Toggle navigation
Toggle navigation
This project
Loading...
Sign in
노현종
/
2018-1-Capstone1-VulnNotti
Go to a project
Toggle navigation
Toggle navigation pinning
Projects
Groups
Snippets
Help
Project
Activity
Repository
Pipelines
Graphs
Issues
0
Merge Requests
0
Snippets
Network
Create a new issue
Builds
Commits
Issue Boards
Authored by
노현종
2018-05-17 19:52:02 +0900
Browse Files
Options
Browse Files
Download
Email Patches
Plain Diff
Commit
eca01dcf50ff520fbd6b46e27d003ca0b2926cdd
eca01dcf
1 parent
5e7bb17e
크리티컬 변수 보완
Show whitespace changes
Inline
Side-by-side
Showing
4 changed files
with
24 additions
and
15 deletions
Vulnerablity_DB/VulnCrawler/Program.cs
Vulnerablity_DB/VulnCrawler/VulnAbstractCrawler.cs
Vulnerablity_DB/VulnCrawler/VulnPython.cs
Vulnerablity_DB/VulnCrawler/VulnWorker.cs
Vulnerablity_DB/VulnCrawler/Program.cs
View file @
eca01dc
...
...
@@ -69,12 +69,12 @@ namespace VulnCrawler
// var fields = VulnWorker.GetCriticalVariant(@"return _is_safe_url(url, host) and _is_safe_url(url.replace('\\', '/'), host)");
var
c
=
new
VulnC
();
var
fields
=
c
.
GetCriticalVariant
(
@"cs64_chunk.chunkSize64 = 12345678;
"
);
var
fields
=
c
.
ExtractCriticalVariant
(
@"!DoReadFile (infile, &ds64_chunk, sizeof (DS64Chunk), &bcount) ||/* aaaa */
"
);
foreach
(
var
item
in
fields
)
{
Console
.
WriteLine
(
item
);
}
return
;
//
return;
var
directorys
=
Directory
.
GetDirectories
(
@"c:\VulnPy"
);
if
(
directorys
.
Length
==
0
)
{
Console
.
WriteLine
(
"Repository 목록 찾기 실패"
);
...
...
Vulnerablity_DB/VulnCrawler/VulnAbstractCrawler.cs
View file @
eca01dc
...
...
@@ -168,24 +168,33 @@ namespace VulnCrawler
/// </summary>
/// <param name="line">현재 코드줄</param>
/// <returns></returns>
public
IEnumerable
<
string
>
Ge
tCriticalVariant
(
string
line
)
public
IEnumerable
<
string
>
Extrac
tCriticalVariant
(
string
line
)
{
line
=
line
.
Trim
();
if
(
string
.
IsNullOrWhiteSpace
(
line
))
{
yield
break
;
}
if
(
line
.
StartsWith
(
"//"
))
{
yield
break
;
}
string
declarePattern
=
@"(?<Declare>[a-zA-Z0-9_\.]+) [a-zA-Z0-9_\.]+ ="
;
// 메서드 정규식 패턴
string
methodPattern
=
@"(
\w
+)\s*\("
;
string
methodPattern
=
@"(
[a-zA-Z0-9_\.]
+)\s*\("
;
// 변수 정규식 패턴
string
fieldPattern
=
@"^*?[a-zA-Z0-9_\.]+"
;
string
fieldPattern
=
@"^*?[a-zA-Z0-9_\.
\[\]
]+"
;
string
invalidPattern
=
@"^[\d\.]+"
;
string
commentPattern
=
@"("".*"")"
;
string
commentPattern
=
@"[""].*[""]"
;
string
commentPattern2
=
@"\/\/.*"
;
string
commentPattern3
=
@"\/\*.+\*\/"
;
line
=
Regex
.
Replace
(
line
,
commentPattern
,
""
);
line
=
Regex
.
Replace
(
line
,
commentPattern2
,
""
);
line
=
Regex
.
Replace
(
line
,
commentPattern3
,
""
);
// 메서드 목록
var
methodSets
=
new
HashSet
<
string
>();
...
...
@@ -208,7 +217,7 @@ namespace VulnCrawler
if
(
method
.
Success
)
{
Console
.
WriteLine
(
method
.
Groups
[
1
].
Value
);
methodSets
.
Add
(
method
.
Groups
[
1
].
Value
);
methodSets
.
Add
(
method
.
Groups
[
1
].
Value
);
// aaaa
}
}
Console
.
WriteLine
(
"----"
);
...
...
Vulnerablity_DB/VulnCrawler/VulnPython.cs
View file @
eca01dc
...
...
@@ -21,7 +21,7 @@ namespace VulnCrawler
protected
override
string
RegexFuncPattern
=>
$
@"@@ \-(?<{OldStart}>\d+),(?<{OldLines}>\d+) \+(?<{NewStart}>\d+),(?<{NewLines}>\d+) @@ def (?<{MethodName}>\w+)"
;
protected
override
string
ReservedFileName
=>
throw
new
NotImplementedException
()
;
protected
override
string
ReservedFileName
=>
"PyReserved.txt"
;
// protected override Regex MethodExtractor => new Regex(RegexFuncPattern);
...
...
Vulnerablity_DB/VulnCrawler/VulnWorker.cs
View file @
eca01dc
...
...
@@ -14,24 +14,24 @@ namespace VulnCrawler
{
// 템플릿 메서드 패턴
public
static
void
Run
<
T
>(
string
dirPath
)
where
T
:
VulnAbstractCrawler
,
new
()
{
var
self
=
new
T
();
self
.
Init
(
dirPath
);
var
commits
=
self
.
Commits
;
var
crawler
=
new
T
();
crawler
.
Init
(
dirPath
);
var
commits
=
crawler
.
Commits
;
foreach
(
var
commit
in
commits
)
{
// 커밋 메시지
string
message
=
commit
.
Message
;
string
cve
=
self
.
GetCVE
(
message
);
string
cve
=
crawler
.
GetCVE
(
message
);
if
(
string
.
IsNullOrEmpty
(
cve
))
{
continue
;
}
foreach
(
var
parent
in
commit
.
Parents
)
{
// 부모 커밋과 현재 커밋을 Compare 하여 패치 내역을 가져옴
var
patch
=
self
.
Repository
.
Diff
.
Compare
<
Patch
>(
parent
.
Tree
,
commit
.
Tree
);
var
patch
=
crawler
.
Repository
.
Diff
.
Compare
<
Patch
>(
parent
.
Tree
,
commit
.
Tree
);
// 패치 엔트리 파일 배열 중에 파일 확장자가 .py인 것만 가져옴
// (실질적인 코드 변경 커밋만 보기 위해서)
var
entrys
=
self
.
GetPatchEntryChanges
(
patch
);
var
entrys
=
crawler
.
GetPatchEntryChanges
(
patch
);
// 현재 커밋에 대한 패치 엔트리 배열을 출력함
PrintPatchEntrys
(
entrys
,
self
,
message
,
cve
);
PrintPatchEntrys
(
entrys
,
crawler
,
message
,
cve
);
}
}
}
...
...
Please
register
or
login
to post a comment