노현종 / 2018-1-Capstone1-VulnNotti

Go to a project
Toggle navigation Toggle navigation pinning
노현종
7115969c 1 parent c6bd79ae

C언어 Patch 함수명 추출

Inline Side-by-side
Showing 4 changed files with 100 additions and 78 deletions
...@@ -69,13 +69,13 @@ namespace VulnCrawler ...@@ -69,13 +69,13 @@ namespace VulnCrawler
69 69
70 // var fields = VulnWorker.GetCriticalVariant(@"return _is_safe_url(url, host) and _is_safe_url(url.replace('\\', '/'), host)"); 70 // var fields = VulnWorker.GetCriticalVariant(@"return _is_safe_url(url, host) and _is_safe_url(url.replace('\\', '/'), host)");
71 var c = new VulnC(); 71 var c = new VulnC();
72 - var fields = c.ExtractCriticalVariant(@"!DoReadFile (infile, &ds64_chunk, sizeof (DS64Chunk), &bcount) ||/* aaaa */"); 72 + var fields = c.ExtractCriticalVariant(@"if (s->session->peer != s->session->sess_cert->peer_key->x509)");
73 foreach (var item in fields) 73 foreach (var item in fields)
74 { 74 {
75 Console.WriteLine(item); 75 Console.WriteLine(item);
76 } 76 }
77 // return; 77 // return;
78 - var directorys = Directory.GetDirectories(@"c:\VulnPy"); 78 + var directorys = Directory.GetDirectories(@"c:\VulnC");
79 if (directorys.Length == 0) { 79 if (directorys.Length == 0) {
80 Console.WriteLine("Repository 목록 찾기 실패"); 80 Console.WriteLine("Repository 목록 찾기 실패");
81 return; 81 return;
...@@ -83,7 +83,7 @@ namespace VulnCrawler ...@@ -83,7 +83,7 @@ namespace VulnCrawler
83 // Repository 목록 만큼 반복함. 83 // Repository 목록 만큼 반복함.
84 foreach (var directory in directorys) { 84 foreach (var directory in directorys) {
85 // 템플릿 패턴화 T : VulnAbstractCrawler 85 // 템플릿 패턴화 T : VulnAbstractCrawler
86 - VulnWorker.Run<VulnPython>(directory); 86 + VulnWorker.Run<VulnC>(directory);
87 } 87 }
88 } 88 }
89 89
......
...@@ -73,7 +73,9 @@ namespace VulnCrawler ...@@ -73,7 +73,9 @@ namespace VulnCrawler
73 #endregion 73 #endregion
74 74
75 public void Init(string path) { 75 public void Init(string path) {
76 + Console.WriteLine("로딩중");
76 Repository = new Repository(path); 77 Repository = new Repository(path);
78 + Console.WriteLine("로딩 완료");
77 Commits = SearchCommits(); 79 Commits = SearchCommits();
78 } 80 }
79 /// <summary> 81 /// <summary>
...@@ -88,7 +90,7 @@ namespace VulnCrawler ...@@ -88,7 +90,7 @@ namespace VulnCrawler
88 /// <summary> 90 /// <summary>
89 /// 커밋에서 검색할 정규식 문자열 91 /// 커밋에서 검색할 정규식 문자열
90 /// </summary> 92 /// </summary>
91 - public string SearchCommitPattern => @"CVE-20\d\d-\d{4}"; 93 + public string SearchCommitPattern => @"CVE[ -]\d{4}[ -]\d{4}";
92 /// <summary> 94 /// <summary>
93 /// 패치 코드에서 함수 찾을 정규식 패턴 문자열 95 /// 패치 코드에서 함수 찾을 정규식 패턴 문자열
94 /// </summary> 96 /// </summary>
...@@ -142,6 +144,8 @@ namespace VulnCrawler ...@@ -142,6 +144,8 @@ namespace VulnCrawler
142 /// <returns>커밋 목록</returns> 144 /// <returns>커밋 목록</returns>
143 public virtual IEnumerable<Commit> SearchCommits() { 145 public virtual IEnumerable<Commit> SearchCommits() {
144 // where => 조건에 맞는 것을 찾음(CVE-20\d\d-\d{4}로 시작하는 커밋만 골라냄) 146 // where => 조건에 맞는 것을 찾음(CVE-20\d\d-\d{4}로 시작하는 커밋만 골라냄)
147 + Console.WriteLine("출력중");
148 + Console.WriteLine(Repository.Commits.Count());
145 var commits = Repository.Commits 149 var commits = Repository.Commits
146 .Where(c => Regex.Match(c.Message, SearchCommitPattern, RegexOptions.IgnoreCase).Success) 150 .Where(c => Regex.Match(c.Message, SearchCommitPattern, RegexOptions.IgnoreCase).Success)
147 .ToList(); 151 .ToList();
...@@ -183,7 +187,7 @@ namespace VulnCrawler ...@@ -183,7 +187,7 @@ namespace VulnCrawler
183 // 메서드 정규식 패턴 187 // 메서드 정규식 패턴
184 string methodPattern = @"([a-zA-Z0-9_\.]+)\s*\("; 188 string methodPattern = @"([a-zA-Z0-9_\.]+)\s*\(";
185 // 변수 정규식 패턴 189 // 변수 정규식 패턴
186 - string fieldPattern = @"^*?[a-zA-Z0-9_\.\[\]]+"; 190 + string fieldPattern = @"^*?[a-zA-Z0-9_\.\[\]\-\>]+";
187 191
188 string invalidPattern = @"^[\d\.]+"; 192 string invalidPattern = @"^[\d\.]+";
189 193
......
