def get_potential_locs(ast, bug_snip_type):
"""Identify all potential locations in the source code for injecting a bug type"""
"""Returns BIP (Bugs Injection Profile)"""
stmt_locs =[]
stm_types = ['VariableDeclaration', 'ExpressionStatement', 'EmitStatement', 'Identifier','PlaceholderStatement', 'Return', 'Block' ,'FunctionDefinition', 'ModifierDefinition', 'EventDefinition']
all_locs = get_all_childs(ast)
param_list = [name for name in all_locs if name['name'] in ('ParameterList','FunctionCall','ExpressionStatement','Return','VariableDeclarationStatement','ModifierInvocation','BinaryOperation')]
block_list = [name for name in all_locs if name['name'] in ('FunctionDefinition','ModifierDefinition', 'EventDefinition','Block')]
struct_list = [name for name in all_locs if name['name'] in ('StructDefinition')]
interface_locs =inject_file.get_pattern_all_offsets(src_contr_file,'interface')
interface_locs.extend(inject_file.get_pattern_all_offsets(src_contr_file,'library'))
interface_list = [name for name in all_locs if name['name'] in ('ContractDefinition')]
for stm_type in stm_types:
sub_stm = [name for name in all_locs if name['name'] == stm_type]
if stm_type in ('VariableDeclaration','Identifier'):
for vr in sub_stm:
if not within_interface(interface_list, interface_locs, int(get_src(vr['src'])['eoffset'])) and not is_paramter(param_list, int(get_src(vr['src'])['eoffset'])) and not within_struct_block(struct_list, int(get_src(vr['src'])['eoffset'])):
stmt_locs.append(vr)
elif bug_snip_type =='f' and stm_type in ('VariableDeclaration','Identifier', 'ModifierDefinition', 'Return', 'ExpressionStatement', 'PlaceholderStatement', 'Block', 'EmitStatement'):
for stm in sub_stm:
if not within_interface(interface_list, interface_locs, int(get_src(stm['src'])['eoffset'])) and not within_main_block(block_list, int(get_src(stm['src'])['eoffset'])):
stmt_locs.append(stm)
else:
for stm in sub_stm:
if not within_interface(interface_list, interface_locs, int(get_src(stm['src'])['eoffset'])):
stmt_locs.append(stm)
return stmt_locs
def weaken_sec_mec(filename, bug_type):
""" Inject bugs through Weakning Security Mechanisms approach """
existing_patterns = []
sec_mec_configs = configparser.RawConfigParser(allow_no_value=True)
sec_mec_configs.read("sec_methods.conf")
for config in sec_mec_configs.sections():
_bug_type = sec_mec_configs.get(config, 'bug_type')
_sec_method_pattern= sec_mec_configs.get(config, 'sec_meth_pattern')
_snip_to_remove= sec_mec_configs.get(config, 'snip_to_remove')
existing_patterns.append ({'bug_type':_bug_type,'sec_meth_pattern':_sec_method_pattern,'snip_to_remove':_snip_to_remove})
bug_patterns = [bugs for bugs in existing_patterns if bugs['bug_type'] == bug_type]
for bug in bug_patterns:
"""locations of the secure patterns to be weakened"""
bug_locs = inject_file.get_pattern_all_offsets(filename, bug['sec_meth_pattern'])
"""Weaken the existing security mechanisms to introduce bug into the source code"""
if (len(bug_locs) >0):
for loc in bug_locs:
with open(filename,'r+b') as sfile:
lines = sfile.readlines()
lines[loc['line']]=re.sub(b"revert\(\);",b"//revert();\n",lines[loc['line']])
sfile.seek(0,0)
sfile.writelines(lines)
sfile.truncate()
BugLog.append({'loc':loc['line'], 'length':1,'bug type':bug_type, 'approach':'weakening security'})
def code_transform(filename, bug_type):
""" Inject bugs through Code Transformation approach """
existing_patterns = []
code_trans_configs = configparser.RawConfigParser(allow_no_value=True)
