노현종 / 2018-1-Capstone1-VulnNotti

Go to a project
Toggle navigation Toggle navigation pinning
노현종
de2921b7 1 parent 162221b1

VulnRDS VulnDB 자동 Insert

Inline Side-by-side
Showing 15 changed files with 315 additions and 46 deletions
...@@ -24,8 +24,8 @@ namespace VulnCrawler ...@@ -24,8 +24,8 @@ namespace VulnCrawler
24 } 24 }
25 public static Account account { get; private set; } 25 public static Account account { get; private set; }
26 static AWS() { 26 static AWS() {
27 - // account = LoadAccount(); 27 + // account = LoadAccount();
28 - 28 + account = new Account();
29 } 29 }
30 private static Account LoadAccount() { 30 private static Account LoadAccount() {
31 if (!File.Exists(Account.FilePath)) { 31 if (!File.Exists(Account.FilePath)) {
......
...@@ -22,17 +22,37 @@ namespace VulnCrawler ...@@ -22,17 +22,37 @@ namespace VulnCrawler
22 //SecureString s_key = GetConsoleSecurePassword(); 22 //SecureString s_key = GetConsoleSecurePassword();
23 //Console.Clear(); 23 //Console.Clear();
24 //string key = SecureStringToString(s_key); 24 //string key = SecureStringToString(s_key);
25 - ////AWS.SaveAccount(); 25 + //AWS.account.Id = "yhackerbv";
26 + //AWS.account.Pw = "guswhd12";
27 + //AWS.account.Endpoint = "vulndb.cby38wfppa7l.us-east-2.rds.amazonaws.com";
28 + //AWS.SaveAccount();
26 //AES aes = new AES(); 29 //AES aes = new AES();
27 - //string txt = File.ReadAllText(@"Account.xml"); 30 + string txt = File.ReadAllText(@"Account.xml");
28 - //string xml = aes.AESDecrypt128(txt, key); 31 + // string xml = aes.AESDecrypt128(txt, key);
29 - 32 + string xml = txt;
30 - //AWS.LoadAccount(xml); 33 +
31 - 34 + AWS.LoadAccount(xml);
32 - //AWS.Account account = AWS.account; 35 + AWS.Account account = AWS.account;
33 - 36 +
34 - //Console.WriteLine($"Endpoint: {account.Endpoint}, ID: {account.Id}, PW: {account.Pw}"); 37 + Console.WriteLine($"Endpoint: {account.Endpoint}, ID: {account.Id}, PW: {account.Pw}");
35 - 38 + try
39 + {
40 + VulnRDS.Connect(account, "vuln");
41 + }
42 + catch(Exception e)
43 + {
44 + Console.WriteLine($"접속 에러 :: {e.ToString()}");
45 + }
46 + if (VulnRDS.Conn.State == System.Data.ConnectionState.Open)
47 + {
48 + Console.WriteLine("접속 성공");
49 +
50 + }
51 + else
52 + {
53 + Console.WriteLine("연결 실패");
54 + return;
55 + }
36 //MySqlConnectionStringBuilder builder = new MySqlConnectionStringBuilder { 56 //MySqlConnectionStringBuilder builder = new MySqlConnectionStringBuilder {
37 // Server = "", 57 // Server = "",
38 // UserID = id, 58 // UserID = id,
...@@ -69,12 +89,7 @@ namespace VulnCrawler ...@@ -69,12 +89,7 @@ namespace VulnCrawler
69 Regex.CacheSize = 50; 89 Regex.CacheSize = 50;
70 90
71 // var fields = VulnWorker.GetCriticalVariant(@"return _is_safe_url(url, host) and _is_safe_url(url.replace('\\', '/'), host)"); 91 // var fields = VulnWorker.GetCriticalVariant(@"return _is_safe_url(url, host) and _is_safe_url(url.replace('\\', '/'), host)");
72 - var c = new VulnC(); 92 +
73 - var fields = c.ExtractCriticalVariant(@"if (s->session->peer != s->session->sess_cert->peer_key->x509)");
74 - foreach (var item in fields)
75 - {
76 - Console.WriteLine(item);
77 - }
78 // return; 93 // return;
79 var directorys = Directory.GetDirectories(@"c:\VulnC"); 94 var directorys = Directory.GetDirectories(@"c:\VulnC");
80 if (directorys.Length == 0) { 95 if (directorys.Length == 0) {
...@@ -84,10 +99,11 @@ namespace VulnCrawler ...@@ -84,10 +99,11 @@ namespace VulnCrawler
84 // Repository 목록 만큼 반복함. 99 // Repository 목록 만큼 반복함.
