def get_potential_locs(ast, bug_snip_type): """Identify all potential locations in the source code for injecting a bug type""" """Returns BIP (Bugs Injection Profile)""" stmt_locs =[] stm_types = ['VariableDeclaration', 'ExpressionStatement', 'EmitStatement', 'Identifier','PlaceholderStatement', 'Return', 'Block' ,'FunctionDefinition', 'ModifierDefinition', 'EventDefinition'] all_locs = get_all_childs(ast) param_list = [name for name in all_locs if name['name'] in ('ParameterList','FunctionCall','ExpressionStatement','Return','VariableDeclarationStatement','ModifierInvocation','BinaryOperation')] block_list = [name for name in all_locs if name['name'] in ('FunctionDefinition','ModifierDefinition', 'EventDefinition','Block')] struct_list = [name for name in all_locs if name['name'] in ('StructDefinition')] interface_locs =inject_file.get_pattern_all_offsets(src_contr_file,'interface') interface_locs.extend(inject_file.get_pattern_all_offsets(src_contr_file,'library')) interface_list = [name for name in all_locs if name['name'] in ('ContractDefinition')] for stm_type in stm_types: sub_stm = [name for name in all_locs if name['name'] == stm_type] if stm_type in ('VariableDeclaration','Identifier'): for vr in sub_stm: if not within_interface(interface_list, interface_locs, int(get_src(vr['src'])['eoffset'])) and not is_paramter(param_list, int(get_src(vr['src'])['eoffset'])) and not within_struct_block(struct_list, int(get_src(vr['src'])['eoffset'])): stmt_locs.append(vr) elif bug_snip_type =='f' and stm_type in ('VariableDeclaration','Identifier', 'ModifierDefinition', 'Return', 'ExpressionStatement', 'PlaceholderStatement', 'Block', 'EmitStatement'): for stm in sub_stm: if not within_interface(interface_list, interface_locs, int(get_src(stm['src'])['eoffset'])) and not within_main_block(block_list, int(get_src(stm['src'])['eoffset'])): stmt_locs.append(stm) else: for stm in sub_stm: if not within_interface(interface_list, interface_locs, int(get_src(stm['src'])['eoffset'])): stmt_locs.append(stm) return stmt_locs
def weaken_sec_mec(filename, bug_type): """ Inject bugs through Weakning Security Mechanisms approach """ existing_patterns = [] sec_mec_configs = configparser.RawConfigParser(allow_no_value=True) sec_mec_configs.read("sec_methods.conf") for config in sec_mec_configs.sections(): _bug_type = sec_mec_configs.get(config, 'bug_type') _sec_method_pattern= sec_mec_configs.get(config, 'sec_meth_pattern') _snip_to_remove= sec_mec_configs.get(config, 'snip_to_remove') existing_patterns.append ({'bug_type':_bug_type,'sec_meth_pattern':_sec_method_pattern,'snip_to_remove':_snip_to_remove}) bug_patterns = [bugs for bugs in existing_patterns if bugs['bug_type'] == bug_type] for bug in bug_patterns: """locations of the secure patterns to be weakened""" bug_locs = inject_file.get_pattern_all_offsets(filename, bug['sec_meth_pattern']) """Weaken the existing security mechanisms to introduce bug into the source code""" if (len(bug_locs) >0): for loc in bug_locs: with open(filename,'r+b') as sfile: lines = sfile.readlines() lines[loc['line']]=re.sub(b"revert\(\);",b"//revert();\n",lines[loc['line']]) sfile.seek(0,0) sfile.writelines(lines) sfile.truncate() BugLog.append({'loc':loc['line'], 'length':1,'bug type':bug_type, 'approach':'weakening security'})
def code_transform(filename, bug_type): """ Inject bugs through Code Transformation approach """ existing_patterns = [] code_trans_configs = configparser.RawConfigParser(allow_no_value=True) code_trans_configs.read("code_trans.conf") for config in code_trans_configs.sections(): _bug_type = code_trans_configs.get(config, 'bug_type') _sec_snip= code_trans_configs.get(config, 'current_snippet') _bug_snip= code_trans_configs.get(config, 'bug_snippet') existing_patterns.append ({'bug_type':_bug_type,'sec_snip':_sec_snip,'bug_snip':_bug_snip}) with open (filename, "r+b") as myfile: s = myfile.read() #s = re.sub(a.encode(),b.encode(), s) ret = s bug_patterns = [bugs for bugs in existing_patterns if bugs['bug_type'] == bug_type] for bug in bug_patterns: """locations of the patterns to be replaced""" bug_locs = inject_file.get_pattern_all_offsets(filename, bug['sec_snip']) """Transfer the secure code to make it unsecure to introduce bug into the source code""" if (len(bug_locs) >0): ret = re.sub(re.compile(bug['sec_snip'].encode()), bug['bug_snip'].encode(), ret) myfile.seek(0,0) myfile.write(ret) myfile.truncate() for loc in bug_locs: BugLog.append({'loc':loc['line'], 'length':1,'bug type':bug_type, 'approach':'code tranfsorm'})