code_trans_configs.read("code_trans.conf")
for config in code_trans_configs.sections():
_bug_type = code_trans_configs.get(config, 'bug_type')
_sec_snip= code_trans_configs.get(config, 'current_snippet')
_bug_snip= code_trans_configs.get(config, 'bug_snippet')
existing_patterns.append ({'bug_type':_bug_type,'sec_snip':_sec_snip,'bug_snip':_bug_snip})
with open (filename, "r+b") as myfile:
s = myfile.read()
#s = re.sub(a.encode(),b.encode(), s)
ret = s
bug_patterns = [bugs for bugs in existing_patterns if bugs['bug_type'] == bug_type]
for bug in bug_patterns:
"""locations of the patterns to be replaced"""
bug_locs = inject_file.get_pattern_all_offsets(filename, bug['sec_snip'])
"""Transfer the secure code to make it unsecure to introduce bug into the source code"""
if (len(bug_locs) >0):
ret = re.sub(re.compile(bug['sec_snip'].encode()), bug['bug_snip'].encode(), ret)
myfile.seek(0,0)
myfile.write(ret)
myfile.truncate()
for loc in bug_locs:
BugLog.append({'loc':loc['line'], 'length':1,'bug type':bug_type, 'approach':'code tranfsorm'})
def Inspect_results(_tools = []):
global reported_bugs
oyente_FNs = []
securify_FNs = []
mythril_FNs = []
smartcheck_FNs = []
slither_FNs = []
manticore_FNs = []
oyente_FPs = []
securify_FPs = []
mythril_FPs = []
smartcheck_FPs = []
slither_FPs = []
manticore_FPs = []
tools = _tools
# Contracts
x = [ i for i in range(1,51)]
for tool in tools:
tool_bugs = [bugs['bugs'] for bugs in bug_types if bugs['tool'] == tool]
for bug_type in tool_bugs[0]:
oyente_ibugs =0
oyente_bug_fn =0
oyente_misclas =0
securify_ibugs =0
securify_bug_fn =0
securify_misclas =0
mythril_ibugs =0
mythril_bug_fn =0
mythril_misclas =0
smartcheck_ibugs =0
smartcheck_bug_fn =0
smartcheck_misclas =0
slither_ibugs =0
slither_bug_fn =0
slither_misclas =0
manticore_ibugs =0
manticore_bug_fn =0
manticore_misclas =0
c=0
for cs in x:
tool_main_dir = os.path.join(main_dir,tool)
tool_buggy_sc = os.path.join(tool_main_dir,"analyzed_buggy_contracts")
injected_scs = os.path.join(tool_buggy_sc,bug_type)
bug_log =injected_scs+"/BugLog_"+str(cs)+".csv"
buggy_sc =injected_scs+"/buggy_"+str(cs)+".sol"
result_file = injected_scs+"/results/buggy_"+str(cs)+".sol.txt"
if tool in ("Slither","Oyente"):
result_file = injected_scs+"/results/buggy_"+str(cs)+".sol.json"
#Read the injected bug logs
with open(bug_log, 'r') as f:
reader = csv.reader(f)
bug_log_list = list(reader)
#Inspect tool reports for false negatives and false positives positives
if tool =='Securify':
detected_bugs = []
reported_bugs = []
#""locations of all violation patterns in the tool generated report""
violation_pattern= "Violation((.+)\s)+at\s"
violation_locs = inject_file.get_pattern_all_offsets(result_file, violation_pattern)
for viol in violation_locs:
extract_detected_bug(result_file,viol,tool,cs)
#Inspect flase negatives
false_negatives = []
misclassifications = []
tool_reported_bugs = [bugs for bugs in reported_bugs if bugs['tool'] == tool and bugs['contract'] ==cs]
tool_bug_codes = [codes for codes in securify_bug_codes if codes['bug'] == bug_type]
for ibug in bug_log_list[1:len(bug_log_list)]:
detected = False
misclassified = False
for dbug in tool_reported_bugs:
if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])):
if dbug['bugType'].strip() in tool_bug_codes[0]['codes']:
detected = True
else:
misclassified = True
if detected == False:
false_negatives.append(ibug)
if misclassified == True and detected == False:
misclassifications.append(ibug)
securify_ibugs +=(len(bug_log_list)-1)
