파이썬 CVE 취약 코드 발견 후 패치 이전 코드 수집중

-using System;
+using LibGit2Sharp;
+using System;
 using System.Collections.Generic;
 using System.Collections.Generic;
+using System.IO;
 using System.Linq;
 using System.Linq;
 using System.Text;
 using System.Text;
+using System.Text.RegularExpressions;
 using System.Threading.Tasks;
 using System.Threading.Tasks;
 
 
 namespace VulnCrawler
 namespace VulnCrawler
@@ -9,7 +12,171 @@ namespace VulnCrawler
     class Program
     class Program
     {
     {
         static void Main(string[] args) {
         static void Main(string[] args) {
+            //if (Directory.Exists(@"c:\test")) {
+            //    DeleteDirectory(@"c:\test");
+
+            //}
+
+            //var co = new CloneOptions {
+            //    OnCheckoutProgress = CheckoutProcess,
+            //    OnTransferProgress = TransferProgress,
+
+            //    CredentialsProvider = (_url, _user, _cred) => new UsernamePasswordCredentials { Username = "yhackerbv@gmail.com", Password = "@@GUSwjdaf12@@" }
+
+            //};
+
+            //Repository.Clone("https://github.com/torvalds/linux.git", @"\test\", co);
+            using (var r = new Repository(@"c:\test2")) {
+                var commits = r.Commits
+                    .Where(c => Regex.Match(c.Message, @"CVE-20\d\d-\d{4}", RegexOptions.IgnoreCase).Success)
+                    //.Where(c => c.Message.IndexOf("CVE-20",
+                    //StringComparison.CurrentCultureIgnoreCase) >= 0)
+                    .ToList();
+                Console.WriteLine(commits.Count);
+                foreach (var commit in commits) {
+
+                    string message = commit.Message;
+                    Console.ForegroundColor = ConsoleColor.Yellow;
+                    Console.WriteLine($"Commit Message: {message}");
+                    Console.ResetColor();
+                    foreach (var parent in commit.Parents) {
+                        var patch = r.Diff.Compare<Patch>(parent.Tree, commit.Tree, new CompareOptions { });
+
+                        var entrys = patch.Where(e => e.Path.EndsWith(".py"));
+                        foreach (var entry in entrys) {
+
+                            Console.ForegroundColor = ConsoleColor.Blue;
+                            Console.WriteLine($"status: {entry.Status.ToString()}");
+                            Console.WriteLine($"added: {entry.LinesAdded.ToString()}, deleted: {entry.LinesDeleted.ToString()}");
+                            Console.WriteLine($"old path: {entry.OldPath.ToString()}, new path: {entry.Path.ToString()}");
+                            Console.ResetColor();
+                            var oldOid = entry.OldOid;
+                            Blob oldBlob = r.Lookup<Blob>(oldOid);
+                            string oldContent = oldBlob.GetContentText();
+
+                            var newOid = entry.Oid;
+                            Blob newBlob = r.Lookup<Blob>(newOid);
+                            string newContent = newBlob.GetContentText();
+
+
+
+                            //ContentChanges changes = r.Diff.Compare(oldBlob, newBlob);
+
+                            // Console.WriteLine(changes.Patch);
+
+                            //   @@ -290,8 + 290,12 @@ def i
+                            //   @@ -290,8 +290,12 @@ def is_safe_url(url, host=None):
+                            var regs = Regex.Matches(entry.Patch, @"@@ \-(?<oldStart>\d+),(?<oldLines>\d+) \+(?<newStart>\d+),(?<newLines>\d+) @@ def (?<methodName>\w+)");
+
+
+
+                            if (regs.Count > 0) {
+                                Console.BackgroundColor = ConsoleColor.DarkBlue;
+                                Console.WriteLine($"Old Content: \n{oldContent}");
+                                Console.ResetColor();
+
+                                Console.BackgroundColor = ConsoleColor.DarkMagenta;
+                                Console.WriteLine($"New Content: \n{newContent}");
+                                Console.ResetColor();
+
+
+                                Console.BackgroundColor = ConsoleColor.DarkRed;
+
+                                Console.WriteLine($"Patched: \n{entry.Patch}");
+
+                                Console.ResetColor();
+                                Console.WriteLine("-----------");
+                                Console.WriteLine(regs.Count);
 
