Toggle navigation
Toggle navigation
This project
Loading...
Sign in
노현종
/
2018-1-Capstone1-VulnNotti
Go to a project
Toggle navigation
Toggle navigation pinning
Projects
Groups
Snippets
Help
Project
Activity
Repository
Pipelines
Graphs
Issues
0
Merge Requests
0
Snippets
Network
Create a new issue
Builds
Commits
Issue Boards
Authored by
노현종
2018-05-18 21:43:44 +0900
Browse Files
Options
Browse Files
Download
Email Patches
Plain Diff
Commit
2d2dac4eb3338a067427d5a5887c0e021bc5c85d
2d2dac4e
1 parent
495b3222
C언어 패치 전 함수 크롤링(OpenSSL 테스트)
Show whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
98 additions
and
23 deletions
Vulnerablity_DB/VulnCrawler/VulnAbstractCrawler.cs
Vulnerablity_DB/VulnCrawler/VulnC.cs
Vulnerablity_DB/VulnCrawler/VulnWorker.cs
Vulnerablity_DB/VulnCrawler/VulnAbstractCrawler.cs
View file @
2d2dac4
...
...
@@ -125,7 +125,7 @@ namespace VulnCrawler
// 패치 전 원본 함수 구하고
string
func
=
GetOriginalFunc
(
oldStream
,
methodName
);
// 주석 제거하고
func
=
RemoveComment
(
func
);
//
func = RemoveComment(func);
// 해쉬하고
string
md5
=
MD5HashFunc
(
func
);
return
(
func
,
md5
);
...
...
Vulnerablity_DB/VulnCrawler/VulnC.cs
View file @
2d2dac4
...
...
@@ -33,46 +33,120 @@ namespace VulnCrawler
protected
override
string
GetOriginalFunc
(
Stream
oldStream
,
string
methodName
)
{
StringBuilder
oldBuilder
=
new
StringBuilder
();
methodName
=
Regex
.
Escape
(
methodName
);
using
(
var
reader
=
new
StreamReader
(
oldStream
))
{
Console
.
WriteLine
(
methodName
);
bool
found
=
false
;
bool
found2
=
false
;
bool
commentLine
=
false
;
int
bracketCount
=
-
1
;
string
stringPattern
=
@"[""].*[""]"
;
string
commentPattern
=
@"\/\*.+\*\/"
;
string
commentPattern2
=
@"\/\*"
;
string
commentPattern3
=
@"\*\/"
;
while
(!
reader
.
EndOfStream
)
{
string
line
=
reader
.
ReadLine
();
// 메서드를 찾은 경우
if
(
found
)
{
Console
.
WriteLine
(
"찾았었음"
);
string
trim
=
line
.
Trim
();
if
(
commentLine
)
{
if
(
Regex
.
IsMatch
(
trim
,
commentPattern3
))
{
commentLine
=
false
;
trim
=
Regex
.
Split
(
trim
,
commentPattern3
)[
1
];
}
}
int
openBracketCount
=
line
.
Count
(
c
=>
c
==
'{'
);
int
closeBracketCount
=
line
.
Count
(
c
=>
c
==
'}'
);
if
(
string
.
IsNullOrWhiteSpace
(
trim
))
{
continue
;
}
string
removeString
=
Regex
.
Replace
(
trim
,
stringPattern
,
""
);
if
(
bracketCount
==
-
1
)
// /* ~ 패턴
if
(
Regex
.
IsMatch
(
trim
,
commentPattern2
))
{
trim
=
Regex
.
Split
(
trim
,
"/*"
)[
0
];
// /* ~ */ 패턴이 아닌 경우
if
(!
Regex
.
IsMatch
(
trim
,
commentPattern
))
{
commentLine
=
true
;
}
}
int
openBracketCount
=
removeString
.
Count
(
c
=>
c
==
'{'
);
int
closeBracketCount
=
removeString
.
Count
(
c
=>
c
==
'}'
);
int
subtract
=
openBracketCount
-
closeBracketCount
;
bracketCount
+=
subtract
;
// 메서드 시작 괄호 찾은 경우
if
(
found2
)
{
// 괄호가 모두 닫혔으니 종료
if
(
bracketCount
<
0
)
{
Console
.