securify_bug_fn +=len(false_negatives)
securify_misclas +=len(misclassifications)
#Inspect flase positives
false_positives = []
for dbug in tool_reported_bugs:
injected = False
for ibug in bug_log_list[1:len(bug_log_list)]:
if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])):
injected = True
if injected == False:
reported_non_injected.append(dbug)
elif tool == 'Mythril':
detected_bugs = []
reported_bugs = []
#""locations of all reported bug patterns in the tool generated report""
violation_pattern= "===((.+)\s)+--"
violation_locs = inject_file.get_pattern_all_offsets(result_file, violation_pattern)
for viol in violation_locs:
extract_detected_bug(result_file,viol,tool,cs)
#Inspect flase negatives
false_negatives = []
misclassifications = []
tool_reported_bugs = [bugs for bugs in reported_bugs if bugs['tool'] == tool and bugs['contract'] ==cs]
tool_bug_codes = [codes for codes in mythril_bug_codes if codes['bug'] == bug_type]
for ibug in bug_log_list[1:len(bug_log_list)]:
detected = False
misclassified = False
for dbug in tool_reported_bugs:
if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])):
if dbug['bugType'].strip() in tool_bug_codes[0]['codes']:
detected = True
else:
misclassified = True
if detected == False:
false_negatives.append(ibug)
if misclassified == True and detected == False:
misclassifications.append(ibug)
mythril_ibugs +=(len(bug_log_list)-1)
mythril_bug_fn +=len(false_negatives)
mythril_misclas +=len(misclassifications)
#Inspect flase positives
for dbug in tool_reported_bugs:
injected = False
for ibug in bug_log_list[1:len(bug_log_list)]:
if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])):
injected = True
if injected == False:
reported_non_injected.append(dbug)
elif tool == 'Slither':
reported_bugs = []
#""locations of all reported bug patterns in the tool generated report""
with open(result_file) as fh:
result_file_data = json.loads(fh.read())
violation_locs = get_all_childs(result_file_data)
for viol in violation_locs:
line = re.findall(r'(?<=sol#)[0-9]*(?=\))',viol['desc'])
if len(line)>0:
bugLine = int (line[0])
bugType = viol['type']
reported_bugs.append({'tool':tool,'lines':bugLine,'bugType':bugType,'contract':cs})
#Inspect flase negatives
false_negatives = []
misclassifications = []
tool_reported_bugs = [bugs for bugs in reported_bugs if bugs['tool'] == tool and bugs['contract'] ==cs]
tool_bug_codes = [codes for codes in slither_bug_codes if codes['bug'] == bug_type]
for ibug in bug_log_list[1:len(bug_log_list)]:
detected = False
misclassified = False
for dbug in tool_reported_bugs:
if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])):
if dbug['bugType'].strip() in tool_bug_codes[0]['codes']:
detected = True
else:
misclassified = True
if detected == False:
false_negatives.append(ibug)
if misclassified == True and detected == False:
misclassifications.append(ibug)
#print(false_negatives)
slither_ibugs +=(len(bug_log_list)-1)
slither_bug_fn +=len(false_negatives)
slither_misclas +=len(misclassifications)
#Inspect flase positives
false_positives = []
for dbug in tool_reported_bugs:
injected = False
for ibug in bug_log_list[1:len(bug_log_list)]:
if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])):
injected = True
if injected == False:
reported_non_injected.append(dbug)
elif tool == 'Smartcheck':
detected_bugs = []
reported_bugs = []
#""locations of all reported bug patterns in the tool generated report""
violation_pattern= "ruleId((.+)\s)+line:\s[0-9]*"
