노현종 / 2018-1-Capstone1-VulnNotti

Go to a project
Toggle navigation Toggle navigation pinning
이지윤
fd24e2e7 1 parent 44e77a7e

db insert 수정

Inline Side-by-side
Showing 2 changed files with 51 additions and 57 deletions
......@@ -16,29 +16,20 @@ namespace VulnCrawler
{
public int VulnId { get; set; } = -1; /* 취약점 ID */
public int LenBlock { get; set; } = -1; /* 취약점 BLOCK 길이 */
public string RepositName { get; set; } = "NULL"; /* 취약점 레파지토리 이름 */
public string Cve { get; set; } = "NULL"; /* 취약점 CVE */
public string FuncName { get; set; } = "NULL"; /* 취약점 함수 이름 */
public string Language { get; set; } = "NULL"; /* 취약점 언어 종류 */
public int NumBlock { get; set; } = -1; /* 블록 번호 */
public string CodeOriBefore { get; set; } = "NULL"; /* 취약점 패치 전 원본 코드 */
public string CodeOriAfter { get; set; } = "NULL"; /* 취약점 패치 후 원본 코드 */
public string CodeAbsBefore { get; set; } = "NULL"; /* 취약점 패치 전 추상화 코드 */
public string CodeAbsAfter { get; set; } = "NULL"; /* 취약점 패치 후 추상화 코드 */
public string BlockHash { get; set; } = "NULL";/* 취약점 블록 해시 값 */
public int BlockNum { get; set; } = -1; /* 블록 번호 */
public string BlockHash { get; set; } = "NULL";/* 취약점 블록 해시 값 */
}
public class User
{
public int UserId { get; set; } /* 유저 ID */
public string RepositName { get; set; } /* 유저 레파지토리 이름 */
public string Cve { get; set; } /* 취약점 CVE */
public string CodeOriBefore { get; set; } /* 취약점 패치 전 원본 코드 */
public string CodeOriAfter { get; set; } /* 취약점 패치 후 원본 코드 */
public string FuncName { get; set; } /* 취약점 함수 이름 */
public string DetectDate { get; set; } /* 검사 날짜 */
public int UserId { get; set; } = -1;/* 유저 ID */
public string RepositName { get; set; } = "NULL"; /* 유저 레파지토리 이름 */
public string VulnId { get; set; } = "NULL"; /* 취약점 vuln ID */
}
//connect
public static void Connect(AWS.Account account, string dbName)
......@@ -60,22 +51,20 @@ namespace VulnCrawler
}
public static void InsertVulnData(Vuln vuln)
{
// Conn.Open();
//DB에 취약점 데이터가 이미 있는지 검사
String sql = string.Empty;
//String sql = "select count(*) from vulnInfo where cve like '" + vuln.Cve + "'";
//MySqlCommand cmd = new MySqlCommand(sql, Conn);
//int RecordCount = Convert.ToInt32(cmd.ExecuteScalar());
////CVE 중복인 경우
//if (RecordCount > 0)
//{
// Console.WriteLine("이미 cve가 존재함");
//}
//CVE 중복이 아닌 경우
//else
//{
//DB에 취약점 데이터가 이미 있는지 검사
/*
sql = "select count(*) from vulnInfo where cve like '" + vuln.Cve + "' and numBlock like '" +vuln.NumBlock + "'" ;
MySqlCommand cmd = new MySqlCommand(sql, Conn);
int RecordCount = Convert.ToInt32(cmd.ExecuteScalar());
//CVE & block num 중복인 경우
if (RecordCount > 0)
{
//추가하지 않음
return;
}
*/
// vulnId setting (마지막 vulnId +1)
MySqlCommand cmd = null;
......@@ -91,20 +80,17 @@ namespace VulnCrawler
{
last_vulnId = 1;
}
Retry:
//DB insert
try
{
sql = "INSERT INTO vulnInfo(vulnId, lenBlock, repositName, cve, funcName, numBlock, codeOriBefore, codeOriAfter, codeAbsBefore, codeAbsAfter, blockHash) " +
$"VALUES({last_vulnId}, {vuln.LenBlock}, '{vuln.RepositName}', '{vuln.Cve}', '{vuln.FuncName}', {vuln.BlockNum}, '{vuln.CodeOriBefore}', '{vuln.CodeOriAfter}', '{vuln.CodeAbsBefore}', '{vuln.CodeAbsAfter}', '{vuln.BlockHash}')";
//sql = "INSERT INTO vulnInfo (vulnId, lenBlock, repositName, cve, funcName, codeOriBefore, codeOriAfter, codeAbsBefore, codeAbsAfter, blockHash) " +