85 foreach (var directory in directorys) { 100 foreach (var directory in directorys) {
86 // 템플릿 패턴화 T : VulnAbstractCrawler 101 // 템플릿 패턴화 T : VulnAbstractCrawler
87 - if (directory.Contains("linux")) 102 + if (directory.Contains("open"))
88 { 103 {
89 continue; 104 continue;
90 } 105 }
106 + Console.WriteLine(directory);
91 VulnWorker.Run<VulnC>(directory); 107 VulnWorker.Run<VulnC>(directory);
92 } 108 }
93 } 109 }
......
...@@ -77,9 +77,12 @@ namespace VulnCrawler ...@@ -77,9 +77,12 @@ namespace VulnCrawler
77 77
78 public void Init(string path) { 78 public void Init(string path) {
79 Console.WriteLine("로딩중"); 79 Console.WriteLine("로딩중");
80 + Console.WriteLine(path);
80 Repository = new Repository(path); 81 Repository = new Repository(path);
82 +
81 Console.WriteLine("로딩 완료"); 83 Console.WriteLine("로딩 완료");
82 Commits = SearchCommits(); 84 Commits = SearchCommits();
85 + Console.WriteLine($"Commits Count: {Commits.Count()}");
83 } 86 }
84 /// <summary> 87 /// <summary>
85 /// 레파지토리 88 /// 레파지토리
...@@ -227,7 +230,7 @@ namespace VulnCrawler ...@@ -227,7 +230,7 @@ namespace VulnCrawler
227 /// <param name="oldBlob">패치 전 파일 Blob</param> 230 /// <param name="oldBlob">패치 전 파일 Blob</param>
228 /// <param name="table">크리티컬 메서드 테이블(Key: 메서드 이름, Value: 변수 리스트)</param> 231 /// <param name="table">크리티컬 메서드 테이블(Key: 메서드 이름, Value: 변수 리스트)</param>
229 /// <returns></returns> 232 /// <returns></returns>
230 - public virtual IEnumerable<(string methodName, IList<Block> blocks)> Process(Blob oldBlob, IDictionary<string, IEnumerable<string>> table) { 233 + public virtual IEnumerable<(string methodName, string oriFunc, IList<Block> blocks)> Process(Blob oldBlob, IDictionary<string, IEnumerable<string>> table) {
231 foreach (var item in table) 234 foreach (var item in table)
232 { 235 {
233 var methodTable = new Dictionary<string, string>(); 236 var methodTable = new Dictionary<string, string>();
...@@ -238,7 +241,7 @@ namespace VulnCrawler ...@@ -238,7 +241,7 @@ namespace VulnCrawler
238 Stream oldStream = oldBlob.GetContentStream(); 241 Stream oldStream = oldBlob.GetContentStream();
239 // 패치 전 원본 함수 구하고 242 // 패치 전 원본 함수 구하고
240 string func = GetOriginalFunc(oldStream, methodName); 243 string func = GetOriginalFunc(oldStream, methodName);
241 - Console.WriteLine(func); 244 +
242 string bs = string.Empty; 245 string bs = string.Empty;
243 string md5 = string.Empty; 246 string md5 = string.Empty;
244 if (item.Value.Count() != 0) 247 if (item.Value.Count() != 0)
...@@ -261,24 +264,17 @@ namespace VulnCrawler ...@@ -261,24 +264,17 @@ namespace VulnCrawler
261 { 264 {
262 265
263 block.CriticalList = item.Value; 266 block.CriticalList = item.Value;
267 + /* 추상화 및 정규화 */
264 block.AbsCode = Abstract(block.Code, varTable, methodTable); 268 block.AbsCode = Abstract(block.Code, varTable, methodTable);
265 block.Hash = MD5HashFunc(block.AbsCode); 269 block.Hash = MD5HashFunc(block.AbsCode);
266 270
267 } 271 }
268 - 272 + /* 추상화 변환 테이블 출력 */
269 - /* 추상화 및 정규화 */
270 - foreach (var block in blocks)
271 - {
272 - string code = block.Code;
273 -
274 - }
275 -
276 -
277 foreach (var var in varTable) 273 foreach (var var in varTable)
278 { 274 {
279 Console.WriteLine($"{var.Key}, {var.Value}"); 275 Console.WriteLine($"{var.Key}, {var.Value}");
280 } 276 }
281 - yield return (methodName, blocks); 277 + yield return (methodName, func, blocks);
282 } 278 }
283 279
284 } 280 }
......