violation_locs = inject_file.get_pattern_all_offsets(result_file, violation_pattern)
for viol in violation_locs:
extract_detected_bug(result_file,viol,tool,cs)
#Inspect flase negatives
false_negatives = []
misclassifications = []
tool_reported_bugs = [bugs for bugs in reported_bugs if bugs['tool'] == tool and bugs['contract'] ==cs]
tool_bug_codes = [codes for codes in smartcheck_bug_codes if codes['bug'] == bug_type]
for ibug in bug_log_list[1:len(bug_log_list)]:
detected = False
misclassified = False
for dbug in tool_reported_bugs:
if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])):
if dbug['bugType'].strip() in tool_bug_codes[0]['codes']:
detected = True
else:
misclassified = True
if detected == False:
false_negatives.append(ibug)
if misclassified == True and detected == False:
misclassifications.append(ibug)
smartcheck_ibugs +=(len(bug_log_list)-1)
smartcheck_bug_fn +=len(false_negatives)
smartcheck_misclas +=len(misclassifications)
#Inspect flase positives
false_positives = []
for dbug in tool_reported_bugs:
injected = False
for ibug in bug_log_list[1:len(bug_log_list)]:
if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])):
injected = True
if injected == False:
reported_non_injected.append(dbug)
elif tool == 'Oyente':
detected_bugs = []
reported_bugs = []
head, tail = os.path.split(buggy_sc)
#""locations of all reported bug patterns in the tool generated report""
violation_pattern= "(?<=sol:)(.*)(?=\.\\\)"
cs_names = [names['names'] for names in contract_names_per_file if names['file'] == tail]
for cs_name in cs_names[0]:
result_file = injected_scs+"/results/buggy_"+str(cs)+".sol:"+cs_name+".json"
if not os.path.isfile(result_file):
continue
violation_locs = inject_file.get_pattern_all_offsets(result_file, violation_pattern)
for viol in violation_locs:
extract_detected_bug(result_file,viol,tool,cs)
#Inspect flase negatives
false_negatives = []
misclassifications = []
tool_reported_bugs = [bugs for bugs in reported_bugs if bugs['tool'] == tool and bugs['contract'] ==cs]
tool_bug_codes = [codes for codes in oyente_bug_codes if codes['bug'] == bug_type]
for ibug in bug_log_list[1:len(bug_log_list)]:
detected = False
misclassified = False
for dbug in tool_reported_bugs:
if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])):
if dbug['bugType'].strip() in tool_bug_codes[0]['codes']:
detected = True
else:
misclassified = True
if detected == False:
false_negatives.append(ibug)
if misclassified == True and detected == False:
misclassifications.append(ibug)
oyente_ibugs +=(len(bug_log_list)-1)
oyente_bug_fn +=len(false_negatives)
oyente_misclas +=len(misclassifications)
#Inspect flase positives
false_positives = []
for dbug in tool_reported_bugs:
injected = False
for ibug in bug_log_list[1:len(bug_log_list)]:
if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])):
injected = True
if injected == False:
reported_non_injected.append(dbug)
elif tool == 'Manticore':
detected_bugs = []
reported_bugs = []
head, tail = os.path.split(buggy_sc)
#""locations of all reported bug patterns in the tool generated report""
violation_pattern= "\-((.+)\s)+[0-9]+"
cs_names = [names['names'] for names in contract_names_per_file if names['file'] == tail]
for cs_name in cs_names[0]:
result_file = injected_scs+"/results/buggy_"+str(cs)+"."+cs_name+".txt"
if not os.path.isfile(result_file):
continue
violation_locs = inject_file.get_pattern_all_offsets(result_file, violation_pattern)
for viol in violation_locs:
extract_detected_bug(result_file,viol,tool,cs)
