Example #1
0
def vuln_patch_compare(vuln_id, neo4jdb):
    vuln_info = vulnerability_info.objects.get(vuln_id=vuln_id)
    vuln_name = vuln_info.cve_info.cveid.replace(
        "-", "_").upper() + "_VULN_" + vuln_info.vuln_func
    patch_name = vuln_info.cve_info.cveid.replace(
        "-", "_").upper() + "_PATCHED_" + vuln_info.vuln_func

    # if not is_character_db_on():
    #   start_character_db()

    # neo4jdb = JoernSteps()
    # try:
    #    neo4jdb.setGraphDbURL('http://localhost:7474/db/data/')
    #    neo4jdb.connectToDatabase()
    # except:
    start_time = time.time()

    report = func_similarity_reports()
    report.vuln_info = vuln_info
    report.status = "pending"
    report.save()

    vuln_func = getASTRootNodeByName(vuln_name, neo4jdb)
    if vuln_func is None:
        report.status = "vuln_func_not_found"
        report.save()
        return

    patched_func = getASTRootNodeByName(patch_name, neo4jdb)
    if patched_func is None:
        report.status = "patched_func_not_found"
        report.save()
        return

    s1 = serializedAST(neo4jdb, True, True)
    s2 = serializedAST(neo4jdb, False, True)
    s3 = serializedAST(neo4jdb, True, False)
    s4 = serializedAST(neo4jdb, False, False)

    r = ast_match_info()
    if s1.genSerilizedAST(vuln_func) == s1.genSerilizedAST(patched_func):
        r.distinct_type_and_const = True
    if s2.genSerilizedAST(vuln_func) == s2.genSerilizedAST(patched_func):
        r.distinct_const_no_type = True
    if s3.genSerilizedAST(vuln_func) == s3.genSerilizedAST(patched_func):
        r.distinct_const_no_type = True
    if s4.genSerilizedAST(vuln_func) == s4.genSerilizedAST(patched_func):
        r.no_type_no_const = True

    end_time = time.time()

    report.match_reports = pickle.dumps(r.get_dict())
    report.status = "success"
    report.cost = round(end_time - start_time, 2)
    report.save()
Example #2
0
def vuln_patch_compare(vuln_id, neo4jdb):
    vuln_info = vulnerability_info.objects.get(vuln_id=vuln_id)
    vuln_name = vuln_info.cve_info.cveid.replace("-", "_").upper() + "_VULN_" + vuln_info.vuln_func
    patch_name = vuln_info.cve_info.cveid.replace("-", "_").upper() + "_PATCHED_" + vuln_info.vuln_func
    
    # if not is_character_db_on():
    #   start_character_db()
    
    # neo4jdb = JoernSteps()
    # try:
    #    neo4jdb.setGraphDbURL('http://localhost:7474/db/data/')
    #    neo4jdb.connectToDatabase()
    # except:
    start_time = time.time()
    
    report = func_similarity_reports()
    report.vuln_info = vuln_info
    report.status = "pending"
    report.save()
    
    vuln_func = getASTRootNodeByName(vuln_name, neo4jdb)
    if vuln_func is None:
        report.status = "vuln_func_not_found"
        report.save()
        return
    
    patched_func = getASTRootNodeByName(patch_name, neo4jdb)
    if patched_func is None:
        report.status = "patched_func_not_found"
        report.save()
        return
    
    s1 = serializedAST(neo4jdb, True, True)
    s2 = serializedAST(neo4jdb, False, True)
    s3 = serializedAST(neo4jdb, True, False)
    s4 = serializedAST(neo4jdb, False, False)
    
    r = ast_match_info() 
    if s1.genSerilizedAST(vuln_func) == s1.genSerilizedAST(patched_func):
        r.distinct_type_and_const = True
    if s2.genSerilizedAST(vuln_func) == s2.genSerilizedAST(patched_func):
        r.distinct_const_no_type = True
    if s3.genSerilizedAST(vuln_func) == s3.genSerilizedAST(patched_func):
        r.distinct_const_no_type = True
    if s4.genSerilizedAST(vuln_func) == s4.genSerilizedAST(patched_func):
        r.no_type_no_const = True
    
    end_time = time.time()
    
    report.match_reports = pickle.dumps(r.get_dict())
    report.status = "success"
    report.cost = round(end_time - start_time, 2)
    report.save()
Example #3
0
def func_similarity_astLevel(db1, funcs, db2, func_name):
    # @db1 待比对数据库
    # @db2 漏洞特征数据库
    # @func_name 目标函数名

    start_time = time.time()

    target_func = getASTRootNodeByName(func_name, db2)
    return_type = getFuncRetType(target_func, db2)  # 获取目标函数返回值类型
    param_list = getFuncParamList(target_func, db2)  # 获取目标函数参数类型列表

    # funcs = getAllFuncs(db1) #获取所有函数
    filter_funcs = filterFuncs(db1, funcs, return_type, param_list)  # 过滤待比较函数

    pattern1 = serializedAST(db2, True, True).genSerilizedAST(target_func)
    pattern2 = serializedAST(db2, False,
                             True).genSerilizedAST(target_func)  # 所有类型变量映射成相同值
    pattern3 = serializedAST(db2, True, False).genSerilizedAST(target_func)
    pattern4 = serializedAST(db2, False, False).genSerilizedAST(target_func)

    s1 = serializedAST(db1, True, True)
    s2 = serializedAST(db1, False, True)
    s3 = serializedAST(db1, True, False)
    s4 = serializedAST(db1, False, False)

    report_dict = {}
    for func in filter_funcs:
        report = ast_match_info()

        if pattern1 == s1.genSerilizedAST(func):
            report.distinct_type_and_const = True

        if pattern2 == s2.genSerilizedAST(func):
            report.distinct_const_no_type = True

        if pattern3 == s3.genSerilizedAST(func):
            report.distinct_type_no_const = True

        if pattern4 == s4.genSerilizedAST(func):
            report.no_type_no_const = True

        if report.is_valid():
            report_dict[func] = pickle.dumps(report)

    end_time = time.time()
    cost = end_time - start_time
    return report_dict, round(cost, 2)
Example #4
0
def func_similarity_astLevel(db1, funcs, db2, func_name):
    # @db1 待比对数据库
    # @db2 漏洞特征数据库
    # @func_name 目标函数名
    
    start_time = time.time()
    
    target_func = getASTRootNodeByName(func_name, db2)
    return_type = getFuncRetType(target_func, db2)  # 获取目标函数返回值类型
    param_list = getFuncParamList(target_func, db2)  # 获取目标函数参数类型列表
    