 
                             }
                             }
+
+                            foreach (var reg in regs) {
+                                var match = reg as Match;
+                                int.TryParse(match.Groups["oldStart"].Value, out int oldStart);
+                                int.TryParse(match.Groups["oldLines"].Value, out int oldLines);
+                                string methodName = match.Groups["methodName"].Value;
+
+                                Console.WriteLine(match.Groups["oldStart"].Value);
+                                Console.WriteLine(match.Groups["oldLines"].Value);
+                                Console.WriteLine(match.Groups["newStart"].Value);
+                                Console.WriteLine(match.Groups["newLines"].Value);
+                                Console.WriteLine(match.Groups["methodName"].Value);
+                                StringBuilder oldBuilder = new StringBuilder();
+                                using (var reader = new StreamReader(oldBlob.GetContentStream())) {
+                                    int readCount = 0;
+                                    while (!reader.EndOfStream && readCount <= oldStart + oldLines) {
+                                        string line = reader.ReadLine();
+
+                                        if (readCount++ >= oldStart) {
+                                            oldBuilder.AppendLine(line);
+                                        }
+                                    }
+
+                                    //bool found = false;
+                                    //while (!reader.EndOfStream) {
+
+                                    //    string line = reader.ReadLine();
+
+                                    //    if (line.Contains(string.Join("def ", methodName))) {
+
+                                    //    }
+
+                                    //    if (found) {
+
+                                    //    }
+                                    //}
+                                }
+
+                                string replace = Regex.Replace(oldBuilder.ToString(), "\t", "");
+
+                                Console.WriteLine($"Builder: \n{replace}");
+
+                            }
+                            Console.WriteLine("-----------");
+                            Console.ResetColor();
+                        }
+                        //Console.WriteLine(patch.Content);
+                    }
+
+                    Console.WriteLine($"Commit {commit.Sha} 추출 완료");
+                    //  Task.Delay(1000).Wait();
+                    //break;
+                }
+            }
+        }
+        public static void DeleteDirectory(string targetDir) {
+            File.SetAttributes(targetDir, FileAttributes.Normal);
+
+            string[] files = Directory.GetFiles(targetDir);
+            string[] dirs = Directory.GetDirectories(targetDir);
+
+            foreach (string file in files) {
+                File.SetAttributes(file, FileAttributes.Normal);
+                File.Delete(file);
+            }
+
+            foreach (string dir in dirs) {
+                DeleteDirectory(dir);
+            }
+
+            Directory.Delete(targetDir, false);
+        }
+        public static bool TransferProgress(TransferProgress progress) {
+            int totalBytes = progress.TotalObjects;
+            int receivedBytes = progress.ReceivedObjects;
+            long receivedTotal = progress.ReceivedBytes;
+            double received = progress.ReceivedBytes / 1000000;
+            double percent = ((double)receivedBytes / (double)totalBytes) * 10;
+
+            Console.WriteLine($"진행률: {percent.ToString("P2")}, 남은 파일: {receivedBytes} of {totalBytes}"); //, 받은 용량: {received.ToString()}MB");
+            Console.ForegroundColor = ConsoleColor.DarkGreen;
+            return true;
+        }
+
+        public static void CheckoutProcess(string path, int completedSteps, int totalSteps) {
+            Console.WriteLine($"{completedSteps}, {totalSteps}, {path}");
+        }
+
+
     }
     }
 }
 }

 <?xml version="1.0" encoding="utf-8"?>
 <?xml version="1.0" encoding="utf-8"?>
 <Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
 <Project ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
+  <Import Project="..\packages\LibGit2Sharp.NativeBinaries.1.0.210\build\net461\LibGit2Sharp.NativeBinaries.props" Condition="Exists('..\packages\LibGit2Sharp.NativeBinaries.1.0.210\build\net461\LibGit2Sharp.NativeBinaries.props')" />
   <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
   <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
   <PropertyGroup>
   <PropertyGroup>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
     <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
@@ -11,6 +12,8 @@
     <TargetFrameworkVersion>v4.6.1</TargetFrameworkVersion>
     <TargetFrameworkVersion>v4.6.1</TargetFrameworkVersion>
     <FileAlignment>512</FileAlignment>
     <FileAlignment>512</FileAlignment>
     <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
     <AutoGenerateBindingRedirects>true</AutoGenerateBindingRedirects>
+    <NuGetPackageImportStamp>
+    </NuGetPackageImportStamp>
   </PropertyGroup>
   </PropertyGroup>
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
   <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
     <PlatformTarget>AnyCPU</PlatformTarget>
     <PlatformTarget>AnyCPU</PlatformTarget>
@@ -32,6 +35,9 @@
     <WarningLevel>4</WarningLevel>
     <WarningLevel>4</WarningLevel>
   </PropertyGroup>
   </PropertyGroup>
   <ItemGroup>
   <ItemGroup>
+    <Reference Include="LibGit2Sharp, Version=0.25.0.0, Culture=neutral, PublicKeyToken=7cbde695407f0333, processorArchitecture=MSIL">
+      <HintPath>..\packages\LibGit2Sharp.0.25.0\lib\netstandard2.0\LibGit2Sharp.dll</HintPath>
+    </Reference>
     <Reference Include="System" />
     <Reference Include="System" />
     <Reference Include="System.Core" />
     <Reference Include="System.Core" />
     <Reference Include="System.Xml.Linq" />
     <Reference Include="System.Xml.Linq" />
@@ -47,6 +53,13 @@
   </ItemGroup>
   </ItemGroup>
   <ItemGroup>
   <ItemGroup>
     <None Include="App.config" />
     <None Include="App.config" />
+    <None Include="packages.config" />
   </ItemGroup>
   </ItemGroup>
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
   <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
+  <Target Name="EnsureNuGetPackageBuildImports" BeforeTargets="PrepareForBuild">
+    <PropertyGroup>
+      <ErrorText>이 프로젝트는 이 컴퓨터에 없는 NuGet 패키지를 참조합니다. 해당 패키지를 다운로드하려면 NuGet 패키지 복원을 사용하십시오. 자세한 내용은 http://go.microsoft.com/fwlink/?LinkID=322105를 참조하십시오. 누락된 파일은 {0}입니다.</ErrorText>
+    </PropertyGroup>
+    <Error Condition="!Exists('..\packages\LibGit2Sharp.NativeBinaries.1.0.210\build\net461\LibGit2Sharp.NativeBinaries.props')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\LibGit2Sharp.NativeBinaries.1.0.210\build\net461\LibGit2Sharp.NativeBinaries.props'))" />
+  </Target>
 </Project>
 </Project>
\ No newline at end of file

+<?xml version="1.0" encoding="utf-8"?>
+<packages>
+  <package id="LibGit2Sharp" version="0.25.0" targetFramework="net461" />
+  <package id="LibGit2Sharp.NativeBinaries" version="1.0.210" targetFramework="net461" />
+</packages>
\ No newline at end of file