#Inspect flase negatives
false_negatives = []
misclassifications = []
tool_reported_bugs = [bugs for bugs in reported_bugs if bugs['tool'] == tool and bugs['contract'] ==cs]
tool_bug_codes = [codes for codes in manticore_bug_codes if codes['bug'] == bug_type]
for ibug in bug_log_list[1:len(bug_log_list)]:
detected = False
misclassified = False
for dbug in tool_reported_bugs:
if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])):
if dbug['bugType'].strip() in tool_bug_codes[0]['codes']:
detected = True
else:
misclassified = True
if detected == False:
false_negatives.append(ibug)
if misclassified == True and detected == False:
misclassifications.append(ibug)
manticore_ibugs +=(len(bug_log_list)-1)
manticore_bug_fn +=len(false_negatives)
manticore_misclas +=len(misclassifications)
#Inspect flase positives
false_positives = []
for dbug in tool_reported_bugs:
injected = False
for ibug in bug_log_list[1:len(bug_log_list)]:
if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])):
injected = True
if injected == False:
reported_non_injected.append(dbug)
if tool == "Oyente":
oyente_FNs.append({'BugType':bug_type,'InjectedBugs':oyente_ibugs,'FalseNegatives':oyente_bug_fn,'MisClassified':oyente_misclas,'UnDetected':(oyente_bug_fn-oyente_misclas)})
elif tool == "Securify":
securify_FNs.append({'BugType':bug_type,'InjectedBugs':securify_ibugs,'FalseNegatives':securify_bug_fn,'MisClassified':securify_misclas,'UnDetected':(securify_bug_fn-securify_misclas)})
elif tool == "Mythril":
mythril_FNs.append({'BugType':bug_type,'InjectedBugs':mythril_ibugs,'FalseNegatives':mythril_bug_fn,'MisClassified':mythril_misclas,'UnDetected':(mythril_bug_fn-mythril_misclas)})
elif tool == "Smartcheck":
smartcheck_FNs.append({'BugType':bug_type,'InjectedBugs':smartcheck_ibugs,'FalseNegatives':smartcheck_bug_fn,'MisClassified':smartcheck_misclas,'UnDetected':(smartcheck_bug_fn-smartcheck_misclas)})
elif tool =="Slither":
slither_FNs.append({'BugType':bug_type,'InjectedBugs':slither_ibugs,'FalseNegatives':slither_bug_fn,'MisClassified':slither_misclas,'UnDetected':(slither_bug_fn-slither_misclas)})
elif tool =="Manticore":
manticore_FNs.append({'BugType':bug_type,'InjectedBugs':manticore_ibugs,'FalseNegatives':manticore_bug_fn,'MisClassified':manticore_misclas,'UnDetected':(manticore_bug_fn-manticore_misclas)})
#Export False negative results
csv_columns = ['BugType','InjectedBugs','FalseNegatives','MisClassified','UnDetected']
for tool in tools:
csv_file = os.path.join("FNs/"+tool+"_FNs.csv")
try:
with open(csv_file, 'w') as csvfile:
writer = csv.DictWriter(csvfile, fieldnames=csv_columns)
writer.writeheader()
if tool =="Oyente":
for data in oyente_FNs:
writer.writerow(data)
elif tool =="Securify":
for data in securify_FNs:
writer.writerow(data)
elif tool =="Mythril":
for data in mythril_FNs:
writer.writerow(data)
elif tool =="Smartcheck":
for data in smartcheck_FNs:
writer.writerow(data)
elif tool =="Slither":
for data in slither_FNs:
writer.writerow(data)
elif tool =="Manticore":
for data in manticore_FNs:
writer.writerow(data)
print ("\n************************** "+tool +" False Negatives *******************\n")
df = pandas.read_csv(csv_file)
print(df)
except IOError:
print("I/O error")
#Print to console
#remove duplicates
tempList = []
for bug in reported_non_injected:
if bug not in tempList:
tempList.append(bug)
_reported_non_injected = tempList
coded_reported_non_injected = []
#Check majority
for bug in _reported_non_injected:
coded_bugType =get_bug_type(bug)