def Inspect_results(_tools = []): global reported_bugs oyente_FNs = [] securify_FNs = [] mythril_FNs = [] smartcheck_FNs = [] slither_FNs = [] manticore_FNs = [] oyente_FPs = [] securify_FPs = [] mythril_FPs = [] smartcheck_FPs = [] slither_FPs = [] manticore_FPs = [] tools = _tools # Contracts x = [ i for i in range(1,51)] for tool in tools: tool_bugs = [bugs['bugs'] for bugs in bug_types if bugs['tool'] == tool] for bug_type in tool_bugs[0]: oyente_ibugs =0 oyente_bug_fn =0 oyente_misclas =0 securify_ibugs =0 securify_bug_fn =0 securify_misclas =0 mythril_ibugs =0 mythril_bug_fn =0 mythril_misclas =0 smartcheck_ibugs =0 smartcheck_bug_fn =0 smartcheck_misclas =0 slither_ibugs =0 slither_bug_fn =0 slither_misclas =0 manticore_ibugs =0 manticore_bug_fn =0 manticore_misclas =0 c=0 for cs in x: tool_main_dir = os.path.join(main_dir,tool) tool_buggy_sc = os.path.join(tool_main_dir,"analyzed_buggy_contracts") injected_scs = os.path.join(tool_buggy_sc,bug_type) bug_log =injected_scs+"/BugLog_"+str(cs)+".csv" buggy_sc =injected_scs+"/buggy_"+str(cs)+".sol" result_file = injected_scs+"/results/buggy_"+str(cs)+".sol.txt" if tool in ("Slither","Oyente"): result_file = injected_scs+"/results/buggy_"+str(cs)+".sol.json" #Read the injected bug logs with open(bug_log, 'r') as f: reader = csv.reader(f) bug_log_list = list(reader) #Inspect tool reports for false negatives and false positives positives if tool =='Securify': detected_bugs = [] reported_bugs = [] #""locations of all violation patterns in the tool generated report"" violation_pattern= "Violation((.+)\s)+at\s" violation_locs = inject_file.get_pattern_all_offsets(result_file, violation_pattern) for viol in violation_locs: extract_detected_bug(result_file,viol,tool,cs) #Inspect flase negatives false_negatives = [] misclassifications = [] tool_reported_bugs = [bugs for bugs in reported_bugs if bugs['tool'] == tool and bugs['contract'] ==cs] tool_bug_codes = [codes for codes in securify_bug_codes if codes['bug'] == bug_type] for ibug in bug_log_list[1:len(bug_log_list)]: detected = False misclassified = False for dbug in tool_reported_bugs: if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])): if dbug['bugType'].strip() in tool_bug_codes[0]['codes']: detected = True else: misclassified = True if detected == False: false_negatives.append(ibug) if misclassified == True and detected == False: misclassifications.append(ibug) securify_ibugs +=(len(bug_log_list)-1) securify_bug_fn +=len(false_negatives) securify_misclas +=len(misclassifications) #Inspect flase positives false_positives = [] for dbug in tool_reported_bugs: injected = False for ibug in bug_log_list[1:len(bug_log_list)]: if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])): injected = True if injected == False: reported_non_injected.append(dbug) elif tool == 'Mythril': detected_bugs = [] reported_bugs = [] #""locations of all reported bug patterns in the tool generated report"" violation_pattern= "===((.+)\s)+--" violation_locs = inject_file.get_pattern_all_offsets(result_file, violation_pattern) for viol in violation_locs: extract_detected_bug(result_file,viol,tool,cs) #Inspect flase negatives false_negatives = [] misclassifications = [] tool_reported_bugs = [bugs for bugs in reported_bugs if bugs['tool'] == tool and bugs['contract'] ==cs] tool_bug_codes = [codes for codes in mythril_bug_codes if codes['bug'] == bug_type] for ibug in bug_log_list[1:len(bug_log_list)]: detected = False misclassified = False for dbug in tool_reported_bugs: if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])): if dbug['bugType'].strip() in tool_bug_codes[0]['codes']: detected = True else: misclassified = True if detected == False: false_negatives.append(ibug) if misclassified == True and detected == False: misclassifications.append(ibug) mythril_ibugs +=(len(bug_log_list)-1) mythril_bug_fn +=len(false_negatives) mythril_misclas +=len(misclassifications) #Inspect flase positives for dbug in tool_reported_bugs: injected = False for ibug in bug_log_list[1:len(bug_log_list)]: if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])): injected = True if injected == False: reported_non_injected.append(dbug) elif tool == 'Slither': reported_bugs = [] #""locations of all reported bug patterns in the tool generated report"" with open(result_file) as fh: result_file_data = json.loads(fh.read()) violation_locs = get_all_childs(result_file_data) for viol in violation_locs: line = re.findall(r'(?