...@@ -60,6 +60,7 @@ ...@@ -60,6 +60,7 @@
60 <Compile Include="VulnAbstractCrawler.cs" /> 60 <Compile Include="VulnAbstractCrawler.cs" />
61 <Compile Include="VulnC.cs" /> 61 <Compile Include="VulnC.cs" />
62 <Compile Include="VulnPython.cs" /> 62 <Compile Include="VulnPython.cs" />
63 + <Compile Include="VulnRDS.cs" />
63 <Compile Include="VulnWorker.cs" /> 64 <Compile Include="VulnWorker.cs" />
64 </ItemGroup> 65 </ItemGroup>
65 <ItemGroup> 66 <ItemGroup>
......
1 +using System;
2 +using System.Collections.Generic;
3 +using System.Linq;
4 +using System.Text;
5 +using System.Threading.Tasks;
6 +using MySql.Data.MySqlClient;
7 +
8 +namespace VulnCrawler
9 +{
10 + public static class VulnRDS
11 + {
12 + public static MySqlConnection Conn { get; set; }
13 + public class Vuln
14 + {
15 + public int VulnId { get; set; } = -1; /* 취약점 ID */
16 + public int LenBlock { get; set; } = -1; /* 취약점 BLOCK 길이 */
17 + public string RepositName { get; set; } = "NULL"; /* 취약점 레파지토리 이름 */
18 + public string Cve { get; set; } = "NULL"; /* 취약점 CVE */
19 + public string FuncName { get; set; } = "NULL"; /* 취약점 함수 이름 */
20 + public string Language { get; set; } = "NULL"; /* 취약점 언어 종류 */
21 + public string CodeOriBefore { get; set; } = "NULL"; /* 취약점 패치 전 원본 코드 */
22 + public string CodeOriAfter { get; set; } = "NULL"; /* 취약점 패치 후 원본 코드 */
23 + public string CodeAbsBefore { get; set; } = "NULL"; /* 취약점 패치 전 추상화 코드 */
24 + public string CodeAbsAfter { get; set; } = "NULL"; /* 취약점 패치 후 추상화 코드 */
25 + public string BlockHash { get; set; } = "NULL";/* 취약점 블록 해시 값 */
26 + public int BlockNum { get; set; } = -1; /* 블록 번호 */
27 + // 생성자
28 + public Vuln()
29 + {
30 + }
31 + public Vuln(int _lenBlock, string _repositName, string _cve, string _funcName, string _language, string _codeOriBefore, string _codeOriAfter, string _codeAbsBefore, string _codeAbsAfter, string _blockHash)
32 + {
33 + //임의의 VulnId
34 + VulnId = -1;
35 + LenBlock = _lenBlock;
36 + RepositName = _repositName;
37 + Cve = _cve;
38 + FuncName = _funcName;
39 + Language = _language;
40 + CodeOriBefore = _codeOriBefore;
41 + CodeOriAfter = _codeOriAfter;
42 + CodeAbsBefore = _codeAbsBefore;
43 + CodeAbsAfter = _codeAbsAfter;
44 + BlockHash = _blockHash;
45 + }
46 + public Vuln(int _vulnId, int _lenBlock, string _repositName, string _cve, string _funcName, string _language, string _codeOriBefore, string _codeOriAfter, string _codeAbsBefore, string _codeAbsAfter, string _blockHash)
47 + {
48 + VulnId = _vulnId;
49 + LenBlock = _lenBlock;
50 + RepositName = _repositName;
51 + Cve = _cve;
52 + FuncName = _funcName;
53 + Language = _language;
54 + CodeOriBefore = _codeOriBefore;
55 + CodeOriAfter = _codeOriAfter;
56 + CodeAbsBefore = _codeAbsBefore;
57 + CodeAbsAfter = _codeAbsAfter;
58 + BlockHash = _blockHash;
59 + }
60 + }
61 + public class User
62 + {
63 + public int UserId { get; set; } /* 유저 ID */
64 + public string RepositName { get; set; } /* 유저 레파지토리 이름 */