    # funcs = getAllFuncs(db1) #获取所有函数
    filter_funcs = filterFuncs(db1, funcs, return_type, param_list)  # 过滤待比较函数
    
    pattern1 = serializedAST(db2, True, True).genSerilizedAST(target_func)
    pattern2 = serializedAST(db2, False, True).genSerilizedAST(target_func)  # 所有类型变量映射成相同值
    pattern3 = serializedAST(db2, True, False).genSerilizedAST(target_func)
    pattern4 = serializedAST(db2, False, False).genSerilizedAST(target_func)
    
    s1 = serializedAST(db1, True, True)
    s2 = serializedAST(db1, False, True)
    s3 = serializedAST(db1, True, False)
    s4 = serializedAST(db1, False, False)
    
    report_dict = {}
    for func in filter_funcs:
        report = ast_match_info()
        
        if pattern1 == s1.genSerilizedAST(func):
            report.distinct_type_and_const = True
        
        if pattern2 == s2.genSerilizedAST(func):
            report.distinct_const_no_type = True
        
        if pattern3 == s3.genSerilizedAST(func):
            report.distinct_type_no_const = True
        
        if pattern4 == s4.genSerilizedAST(func):
            report.no_type_no_const = True
            
        if report.is_valid():
            report_dict[func] = pickle.dumps(report)
    
    end_time = time.time()
    cost = end_time - start_time
    return report_dict, round(cost, 2)
Example #5
0
def astLevel_similarity_proc(db1, funcs, db2, func_name):
    suffixtree_cmp = suffixtree()

    pattern1 = serializedAST(db2, True, True).genSerilizedAST(func_name)
    pattern2 = serializedAST(db2, False,
                             True).genSerilizedAST(func_name)  # 所有类型变量映射成相同值
    pattern3 = serializedAST(db2, True, False).genSerilizedAST(func_name)
    pattern4 = serializedAST(db2, False, False).genSerilizedAST(func_name)

    #去掉前缀
    prefix_str = r"^FunctionDef\([0-9]+\);CompoundStatement\([0-9]+\);"
    pattern1 = re.sub(prefix_str, "", pattern1)
    pattern2 = re.sub(prefix_str, "", pattern2)
    pattern3 = re.sub(prefix_str, "", pattern3)
    pattern4 = re.sub(prefix_str, "", pattern4)

    s1 = serializedAST(db1, True, True)
    s2 = serializedAST(db1, False, True)
    s3 = serializedAST(db1, True, False)
    s4 = serializedAST(db1, False, False)

    report_dict = {}
    for func in funcs:
        report = ast_match_info()

        if suffixtree_cmp.search(s1.genSerilizedAST(func), pattern1):
            report.distinct_type_and_const = True

        if suffixtree_cmp.search(s2.genSerilizedAST(func), pattern2):
            report.distinct_const_no_type = True

        if suffixtree_cmp.search(s3.genSerilizedAST(func), pattern3):
            report.distinct_type_no_const = True

        if suffixtree_cmp.search(s4.genSerilizedAST(func), pattern4):
            report.no_type_no_const = True

        if report.is_valid():
            report_dict[func] = report

    return report_dict
Example #6
0
def astLevel_similarity_proc(db1, funcs, db2, func_name):
    suffixtree_cmp = suffixtree()
    
    pattern1 = serializedAST(db2, True, True).genSerilizedAST(func_name)
    pattern2 = serializedAST(db2, False, True).genSerilizedAST(func_name)  # 所有类型变量映射成相同值
    pattern3 = serializedAST(db2, True, False).genSerilizedAST(func_name)
    pattern4 = serializedAST(db2, False, False).genSerilizedAST(func_name)
    
    #去掉前缀
    prefix_str = r"^FunctionDef\([0-9]+\);CompoundStatement\([0-9]+\);"
    pattern1 = re.sub(prefix_str, "", pattern1)
    pattern2 = re.sub(prefix_str, "", pattern2)
    pattern3 = re.sub(prefix_str, "", pattern3)
    pattern4 = re.sub(prefix_str, "", pattern4)
    
    s1 = serializedAST(db1, True, True)
    s2 = serializedAST(db1, False, True)
    s3 = serializedAST(db1, True, False)
    s4 = serializedAST(db1, False, False)
    
    report_dict = {}
    for func in funcs:
        report = ast_match_info()
        
        if suffixtree_cmp.search(s1.genSerilizedAST(func), pattern1):
            report.distinct_type_and_const = True
        
        if suffixtree_cmp.search(s2.genSerilizedAST(func), pattern2):
            report.distinct_const_no_type = True
        
        if suffixtree_cmp.search(s3.genSerilizedAST(func), pattern3):
            report.distinct_type_no_const = True
        
        if suffixtree_cmp.search(s4.genSerilizedAST(func), pattern4):
            report.no_type_no_const = True
            
        if report.is_valid():
            report_dict[func] = report
            
    return report_dict