coded_reported_non_injected.append({'lines':bug['lines'],'tool':bug['tool'],'bugType':coded_bugType,'contract':bug['contract']})
for tool in tools:
if tool == "Oyente":
tool_bugs = [bugs['bug'] for bugs in oyente_bug_codes]
for bug in tool_bugs:
fp_count = 0
excluded = 0
other_count = 0
bug_type_threshold = [thr['threshold'] for thr in thresholds if thr['bug']==bug][0]
for sc in x:
type_specific_bugs = [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] == bug and bugs['contract']==sc]
other_bugs= [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] not in tool_bugs and bugs['contract']==sc]
other_count += len(other_bugs)
for sbugs in type_specific_bugs:
tools_deteced_bug = [bugs for bugs in coded_reported_non_injected if bugs['lines'] == sbugs['lines'] and bugs['bugType']== bug and bugs['contract']==sc]
if not len(tools_deteced_bug) >= bug_type_threshold:
fp_count +=1
else:
excluded +=1
oyente_FPs.append({'BugType':bug,'FalsePositives':fp_count,'ExcludedByMajority':excluded,'Total':(fp_count+excluded)})
oyente_FPs.append({'BugType':'Other','FalsePositives':other_count,'ExcludedByMajority':0,'Total':other_count})
elif tool == "Securify":
tool_bugs = [bugs['bug'] for bugs in securify_bug_codes]
for bug in tool_bugs:
fp_count = 0
excluded = 0
other_count = 0
bug_type_threshold = [thr['threshold'] for thr in thresholds if thr['bug']==bug][0]
for sc in x:
type_specific_bugs = [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] == bug and bugs['contract']==sc]
other_bugs= [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] not in tool_bugs and bugs['contract']==sc]
other_count += len(other_bugs)
for sbugs in type_specific_bugs:
tools_deteced_bug = [bugs for bugs in coded_reported_non_injected if bugs['lines'] == sbugs['lines'] and bugs['bugType']== bug and bugs['contract']==sc]
if not len(tools_deteced_bug) >= bug_type_threshold:
fp_count +=1
else:
excluded +=1
securify_FPs.append({'BugType':bug,'FalsePositives':fp_count,'ExcludedByMajority':excluded,'Total':(fp_count+excluded)})
securify_FPs.append({'BugType':'Other','FalsePositives':other_count,'ExcludedByMajority':0,'Total':other_count})
elif tool == "Mythril":
tool_bugs = [bugs['bug'] for bugs in mythril_bug_codes]
for bug in tool_bugs:
fp_count = 0
excluded = 0
other_count = 0
bug_type_threshold = [thr['threshold'] for thr in thresholds if thr['bug']==bug][0]
for sc in x:
type_specific_bugs = [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] == bug and bugs['contract']==sc]
other_bugs= [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] not in tool_bugs and bugs['contract']==sc]
other_count += len(other_bugs)
for sbugs in type_specific_bugs:
tools_deteced_bug = [bugs for bugs in coded_reported_non_injected if bugs['lines'] == sbugs['lines'] and bugs['bugType']== bug]
if not len(tools_deteced_bug) >= bug_type_threshold:
fp_count +=1
else:
excluded +=1
mythril_FPs.append({'BugType':bug,'FalsePositives':fp_count,'ExcludedByMajority':excluded,'Total':(fp_count+excluded)})
mythril_FPs.append({'BugType':'Other','FalsePositives':other_count,'ExcludedByMajority':0,'Total':other_count})
elif tool == "Smartcheck":
tool_bugs = [bugs['bug'] for bugs in smartcheck_bug_codes]
for bug in tool_bugs:
fp_count = 0
excluded = 0
other_count = 0
bug_type_threshold = [thr['threshold'] for thr in thresholds if thr['bug']==bug][0]
for sc in x:
type_specific_bugs = [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] == bug and bugs['contract']==sc]