65 + public string Cve { get; set; } /* 취약점 CVE */
66 + public string CodeOriBefore { get; set; } /* 취약점 패치 전 원본 코드 */
67 + public string CodeOriAfter { get; set; } /* 취약점 패치 후 원본 코드 */
68 + public string FuncName { get; set; } /* 취약점 함수 이름 */
69 + public string DetectDate { get; set; } /* 검사 날짜 */
70 + // 생성자
71 + public User()
72 + {
73 + }
74 + public User(int _UserId, string _RepositName, string _Cve, string _CodeOriBefore, string _CodeOriAfter, string _FuncName, string _DetectDate)
75 + {
76 + UserId = _UserId;
77 + RepositName = _RepositName;
78 + Cve = _Cve;
79 + CodeOriBefore = _CodeOriBefore;
80 + CodeOriAfter = _CodeOriAfter;
81 + FuncName = _FuncName;
82 + DetectDate = _DetectDate;
83 + }
84 + }
85 + //connect
86 + public static void Connect(AWS.Account account, string dbName)
87 + {
88 + MySqlConnectionStringBuilder builder = new MySqlConnectionStringBuilder()
89 + {
90 + Server = account.Endpoint,
91 + UserID = account.Id,
92 + Password = account.Pw,
93 + Database = dbName,
94 + Port = 3306,
95 + };
96 + string strConn = builder.ToString();
97 + builder = null;
98 + Conn = new MySqlConnection(strConn);
99 + Conn.Open();
100 + }
101 + public static void InsertVulnData(Vuln vuln)
102 + {
103 + // Conn.Open();
104 + //DB에 취약점 데이터가 이미 있는지 검사
105 + String sql = string.Empty;
106 + //String sql = "select count(*) from vulnInfo where cve like '" + vuln.Cve + "'";
107 + //MySqlCommand cmd = new MySqlCommand(sql, Conn);
108 +
109 +
110 + //int RecordCount = Convert.ToInt32(cmd.ExecuteScalar());
111 + ////CVE 중복인 경우
112 + //if (RecordCount > 0)
113 + //{
114 + // Console.WriteLine("이미 cve가 존재함");
115 + //}
116 + //CVE 중복이 아닌 경우
117 + //else
118 + //{
119 + // vulnId setting (마지막 vulnId +1)
120 + MySqlCommand cmd = null;
121 +
122 + int last_vulnId = 1;
123 + try
124 + {
125 + sql = "select max(vulnId) from vulnInfo";
126 + cmd = new MySqlCommand(sql, Conn);
127 +
128 + last_vulnId = (Convert.ToInt32(cmd.ExecuteScalar())) + 1;
129 + }
130 + catch(Exception)
131 + {
132 + last_vulnId = 1;
133 + }
134 +
135 + //DB insert
136 + try
137 + {
138 + sql = "INSERT INTO vulnInfo(vulnId, lenBlock, repositName, cve, funcName, numBlock, codeOriBefore, codeOriAfter, codeAbsBefore, codeAbsAfter, blockHash) " +
139 + $"VALUES({last_vulnId}, {vuln.LenBlock}, '{vuln.RepositName}', '{vuln.Cve}', '{vuln.FuncName}', {vuln.BlockNum}, '{vuln.CodeOriBefore}', '{vuln.CodeOriAfter}', '{vuln.CodeAbsBefore}', '{vuln.CodeAbsAfter}', '{vuln.BlockHash}')";
140 + //sql = "INSERT INTO vulnInfo (vulnId, lenBlock, repositName, cve, funcName, codeOriBefore, codeOriAfter, codeAbsBefore, codeAbsAfter, blockHash) " +
141 + // "VALUES(" + last_vulnId + ", " + vuln.LenBlock + ", " + vuln.RepositName + ", " + vuln.Cve + ", " + vuln.FuncName + ", " + vuln.CodeOriBefore + ", " + vuln.CodeOriAfter + ", " + vuln.CodeAbsBefore + ", " + vuln.CodeAbsAfter + ", '" + vuln.BlockHash + "')";
142 + Console.WriteLine(sql);