<=sol#)[0-9]*(?=\))',viol['desc']) if len(line)>0: bugLine = int (line[0]) bugType = viol['type'] reported_bugs.append({'tool':tool,'lines':bugLine,'bugType':bugType,'contract':cs}) #Inspect flase negatives false_negatives = [] misclassifications = [] tool_reported_bugs = [bugs for bugs in reported_bugs if bugs['tool'] == tool and bugs['contract'] ==cs] tool_bug_codes = [codes for codes in slither_bug_codes if codes['bug'] == bug_type] for ibug in bug_log_list[1:len(bug_log_list)]: detected = False misclassified = False for dbug in tool_reported_bugs: if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])): if dbug['bugType'].strip() in tool_bug_codes[0]['codes']: detected = True else: misclassified = True if detected == False: false_negatives.append(ibug) if misclassified == True and detected == False: misclassifications.append(ibug) #print(false_negatives) slither_ibugs +=(len(bug_log_list)-1) slither_bug_fn +=len(false_negatives) slither_misclas +=len(misclassifications) #Inspect flase positives false_positives = [] for dbug in tool_reported_bugs: injected = False for ibug in bug_log_list[1:len(bug_log_list)]: if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])): injected = True if injected == False: reported_non_injected.append(dbug) elif tool == 'Smartcheck': detected_bugs = [] reported_bugs = [] #""locations of all reported bug patterns in the tool generated report"" violation_pattern= "ruleId((.+)\s)+line:\s[0-9]*" violation_locs = inject_file.get_pattern_all_offsets(result_file, violation_pattern) for viol in violation_locs: extract_detected_bug(result_file,viol,tool,cs) #Inspect flase negatives false_negatives = [] misclassifications = [] tool_reported_bugs = [bugs for bugs in reported_bugs if bugs['tool'] == tool and bugs['contract'] ==cs] tool_bug_codes = [codes for codes in smartcheck_bug_codes if codes['bug'] == bug_type] for ibug in bug_log_list[1:len(bug_log_list)]: detected = False misclassified = False for dbug in tool_reported_bugs: if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])): if dbug['bugType'].strip() in tool_bug_codes[0]['codes']: detected = True else: misclassified = True if detected == False: false_negatives.append(ibug) if misclassified == True and detected == False: misclassifications.append(ibug) smartcheck_ibugs +=(len(bug_log_list)-1) smartcheck_bug_fn +=len(false_negatives) smartcheck_misclas +=len(misclassifications) #Inspect flase positives false_positives = [] for dbug in tool_reported_bugs: injected = False for ibug in bug_log_list[1:len(bug_log_list)]: if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])): injected = True if injected == False: reported_non_injected.append(dbug) elif tool == 'Oyente': detected_bugs = [] reported_bugs = [] head, tail = os.path.split(buggy_sc) #""locations of all reported bug patterns in the tool generated report"" violation_pattern= "(?<=sol:)(.*)(?=\.\\\)" cs_names = [names['names'] for names in contract_names_per_file if names['file'] == tail] for cs_name in cs_names[0]: result_file = injected_scs+"/results/buggy_"+str(cs)+".sol:"+cs_name+".json" if not os.path.isfile(result_file): continue violation_locs = inject_file.get_pattern_all_offsets(result_file, violation_pattern) for viol in violation_locs: extract_detected_bug(result_file,viol,tool,cs) #Inspect flase negatives false_negatives = [] misclassifications = [] tool_reported_bugs = [bugs for bugs in reported_bugs if bugs['tool'] == tool and bugs['contract'] ==cs] tool_bug_codes = [codes for codes in oyente_bug_codes if codes['bug'] == bug_type] for ibug in bug_log_list[1:len(bug_log_list)]: detected = False misclassified = False for dbug in tool_reported_bugs: if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])): if dbug['bugType'].strip() in