other_bugs= [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] not in tool_bugs and bugs['contract']==sc]
other_count += len(other_bugs)
for sbugs in type_specific_bugs:
tools_deteced_bug = [bugs for bugs in coded_reported_non_injected if bugs['lines'] == sbugs['lines'] and bugs['bugType']== bug and bugs['contract']==sc]
if not len(tools_deteced_bug) >= bug_type_threshold:
fp_count +=1
else:
excluded +=1
smartcheck_FPs.append({'BugType':bug,'FalsePositives':fp_count,'ExcludedByMajority':excluded,'Total':(fp_count+excluded)})
smartcheck_FPs.append({'BugType':'Other','FalsePositives':other_count,'ExcludedByMajority':0,'Total':other_count})
elif tool == "Slither":
tool_bugs = [bugs['bug'] for bugs in slither_bug_codes]
for bug in tool_bugs:
fp_count = 0
excluded = 0
other_count = 0
bug_type_threshold = [thr['threshold'] for thr in thresholds if thr['bug']==bug][0]
for sc in x:
type_specific_bugs = [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] == bug and bugs['contract']==sc]
other_bugs= [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] not in tool_bugs and bugs['contract']==sc]
other_count += len(other_bugs)
for sbugs in type_specific_bugs:
tools_deteced_bug = [bugs for bugs in coded_reported_non_injected if bugs['lines'] == sbugs['lines'] and bugs['bugType']== bug and bugs['contract']==sc]
if not len(tools_deteced_bug) >= bug_type_threshold:
fp_count +=1
else:
excluded +=1
slither_FPs.append({'BugType':bug,'FalsePositives':fp_count,'ExcludedByMajority':excluded,'Total':(fp_count+excluded)})
slither_FPs.append({'BugType':'Other','FalsePositives':other_count,'ExcludedByMajority':0,'Total':other_count})
if tool == "Manticore":
tool_bugs = [bugs['bug'] for bugs in manticore_bug_codes]
for bug in tool_bugs:
fp_count = 0
excluded = 0
other_count = 0
bug_type_threshold = [thr['threshold'] for thr in thresholds if thr['bug']==bug][0]
for sc in x:
type_specific_bugs = [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] == bug and bugs['contract']==sc]
other_bugs= [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] not in tool_bugs and bugs['contract']==sc]
other_count += len(other_bugs)
for sbugs in type_specific_bugs:
tools_deteced_bug = [bugs for bugs in coded_reported_non_injected if bugs['lines'] == sbugs['lines'] and bugs['bugType']== bug and bugs['contract']==sc]
if not len(tools_deteced_bug) >= bug_type_threshold:
fp_count +=1
else:
excluded +=1
manticore_FPs.append({'BugType':bug,'FalsePositives':fp_count,'ExcludedByMajority':excluded,'Total':(fp_count+excluded)})
manticore_FPs.append({'BugType':'Other','FalsePositives':other_count,'ExcludedByMajority':0,'Total':other_count})
#Export False positive results
csv_columns = ['BugType','FalsePositives','ExcludedByMajority','Total']
for tool in tools:
csv_file = os.path.join("FPs/"+tool+"_FPs.csv")
try:
with open(csv_file, 'w') as csvfile:
writer = csv.DictWriter(csvfile, fieldnames=csv_columns)
writer.writeheader()
if tool =="Oyente":
for data in oyente_FPs:
writer.writerow(data)
elif tool =="Securify":
for data in securify_FPs:
writer.writerow(data)
elif tool =="Mythril":
for data in mythril_FPs:
writer.writerow(data)
elif tool =="Smartcheck":
for data in smartcheck_FPs:
writer.writerow(data)
elif tool =="Slither":
for data in slither_FPs:
writer.writerow(data)
elif tool =="Manticore":
for data in manticore_FPs:
writer.writerow(data)
print ("\n************************** "+tool +" False Positives *******************\n")
df = pandas.read_csv(csv_file)
print(df)
except IOError:
print("I/O error")