143 + cmd = new MySqlCommand(sql, Conn);
144 + cmd.ExecuteNonQuery();
145 + //Conn.Close();
146 + }
147 + catch (Exception e)
148 + {
149 + Console.WriteLine(e.ToString());
150 + Console.ReadLine();
151 + }
152 + // }
153 + }
154 + public static void InsertUserData(User user)
155 + {
156 + Conn.Open();
157 + //DB에 취약점 데이터가 이미 있는지 검사
158 + String sql = "select count(*) from vulnInfo where cve like '" + user.Cve + "'";
159 + MySqlCommand cmd = new MySqlCommand(sql, Conn);
160 + int RecordCount = Convert.ToInt32(cmd.ExecuteScalar());
161 + //CVE 중복인 경우
162 + if (RecordCount > 0)
163 + {
164 + Console.WriteLine("이미 cve가 존재함");
165 + }
166 + //CVE 중복이 아닌 경우
167 + else
168 + {
169 + //DB insert
170 + try
171 + {
172 + sql = "INSERT INTO userInfo (userId, repositName, cve,codeOriBefore,codeOriAfter,funcName,detectDate) " +
173 + "VALUES(" + user.UserId + "," + user.RepositName + "," + user.Cve + "," + user.CodeOriBefore + "," + user.CodeOriAfter + "," + user.FuncName + "," + user.DetectDate + ")";
174 + cmd = new MySqlCommand(sql, Conn);
175 + cmd.ExecuteNonQuery();
176 + Conn.Close();
177 + }
178 + catch (Exception e)
179 + {
180 + Console.WriteLine(e.StackTrace);
181 + }
182 + }
183 + }
184 + public static Vuln SearchVulnCve(string _cve)
185 + {
186 + Vuln vuln = new Vuln();
187 + Conn.Open();
188 + //특정 cve 가 있는지 검사
189 + String sql = "select * from vulnInfo where cve like '" + _cve + "'";
190 + MySqlCommand cmd = new MySqlCommand(sql, Conn);
191 + MySqlDataReader rdr = cmd.ExecuteReader();
192 + while (rdr.Read())
193 + {
194 + vuln.VulnId = Convert.ToInt32(rdr["vulnId"]);
195 + vuln.LenBlock = Convert.ToInt32(rdr["lenBlock"]);
196 + vuln.RepositName = Convert.ToString(rdr["repositName"]);
197 + vuln.Cve = Convert.ToString(rdr["cve"]);
198 + vuln.FuncName = Convert.ToString(rdr["funcName"]);
199 + vuln.Language = Convert.ToString(rdr["language"]);
200 + vuln.CodeOriBefore = Convert.ToString(rdr["codeOriBefore"]);
201 + vuln.CodeOriAfter = Convert.ToString(rdr["codeOriAfter"]);
202 + vuln.CodeAbsBefore = Convert.ToString(rdr["codeAbsBefore"]); ;
203 + vuln.CodeAbsAfter = Convert.ToString(rdr["codeAbsAfter"]);
204 + vuln.BlockHash = Convert.ToString(rdr["blockHash"]);
205 + }
206 + Conn.Close();
207 + return vuln;
208 + }
209 + public static int ReturnUserLastId()
210 + {
211 + Conn.Open();
212 + String sql = "select max(userId) from userInfo";
213 + MySqlCommand cmd = new MySqlCommand(sql, Conn);
214 + int last_userId = (Convert.ToInt32(cmd.ExecuteScalar())) + 1;
215 + Conn.Close();
216 + return last_userId;
217 + }
218 +
219 + //public static IEnumerable<string> SearchVulnData(int _len)
220 + //{
221 + //
222 + //}
223 + }
224 +}
...\ No newline at end of file ...\ No newline at end of file
...@@ -2,6 +2,7 @@ ...@@ -2,6 +2,7 @@
2 using LibGit2Sharp; 2 using LibGit2Sharp;
3 using System; 3 using System;
4 using System.Collections.Generic; 4 using System.Collections.Generic;