...@@ -10,7 +10,7 @@ namespace VulnCrawler ...@@ -10,7 +10,7 @@ namespace VulnCrawler
10 { 10 {
11 public class VulnC : VulnAbstractCrawler 11 public class VulnC : VulnAbstractCrawler
12 { 12 {
13 - protected override string RegexFuncPattern => $@"@@ \-(?<{OldStart}>\d+),(?<{OldLines}>\d+) \+(?<{NewStart}>\d+),(?<{NewLines}>\d+) @@ (?<{MethodName}>(static)? [\w]+ [\w]+)\([\w \*\,\t\n]*\)"; 13 + protected override string RegexFuncPattern => $@"@@ \-(?<{OldStart}>\d+),(?<{OldLines}>\d+) \+(?<{NewStart}>\d+),(?<{NewLines}>\d+) @@ (?<{MethodName}>(static)?( const )? [\w]+ [\w]+\([\w \*\,\t\n]*[\)\,])";
14 protected override string Extension => ".c"; 14 protected override string Extension => ".c";
15 protected override string ReservedFileName => "CReserved.txt"; 15 protected override string ReservedFileName => "CReserved.txt";
16 public override MatchCollection GetMatches(string patchCode) { 16 public override MatchCollection GetMatches(string patchCode) {
......
...@@ -17,6 +17,7 @@ namespace VulnCrawler ...@@ -17,6 +17,7 @@ namespace VulnCrawler
17 var crawler = new T(); 17 var crawler = new T();
18 crawler.Init(dirPath); 18 crawler.Init(dirPath);
19 var commits = crawler.Commits; 19 var commits = crawler.Commits;
20 + Console.WriteLine(commits.Count());
20 foreach (var commit in commits) { 21 foreach (var commit in commits) {
21 // 커밋 메시지 22 // 커밋 메시지
22 string message = commit.Message; 23 string message = commit.Message;
...@@ -42,82 +43,99 @@ namespace VulnCrawler ...@@ -42,82 +43,99 @@ namespace VulnCrawler
42 foreach (var entry in entrys) { 43 foreach (var entry in entrys) {
43 // 기존 소스코드 44 // 기존 소스코드
44 var oldOid = entry.OldOid; 45 var oldOid = entry.OldOid;
45 - Blob oldBlob = self.Repository.Lookup<Blob>(oldOid);
46 - string oldContent = oldBlob.GetContentText();
47 -
48 - // 변경된 소스코드
49 - var newOid = entry.Oid;
50 - Blob newBlob = self.Repository.Lookup<Blob>(newOid);
51 - string newContent = newBlob.GetContentText();
52 -
53 - var regs = self.GetMatches(entry.Patch);
54 -
55 - #region 패치 코드 출력
56 - // 패치 전 코드 (oldContent)
57 - // 패치 후 코드 (newContent)
58 - // 패치 코드 (entry.Patch)
59 - // 출력
60 - //if (regs.Count > 0) {
61 - // Console.BackgroundColor = ConsoleColor.DarkBlue;
62 - // Console.WriteLine($"Old Content: \n{oldContent}");
63 - // Console.ResetColor();
64 -
65 - // Console.BackgroundColor = ConsoleColor.DarkMagenta;
66 - // Console.WriteLine($"New Content: \n{newContent}");
67 - // Console.ResetColor();
68 - // Console.BackgroundColor = ConsoleColor.DarkRed;
69 - // Console.WriteLine($"Patched: \n{entry.Patch}");
70 -
71 - // Console.ResetColor();
72 - // Console.WriteLine("-----------");
73 - // Console.WriteLine(regs.Count);
74 -
75 - //}
76 -
77 - // 패치 코드에서 매칭된 파이썬 함수들로부터
78 - // 패치 전 코드 파일(oldBlob)을 탐색하여 원본 파이썬 함수 가져오고(originalFunc)
79 - //
80 -#endregion
81 -
82 - foreach (var reg in regs) {
83 - var match = reg as Match;
84 - string methodName = match.Groups[VulnAbstractCrawler.MethodName].Value;
85 -
86 - string originalFunc, md5;
87 -
88 - (originalFunc, md5) = self.Process(oldBlob.GetContentStream(),
89 - match.Groups[VulnAbstractCrawler.MethodName].Value);
90 -
91 - #region 현재 패치 엔트리 정보 출력(추가된 , 삭제된 , 패치 이전 경로, 패치 경로)
92 - Console.ForegroundColor = ConsoleColor.Blue;
93 - Console.WriteLine($"status: {entry.Status.ToString()}");
94 - Console.WriteLine($"added: {entry.LinesAdded.ToString()}, deleted: {entry.LinesDeleted.ToString()}");
95 - Console.WriteLine($"old path: {entry.OldPath.ToString()}, new path: {entry.Path.ToString()}");
