노현종

유저 코드 분석 DB 매칭 수정

......@@ -40,6 +40,18 @@ namespace VulnCrawler
public string Code { get; set; } = "NULL"; /* 취약점 소스 코드 */
public string BlockHash { get; set; } = "NULL";/* 취약점 블록 해시 값 */
public string Url { get; set; } = "NULL"; /* 취약점 URL */
public override bool Equals(object obj)
{
var vuln = obj as _Vuln;
return vuln != null &&
BlockHash == vuln.BlockHash;
}
public override int GetHashCode()
{
return 802558182 + EqualityComparer<string>.Default.GetHashCode(BlockHash);
}
}
//connect
public static void Connect(AWS.Account account, string dbName)
......@@ -105,7 +117,6 @@ namespace VulnCrawler
{
String sql = string.Empty;
MySqlCommand cmd = null;
// vulnId setting (마지막 vulnId +1)
int last_vulnId = 1;
try
......@@ -124,10 +135,12 @@ namespace VulnCrawler
//DB insert
try
{
cmd = new MySqlCommand();
cmd.Connection = Conn;
cmd = new MySqlCommand
{
Connection = Conn,
//db에 추가
cmd.CommandText = "INSERT INTO vuln_Info(vulnId, cve, funcName, lenFunc, code, blockHash, url) VALUES(@vulnId, @cve, @funcName, @lenFunc, @code, @blockHash, @url)";
CommandText = "INSERT INTO vuln_Info(vulnId, cve, funcName, lenFunc, code, blockHash, url) VALUES(@vulnId, @cve, @funcName, @lenFunc, @code, @blockHash, @url)"
};
cmd.Parameters.AddWithValue("@vulnId", last_vulnId);
cmd.Parameters.AddWithValue("@cve", $"{vuln.Cve}");
cmd.Parameters.AddWithValue("@funcName", $"{vuln.FuncName}");
......
......@@ -60,25 +60,19 @@ namespace VulnUserCodeAnalyzer
Console.WriteLine("연결 실패");
return;
}
var hashDict = new Dictionary<int, HashSet<VulnAbstractCrawler.UserBlock>>();
Stopwatch stopwatch = new Stopwatch();
stopwatch.Start();
DirectoryInfo dirInfo = new DirectoryInfo(@"c:\code");
var codeFiles = dirInfo.EnumerateFiles("*.c", SearchOption.AllDirectories);
int totalFileCount = codeFiles.Count();
int count = 0;
foreach (var codeFile in codeFiles)
{
Console.WriteLine(codeFile.FullName);
using (var reader = codeFile.OpenText())
{
var dict = crawler.CrawlUserCode(reader);
foreach (var item in dict)
{
if (!hashDict.ContainsKey(item.Key))
......@@ -92,31 +86,38 @@ namespace VulnUserCodeAnalyzer
filter.Add(hash.Hash);
}
}
count++;
double per = ((double)count / (double)totalFileCount) * 100;
Console.Clear();
Console.WriteLine($"{count} / {totalFileCount} :: {per.ToString("#0.0")}%, 개체 수 : {hashDict.Count}");
if (count > 100)
{
break;
}
}
}
var findBlocks = new Queue<VulnAbstractCrawler.UserBlock>();
var vulnDict = new Dictionary<string, IEnumerable<VulnRDS._Vuln>>();
foreach (var set in hashDict)
{
Console.WriteLine($"-----key:{set.Key}");
var vulnList = VulnRDS.SelectVulnbyLen(set.Key);
foreach (var vuln in vulnList)
var cveList = VulnRDS.SelectVulnbyLen(set.Key).Select(v => v.Cve).Distinct();
foreach (var cve in cveList)
{
if (!vulnDict.ContainsKey(cve))
{
vulnDict[cve] = new HashSet<VulnRDS._Vuln>();
// SQL CVE 목록 가져와야 함
// 가져와서 각 CVE 마다 vulnDict에 추가
}
}
}
foreach (var vulnSet in vulnDict)
{
Console.WriteLine($"-----cve:{vulnSet.Key}");
bool match = false;
foreach (var vuln in vulnSet.Value)
{
// Console.WriteLine(vuln.BlockHash);
if (filter.Contains(vuln.BlockHash))
{
Console.WriteLine($"필터 확인 : {vuln.BlockHash}");
......@@ -129,16 +130,20 @@ namespace VulnUserCodeAnalyzer
continue;
}
Console.WriteLine($"CVE:{vuln.Cve}, {userBlock.FuncName}, 블록 확인 : DB : {vuln.BlockHash}, User : {userBlock.Hash}");
match = true;
findBlocks.Enqueue(userBlock);
}
}
else
{
match = false;
break;
}
}
if (match)
{
Console.WriteLine($"CVE 찾음 {vulnSet.Key}");
}
//foreach (var hash in set.Value)
//{
// Console.WriteLine($"{hash.FuncName}, {hash.Hash}, {hash.Len}, {hash.Path}");
//}
}
stopwatch.Stop();
......