5 +using System.IO;
5 using System.Linq; 6 using System.Linq;
6 using System.Text; 7 using System.Text;
7 using System.Text.RegularExpressions; 8 using System.Text.RegularExpressions;
...@@ -17,7 +18,6 @@ namespace VulnCrawler ...@@ -17,7 +18,6 @@ namespace VulnCrawler
17 var crawler = new T(); 18 var crawler = new T();
18 crawler.Init(dirPath); 19 crawler.Init(dirPath);
19 var commits = crawler.Commits; 20 var commits = crawler.Commits;
20 - Console.WriteLine(commits.Count());
21 foreach (var commit in commits) { 21 foreach (var commit in commits) {
22 // 커밋 메시지 22 // 커밋 메시지
23 string message = commit.Message; 23 string message = commit.Message;
...@@ -31,16 +31,19 @@ namespace VulnCrawler ...@@ -31,16 +31,19 @@ namespace VulnCrawler
31 // 패치 엔트리 파일 배열 중에 파일 확장자가 .py인 것만 가져옴 31 // 패치 엔트리 파일 배열 중에 파일 확장자가 .py인 것만 가져옴
32 // (실질적인 코드 변경 커밋만 보기 위해서) 32 // (실질적인 코드 변경 커밋만 보기 위해서)
33 var entrys = crawler.GetPatchEntryChanges(patch); 33 var entrys = crawler.GetPatchEntryChanges(patch);
34 +
35 + var dsp = dirPath.Split(Path.DirectorySeparatorChar);
36 + string repoName = dsp[dsp.Length - 1];
34 // 현재 커밋에 대한 패치 엔트리 배열을 출력함 37 // 현재 커밋에 대한 패치 엔트리 배열을 출력함
35 - PrintPatchEntrys(entrys, crawler, message, cve); 38 + PrintPatchEntrys(entrys, crawler, message, cve, repoName);
36 } 39 }
37 - Console.ReadLine(); 40 + // Console.ReadLine();
38 41
39 } 42 }
40 } 43 }
41 44
42 45
43 - private static void PrintPatchEntrys(IEnumerable<PatchEntryChanges> entrys, VulnAbstractCrawler self, string commitMsg, string cve) { 46 + private static void PrintPatchEntrys(IEnumerable<PatchEntryChanges> entrys, VulnAbstractCrawler self, string commitMsg, string cve, string repoName) {
44 foreach (var entry in entrys) { 47 foreach (var entry in entrys) {
45 // 기존 소스코드 48 // 기존 소스코드
46 var oldOid = entry.OldOid; 49 var oldOid = entry.OldOid;
...@@ -60,6 +63,11 @@ namespace VulnCrawler ...@@ -60,6 +63,11 @@ namespace VulnCrawler
60 // 출력 63 // 출력
61 if (regs.Count > 0) 64 if (regs.Count > 0)
62 { 65 {
66 + int deleted = entry.LinesDeleted;
67 + if (deleted == 0)
68 + {
69 + continue;
70 + }
63 Console.BackgroundColor = ConsoleColor.DarkBlue; 71 Console.BackgroundColor = ConsoleColor.DarkBlue;
64 Console.WriteLine($"Old Content: \n{oldContent}"); 72 Console.WriteLine($"Old Content: \n{oldContent}");
65 Console.ResetColor(); 73 Console.ResetColor();
...@@ -89,19 +97,12 @@ namespace VulnCrawler ...@@ -89,19 +97,12 @@ namespace VulnCrawler
89 var table = self.ExtractGitCriticalMethodTable(entry.Patch); 97 var table = self.ExtractGitCriticalMethodTable(entry.Patch);
90 foreach (var tuple in self.Process(oldBlob, table)) 98 foreach (var tuple in self.Process(oldBlob, table))
91 { 99 {
92 - (var methodName, var blocks) = tuple; 100 + (var methodName, var oriFunc, var blocks) = tuple;
93 Console.BackgroundColor = ConsoleColor.DarkRed; 101 Console.BackgroundColor = ConsoleColor.DarkRed;