96 - Console.ResetColor();
97 -
98 -
99 - Console.Write($"CVE: ");
100 - Console.ForegroundColor = ConsoleColor.Red;
101 - Console.Write($"{cve}");
102 - Console.WriteLine("");
103 - Console.ResetColor();
104 - Console.ForegroundColor = ConsoleColor.Yellow;
105 - Console.WriteLine($"Commit Message: {commitMsg}");
106 - Console.ResetColor();
107 -
108 - // 패치 전 원본 함수
109 - Console.WriteLine($"Original Func: {originalFunc}");
110 - // 해쉬 후
111 - Console.WriteLine($"Original Func MD5: {md5}");
112 - Console.BackgroundColor = ConsoleColor.DarkRed;
113 - Console.WriteLine($"Patched: \n{entry.Patch}");
114 -
115 - Console.ResetColor();
116 - Console.WriteLine("==============================");
117 46
47 + try
48 + {
49 + Blob oldBlob = self.Repository.Lookup<Blob>(oldOid);
50 + string oldContent = oldBlob.GetContentText();
51 +
52 + // 변경된 소스코드
53 + var newOid = entry.Oid;
54 + Blob newBlob = self.Repository.Lookup<Blob>(newOid);
55 + string newContent = newBlob.GetContentText();
56 + var regs = self.GetMatches(entry.Patch);
57 + #region 패치 코드 출력
58 + // 패치 전 코드 (oldContent)
59 + // 패치 후 코드 (newContent)
60 + // 패치 코드 (entry.Patch)
61 + // 출력
62 + if (regs.Count > 0)
63 + {
64 + // Console.BackgroundColor = ConsoleColor.DarkBlue;
65 + // Console.WriteLine($"Old Content: \n{oldContent}");
66 + // Console.ResetColor();
67 +
68 + // Console.BackgroundColor = ConsoleColor.DarkMagenta;
69 + // Console.WriteLine($"New Content: \n{newContent}");
70 + // Console.ResetColor();
71 +
72 + Console.ForegroundColor = ConsoleColor.Blue;
73 + Console.WriteLine($"status: {entry.Status.ToString()}");
74 + Console.WriteLine($"added: {entry.LinesAdded.ToString()}, deleted: {entry.LinesDeleted.ToString()}");
75 + Console.WriteLine($"old path: {entry.OldPath.ToString()}, new path: {entry.Path.ToString()}");
76 + Console.ResetColor();
77 +
78 +
79 + Console.Write($"CVE: ");
80 + Console.ForegroundColor = ConsoleColor.Red;
81 + Console.Write($"{cve}");
82 + Console.WriteLine("");
83 + Console.ResetColor();
84 + Console.ForegroundColor = ConsoleColor.Yellow;
85 + Console.WriteLine($"Commit Message: {commitMsg}");
86 + Console.ResetColor();
87 +
88 +
89 +
90 + Console.BackgroundColor = ConsoleColor.DarkRed;
91 + Console.WriteLine($"Patched: \n{entry.Patch}");
92 +
93 + Console.ResetColor();
94 + // Console.WriteLine("-----------");
95 +
96 +
97 +
98 + }
99 +
100 +
101 +
102 + // 패치 코드에서 매칭된 파이썬 함수들로부터
103 + // 패치 전 코드 파일(oldBlob)을 탐색하여 원본 파이썬 함수 가져오고(originalFunc)
104 + //
118 #endregion 105 #endregion
119 106
107 + foreach (var reg in regs)
108 + {
109 + var match = reg as Match;
110 + string methodName = match.Groups[VulnAbstractCrawler.MethodName].Value.Trim();
111 + Console.WriteLine("methodName = " + methodName);
112 + string originalFunc, md5;
113 + (originalFunc, md5) = self.Process(oldBlob.GetContentStream(),
114 + match.Groups[VulnAbstractCrawler.MethodName].Value);
115 +
116 + #region 현재 패치 엔트리 정보 출력(추가된 , 삭제된 , 패치 이전 경로, 패치 경로)
117 +
118 +
119 +
120 + // 패치 전 원본 함수
121 + Console.WriteLine($"Original Func: {originalFunc}");
122 + // 해쉬 후
123 + Console.WriteLine($"Original Func MD5: {md5}");
124 + //Console.BackgroundColor = ConsoleColor.DarkRed;
125 + //Console.WriteLine($"Patched: \n{entry.Patch}");
126 +
127 + Console.ResetColor();
128 + Console.WriteLine("==============================");
129 +
130 + #endregion
131 +
132 + }
120 } 133 }
134 + catch (Exception)
135 + {
136 + continue;
137 + }
138 +
121 } 139 }
122 } 140 }
123 141
......