// "VALUES(" + last_vulnId + ", " + vuln.LenBlock + ", " + vuln.RepositName + ", " + vuln.Cve + ", " + vuln.FuncName + ", " + vuln.CodeOriBefore + ", " + vuln.CodeOriAfter + ", " + vuln.CodeAbsBefore + ", " + vuln.CodeAbsAfter + ", '" + vuln.BlockHash + "')";
$"VALUES({last_vulnId}, {vuln.LenBlock}, '{vuln.Cve}', '{vuln.FuncName}', {vuln.NumBlock}, '{vuln.CodeOriBefore}', '{vuln.CodeOriAfter}', '{vuln.CodeAbsBefore}', '{vuln.CodeAbsAfter}', '{vuln.BlockHash}')";
Console.WriteLine(sql);
cmd = new MySqlCommand(sql, Conn);
cmd.ExecuteNonQuery();
//Conn.Close();
}
catch (Exception e)
{
......@@ -117,13 +103,16 @@ namespace VulnCrawler
}
Console.ReadLine();
}
// }
}
public static void InsertUserData(User user)
{
Conn.Open();
String sql = string.Empty;
MySqlCommand cmd = null;
/*
//DB에 취약점 데이터가 이미 있는지 검사
String sql = "select count(*) from vulnInfo where cve like '" + user.Cve + "'";
String sql = "select count(*) from vulnInfo where cve like '" + user. + "'";
MySqlCommand cmd = new MySqlCommand(sql, Conn);
int RecordCount = Convert.ToInt32(cmd.ExecuteScalar());
//CVE 중복인 경우
......@@ -131,22 +120,31 @@ namespace VulnCrawler
{
Console.WriteLine("이미 cve가 존재함");
}
//CVE 중복이 아닌 경우
else
*/
// userId setting (마지막 userId +1)
int last_userId = 1;
try
{
sql = "select max(userId) from userInfo";
cmd = new MySqlCommand(sql, Conn);
last_userId = (Convert.ToInt32(cmd.ExecuteScalar())) + 1;
}
catch (Exception)
{
//DB insert
try
{
sql = "INSERT INTO userInfo (userId, repositName, cve,codeOriBefore,codeOriAfter,funcName,detectDate) " +
"VALUES(" + user.UserId + "," + user.RepositName + "," + user.Cve + "," + user.CodeOriBefore + "," + user.CodeOriAfter + "," + user.FuncName + "," + user.DetectDate + ")";
cmd = new MySqlCommand(sql, Conn);
cmd.ExecuteNonQuery();
Conn.Close();
}
catch (Exception e)
{
Console.WriteLine(e.StackTrace);
}
last_userId = 1;
}
//DB insert
try
{
sql = "INSERT INTO userInfo(userId, repositName, vulnInfo) " + $"VALUES({last_userId}, {user.RepositName}, '{user.VulnId}')";
Console.WriteLine(sql);
cmd = new MySqlCommand(sql, Conn);
cmd.ExecuteNonQuery();
}
catch (Exception e)
{
Console.WriteLine(e.StackTrace);
}
}
public static Vuln SearchVulnCve(string _cve)
......@@ -161,10 +159,9 @@ namespace VulnCrawler
{
vuln.VulnId = Convert.ToInt32(rdr["vulnId"]);
vuln.LenBlock = Convert.ToInt32(rdr["lenBlock"]);
vuln.RepositName = Convert.ToString(rdr["repositName"]);
vuln.Cve = Convert.ToString(rdr["cve"]);
vuln.FuncName = Convert.ToString(rdr["funcName"]);
vuln.Language = Convert.ToString(rdr["language"]);
vuln.NumBlock = Convert.ToInt32(rdr["numBlock"]);
vuln.CodeOriBefore = Convert.ToString(rdr["codeOriBefore"]);
vuln.CodeOriAfter = Convert.ToString(rdr["codeOriAfter"]);
vuln.CodeAbsBefore = Convert.ToString(rdr["codeAbsBefore"]); ;
......
......@@ -134,15 +134,12 @@ namespace VulnCrawler
VulnRDS.Vuln vuln = new VulnRDS.Vuln()
{
Cve = cve,
Language = "C",
BlockHash = block.Hash,
LenBlock = block.Code.Length,
FuncName = Convert.ToBase64String(funcNameBytes),
RepositName = repoName,
CodeOriBefore = Convert.ToBase64String(codeOriBeforeBytes),
CodeAbsBefore = Convert.ToBase64String(codeAbsBeforeBytes),
BlockNum = block.Num,
NumBlock = block.Num,
};
Console.WriteLine($"Vuln FuncName:{vuln.FuncName}");
/* VulnDB에 추가 */
......