94 Console.WriteLine($"메서드 이름 : {methodName}"); 102 Console.WriteLine($"메서드 이름 : {methodName}");
95 Console.ResetColor(); 103 Console.ResetColor();
96 - //Console.ForegroundColor = ConsoleColor.Blue;
97 - //foreach (var c in )
98 - //{
99 - // Console.WriteLine(c);
100 - //}
101 - //Console.ResetColor();
102 foreach (var block in blocks) 104 foreach (var block in blocks)
103 { 105 {
104 -
105 if (block.HasCritical) 106 if (block.HasCritical)
106 { 107 {
107 Console.BackgroundColor = ConsoleColor.DarkMagenta; 108 Console.BackgroundColor = ConsoleColor.DarkMagenta;
...@@ -115,6 +116,37 @@ namespace VulnCrawler ...@@ -115,6 +116,37 @@ namespace VulnCrawler
115 Console.ResetColor(); 116 Console.ResetColor();
116 Console.WriteLine($"AbsCode = \n{block.AbsCode}"); 117 Console.WriteLine($"AbsCode = \n{block.AbsCode}");
117 Console.WriteLine($"MD5 = {block.Hash}"); 118 Console.WriteLine($"MD5 = {block.Hash}");
119 +
120 + if (!block.HasCritical)
121 + {
122 + // Console.WriteLine("크리티컬 아님");
123 + continue;
124 + }
125 +
126 + byte[] funcNameBytes = Encoding.Unicode.GetBytes(methodName);
127 + byte[] codeOriBeforeBytes = Encoding.Unicode.GetBytes(oriFunc);
128 + byte[] codeAbsBeforeBytes = Encoding.Unicode.GetBytes(block.AbsCode);
129 +
130 + VulnRDS.Vuln vuln = new VulnRDS.Vuln()
131 + {
132 + Cve = cve,
133 + Language = "C",
134 + BlockHash = block.Hash,
135 + LenBlock = block.Code.Length,
136 + FuncName = Convert.ToBase64String(funcNameBytes),
137 + RepositName = repoName,
138 + CodeOriBefore = Convert.ToBase64String(codeOriBeforeBytes),
139 + CodeAbsBefore = Convert.ToBase64String(codeAbsBeforeBytes),
140 + BlockNum = block.Num,
141 +
142 + };
143 + // Console.WriteLine("추가중...");
144 + VulnRDS.InsertVulnData(vuln);
145 +
146 + // Console.WriteLine($"추가: {vuln.Cve}, {vuln.FuncName}, {vuln.RepositName}");
147 + // Console.ReadLine();
148 +
149 +
118 } 150 }
119 151
120 } 152 }
...@@ -145,18 +177,18 @@ namespace VulnCrawler ...@@ -145,18 +177,18 @@ namespace VulnCrawler
145 177
146 //foreach (var reg in regs) 178 //foreach (var reg in regs)
147 //{ 179 //{
148 - 180 +
149 // var match = reg as Match; 181 // var match = reg as Match;
150 // string methodName = match.Groups[VulnAbstractCrawler.MethodName].Value.Trim(); 182 // string methodName = match.Groups[VulnAbstractCrawler.MethodName].Value.Trim();
151 // string originalFunc, md5; 183 // string originalFunc, md5;
152 // (originalFunc, md5) = self.Process(oldBlob.GetContentStream(), 184 // (originalFunc, md5) = self.Process(oldBlob.GetContentStream(),
153 // methodName); 185 // methodName);
154 186
155 - 187 +
156 188
157 // #region 현재 패치 엔트리 정보 출력(추가된 줄 수, 삭제된 줄 수, 패치 이전 경로, 패치 후 경로) 189 // #region 현재 패치 엔트리 정보 출력(추가된 줄 수, 삭제된 줄 수, 패치 이전 경로, 패치 후 경로)
158 190
159 - 191 +
160 // // 패치 전 원본 함수 192 // // 패치 전 원본 함수
161 // Console.WriteLine($"Original Func: {originalFunc}"); 193 // Console.WriteLine($"Original Func: {originalFunc}");
162 // // 해쉬 후 194 // // 해쉬 후
......