def func_similarity_cfg_level(soft_db, funcs, character_db, func_name, worksheet): # @db1 待比对数据库 # @db2 漏洞特征数据库 # @func_name 目标函数名 #过滤一下 ast_root = get_function_ast_root(character_db, func_name) if ast_root is None: print "no function found" return return_type = get_function_return_type(character_db, ast_root) # 获取目标函数返回值类型 param_list = get_function_param_list(character_db, ast_root) # 获取目标函数参数类型列表 filter_funcs = filter_functions(soft_db, funcs, return_type, param_list) # 过滤待比较函数 tar_func = get_function_node(character_db, func_name) for ast_root in filter_funcs: src_func = get_function_node_by_ast_root(soft_db, ast_root) match, simi = func_cfg_similarity(src_func, soft_db, tar_func, character_db) if match: file = get_function_file(soft_db, src_func.properties[u'name'])[41:] worksheet.append( (func_name, file, src_func.properties[u'name'],match, round(simi,4) )) elif simi == -1: print u"节点太多,未进行比较 "
def func_similarity_astLevel(db1, funcs, db2, func_name, suffix_tree_obj, worksheet): # @db1 待比对数据库 # @db2 漏洞特征数据库 # @func_name 目标函数名 target_func = get_function_ast_root(db2, func_name) return_type = get_function_return_type(db2, target_func) # 获取目标函数返回值类型 param_list = get_function_param_list(db2, target_func) # 获取目标函数参数类型列表 # funcs = getAllFuncs(db1) #获取所有函数 filter_funcs = filter_functions(db1, funcs, return_type, param_list) # 过滤待比较函数 ret = serializedAST(db2).genSerilizedAST(target_func) pattern1 = ";".join(ret[0][2:]) pattern2 = ";".join(ret[1][2:]) pattern3 = ";".join(ret[2][2:]) pattern4 = ";".join(ret[3][2:]) for func in filter_funcs: ast_root = get_function_ast_root(db1, func.properties[u'name']) s1 = serializedAST(db1, True, True).genSerilizedAST(ast_root)[0][:-1] s2 = serializedAST(db1, False, True).genSerilizedAST(ast_root)[0][:-1] s3 = serializedAST(db1, True, False).genSerilizedAST(ast_root)[0][:-1] s4 = serializedAST(db1, False, False).genSerilizedAST(ast_root)[0][:-1] report = {} if suffix_tree_obj.search(s1, pattern1): report['distinct_type_and_const'] = True if suffix_tree_obj.search(s2, pattern2): report['distinct_const_no_type'] = True if suffix_tree_obj.search(s3, pattern3): report['distinct_type_no_const'] = True if suffix_tree_obj.search(s4, pattern4): report['distinct_type_no_const'] = True if report['distinct_type_and_const'] or report['distinct_const_no_type']\ or report['distinct_type_no_const'] or report['no_type_no_const']: file = get_function_file(db1, func.properties[u'name']) worksheet.append( (func_name, file, func.properties[u'name'],report['distinct_type_and_const'], report['distinct_const_no_type'], report['distinct_type_no_const'], report['distinct_type_no_const'] ))