WriteLine
(
"괄호끝"
);
break
;
}
oldBuilder
.
AppendLine
(
line
);
}
else
{
if
(
openBracketCount
>
0
)
{
found2
=
true
;
}
}
if
(
line
.
Count
(
c
=>
c
==
'{'
)
>
0
)
}
else
{
if
(
Regex
.
Match
(
line
,
$
"{methodName}"
).
Success
)
{
string
trim
=
line
.
Trim
();
if
(
trim
.
StartsWith
(
"//"
))
{
continue
;
}
if
(
trim
.
StartsWith
(
"/*"
))
{
continue
;
}
if
(
Regex
.
Match
(
line
,
$
@"{methodName}"
).
Success
)
{
found
=
true
;
int
openBracketCount
=
line
.
Count
(
c
=>
c
==
'{'
);
int
closeBracketCount
=
line
.
Count
(
c
=>
c
==
'}'
);
int
subtract
=
openBracketCount
-
closeBracketCount
;
oldBuilder
.
AppendLine
(
line
);
if
(
Regex
.
Match
(
trim
,
$
@"""[\s]*({methodName})"
).
Success
)
{
continue
;
}
if
(
subtract
<
0
)
if
(
Regex
.
Match
(
trim
,
$
@"{methodName}\s*"
+
@"\{"
).
Success
)
{
if
(
trim
.
EndsWith
(
"}"
))
{
break
;
}
bracketCount
=
subtract
;
found2
=
true
;
}
// 메서드 찾음
found
=
true
;
oldBuilder
.
AppendLine
(
line
);
}
}
}
}
Console
.
WriteLine
(
"찾음"
);
Console
.
WriteLine
(
oldBuilder
.
ToString
());
Console
.
ReadLine
();
return
oldBuilder
.
ToString
();
}
}
...
...
Vulnerablity_DB/VulnCrawler/VulnWorker.cs
View file @
2d2dac4
...
...
@@ -61,13 +61,13 @@ namespace VulnCrawler
// 출력
if
(
regs
.
Count
>
0
)
{
//
Console.BackgroundColor = ConsoleColor.DarkBlue;
//
Console.WriteLine($"Old Content: \n{oldContent}");
//
Console.ResetColor();
Console
.
BackgroundColor
=
ConsoleColor
.
DarkBlue
;
Console
.
WriteLine
(
$
"Old Content: \n{oldContent}"
);
Console
.
ResetColor
();
//
Console.BackgroundColor = ConsoleColor.DarkMagenta;
//
Console.WriteLine($"New Content: \n{newContent}");
//
Console.ResetColor();
//Console.BackgroundColor = ConsoleColor.DarkMagenta;
//Console.WriteLine($"New Content: \n{newContent}");
//Console.ResetColor();
Console
.
ForegroundColor
=
ConsoleColor
.
Blue
;
Console
.
WriteLine
(
$
"status: {entry.Status.ToString()}"
);
...
...
@@ -111,12 +111,11 @@ namespace VulnCrawler
Console
.
WriteLine
(
"methodName = "
+
methodName
);
string
originalFunc
,
md5
;
(
originalFunc
,
md5
)
=
self
.
Process
(
oldBlob
.
GetContentStream
(),
m
atch
.
Groups
[
VulnAbstractCrawler
.
MethodName
].
Valu
e
);
m
ethodNam
e
);
#
region
현재
패치
엔트리
정보
출력
(
추가된
줄
수
,
삭제된
줄
수
,
패치
이전
경로
,
패치
후
경로
)
// 패치 전 원본 함수
Console
.
WriteLine
(
$
"Original Func: {originalFunc}"
);
// 해쉬 후
...
...
@@ -131,8 +130,10 @@ namespace VulnCrawler
}
}
catch
(
Exception
)
catch
(
Exception
e
)
{
Console
.
WriteLine
(
e
.
ToString
());
Console
.
ReadLine
();
continue
;
}
...
...
Please
register
or
login
to post a comment
