methodSets
.
Contains
(
field
.
Value
))
{
continue
;
}
/* 예약어 목록에 있으면 넘어감 */
if
(
ReservedList
.
Contains
(
field
.
Value
))
{
continue
;
}
yield
return
field
.
Value
;
}
}
...
...
@@ -227,4 +264,17 @@ namespace VulnCrawler
}
}
class
MatchComparer
:
IEqualityComparer
<
Match
>
{
public
bool
Equals
(
Match
x
,
Match
y
)
{
return
x
.
Value
.
Equals
(
y
.
Value
);
}
public
int
GetHashCode
(
Match
obj
)
{
return
obj
.
Value
.
GetHashCode
();
}
}
}
...
...
Vulnerablity_DB/VulnCrawler/VulnCrawler.csproj
View file @
5e7bb17
...
...
@@ -66,9 +66,6 @@
<None Include="App.config" />
<None Include="packages.config" />
</ItemGroup>
<ItemGroup>
<Content Include="CReserved.txt" />
</ItemGroup>
<Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
<Target Name="EnsureNuGetPackageBuildImports" BeforeTargets="PrepareForBuild">
<PropertyGroup>
...
...
Please
register
or
login
to post a comment