tool_bug_codes[0]['codes']: detected = True else: misclassified = True if detected == False: false_negatives.append(ibug) if misclassified == True and detected == False: misclassifications.append(ibug) oyente_ibugs +=(len(bug_log_list)-1) oyente_bug_fn +=len(false_negatives) oyente_misclas +=len(misclassifications) #Inspect flase positives false_positives = [] for dbug in tool_reported_bugs: injected = False for ibug in bug_log_list[1:len(bug_log_list)]: if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])): injected = True if injected == False: reported_non_injected.append(dbug) elif tool == 'Manticore': detected_bugs = [] reported_bugs = [] head, tail = os.path.split(buggy_sc) #""locations of all reported bug patterns in the tool generated report"" violation_pattern= "\-((.+)\s)+[0-9]+" cs_names = [names['names'] for names in contract_names_per_file if names['file'] == tail] for cs_name in cs_names[0]: result_file = injected_scs+"/results/buggy_"+str(cs)+"."+cs_name+".txt" if not os.path.isfile(result_file): continue violation_locs = inject_file.get_pattern_all_offsets(result_file, violation_pattern) for viol in violation_locs: extract_detected_bug(result_file,viol,tool,cs) #Inspect flase negatives false_negatives = [] misclassifications = [] tool_reported_bugs = [bugs for bugs in reported_bugs if bugs['tool'] == tool and bugs['contract'] ==cs] tool_bug_codes = [codes for codes in manticore_bug_codes if codes['bug'] == bug_type] for ibug in bug_log_list[1:len(bug_log_list)]: detected = False misclassified = False for dbug in tool_reported_bugs: if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])): if dbug['bugType'].strip() in tool_bug_codes[0]['codes']: detected = True else: misclassified = True if detected == False: false_negatives.append(ibug) if misclassified == True and detected == False: misclassifications.append(ibug) manticore_ibugs +=(len(bug_log_list)-1) manticore_bug_fn +=len(false_negatives) manticore_misclas +=len(misclassifications) #Inspect flase positives false_positives = [] for dbug in tool_reported_bugs: injected = False for ibug in bug_log_list[1:len(bug_log_list)]: if int(dbug['lines']) >= int(ibug[0]) and int(dbug['lines']) < (int(ibug[0])+int(ibug[1])): injected = True if injected == False: reported_non_injected.append(dbug) if tool == "Oyente": oyente_FNs.append({'BugType':bug_type,'InjectedBugs':oyente_ibugs,'FalseNegatives':oyente_bug_fn,'MisClassified':oyente_misclas,'UnDetected':(oyente_bug_fn-oyente_misclas)}) elif tool == "Securify": securify_FNs.append({'BugType':bug_type,'InjectedBugs':securify_ibugs,'FalseNegatives':securify_bug_fn,'MisClassified':securify_misclas,'UnDetected':(securify_bug_fn-securify_misclas)}) elif tool == "Mythril": mythril_FNs.append({'BugType':bug_type,'InjectedBugs':mythril_ibugs,'FalseNegatives':mythril_bug_fn,'MisClassified':mythril_misclas,'UnDetected':(mythril_bug_fn-mythril_misclas)}) elif tool == "Smartcheck": smartcheck_FNs.append({'BugType':bug_type,'InjectedBugs':smartcheck_ibugs,'FalseNegatives':smartcheck_bug_fn,'MisClassified':smartcheck_misclas,'UnDetected':(smartcheck_bug_fn-smartcheck_misclas)}) elif tool =="Slither": slither_FNs.append({'BugType':bug_type,'InjectedBugs':slither_ibugs,'FalseNegatives':slither_bug_fn,'MisClassified':slither_misclas,'UnDetected':(slither_bug_fn-slither_misclas)}) elif tool =="Manticore": manticore_FNs.append({'BugType':bug_type,'InjectedBugs':manticore_ibugs,'FalseNegatives':manticore_bug_fn,'MisClassified':manticore_misclas,'UnDetected':(manticore_bug_fn-manticore_misclas)}) #Export False negative results csv_columns = ['BugType','InjectedBugs','FalseNegatives','MisClassified','UnDetected'] for tool in tools: csv_file = os.path.join("FNs/"+tool+"_FNs.csv") try: with open(csv_file, 'w') as csvfile: writer = csv.DictWriter(csvfile, fieldnames=csv_columns) writer.writeheader() if tool =="Oyente": for data in oyente_FNs: writer.writerow(data) elif tool =="Securify": for data in securify_FNs: writer.writerow(data) elif tool =="Mythril": for data in mythril_FNs: writer.writerow(data) elif tool =="Smartcheck": for data in smartcheck_FNs: writer.writerow(data) elif tool =="Slither": for data in slither_FNs: writer.writerow(data) elif tool =="Manticore": for data in manticore_FNs: writer.writerow(data) print ("\n************************** "+tool +" False Negatives *******************\n") df = pandas.read_csv(csv_file) print(df) except IOError: print("I/O error") #Print to console #remove duplicates tempList = [] for bug in reported_non_injected: if bug not in tempList: tempList.append(bug) _reported_non_injected = tempList coded_reported_non_injected = [] #Check majority for bug in _reported_non_injected: coded_bugType =get_bug_type(bug) coded_reported_non_injected.append({'lines':bug['lines'],'tool':bug['tool'],'bugType':coded_bugType,'contract':bug['contract']}) for tool in tools: if tool == "Oyente": tool_bugs = [bugs['bug'] for bugs in oyente_bug_codes] for bug in tool_bugs: fp_count = 0 excluded = 0 other_count = 0 bug_type_threshold = [thr['threshold'] for thr in thresholds if thr['bug']==bug][0] for sc in x: type_specific_bugs = [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] == bug and bugs['contract']==sc] other_bugs= [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] not in tool_bugs and bugs['contract']==sc] other_count += len(other_bugs) for sbugs in type_specific_bugs: tools_deteced_bug = [bugs for bugs in coded_reported_non_injected if bugs['lines'] == sbugs['lines'] and bugs['bugType']== bug and bugs['contract']==sc] if not len(tools_deteced_bug) >= bug_type_threshold: fp_count +=1 else: excluded +=1 oyente_FPs.append({'BugType':bug,'FalsePositives':fp_count,'ExcludedByMajority':excluded,'Total':(fp_count+excluded)}) oyente_FPs.append({'BugType':'Other','FalsePositives':other_count,'ExcludedByMajority':0,'Total':other_count}) elif tool == "Securify": tool_bugs = [bugs['bug'] for bugs in securify_bug_codes] for bug in tool_bugs: fp_count = 0 excluded = 0 other_count = 0 bug_type_threshold = [thr['threshold'] for thr in thresholds if thr['bug']==bug][0] for sc in x: type_specific_bugs = [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] == bug and bugs['contract']==sc] other_bugs= [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] not in tool_bugs and bugs['contract']==sc] other_count += len(other_bugs) for sbugs in type_specific_bugs: tools_deteced_bug = [bugs for bugs in coded_reported_non_injected if bugs['lines'] == sbugs['lines'] and bugs['bugType']== bug and bugs['contract']==sc] if not len(tools_deteced_bug) >= bug_type_threshold: fp_count +=1 else: excluded +=1 securify_FPs.append({'BugType':bug,'FalsePositives':fp_count,'ExcludedByMajority':excluded,'Total':(fp_count+excluded)}) securify_FPs.append({'BugType':'Other','FalsePositives':other_count,'ExcludedByMajority':0,'Total':other_count}) elif tool == "Mythril": tool_bugs = [bugs['bug'] for bugs in mythril_bug_codes] for bug in tool_bugs: fp_count = 0 excluded = 0 other_count = 0 bug_type_threshold = [thr['threshold'] for thr in thresholds if thr['bug']==bug][0] for sc in x: type_specific_bugs = [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] == bug and bugs['contract']==sc] other_bugs= [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] not in tool_bugs and bugs['contract']==sc] other_count += len(other_bugs) for sbugs in type_specific_bugs: tools_deteced_bug = [bugs for bugs in coded_reported_non_injected if bugs['lines'] == sbugs['lines'] and bugs['bugType']== bug] if not len(tools_deteced_bug) >= bug_type_threshold: fp_count +=1 else: excluded +=1 mythril_FPs.append({'BugType':bug,'FalsePositives':fp_count,'ExcludedByMajority':excluded,'Total':(fp_count+excluded)}) mythril_FPs.append({'BugType':'Other','FalsePositives':other_count,'ExcludedByMajority':0,'Total':other_count}) elif tool == "Smartcheck": tool_bugs = [bugs['bug'] for bugs in smartcheck_bug_codes] for bug in tool_bugs: fp_count = 0 excluded = 0 other_count = 0 bug_type_threshold = [thr['threshold'] for thr in thresholds if thr['bug']==bug][0] for sc in x: type_specific_bugs = [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] == bug and bugs['contract']==sc] other_bugs= [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] not in tool_bugs and bugs['contract']==sc] other_count += len(other_bugs) for sbugs in type_specific_bugs: tools_deteced_bug = [bugs for bugs in coded_reported_non_injected if bugs['lines'] == sbugs['lines'] and bugs['bugType']== bug and bugs['contract']==sc] if not len(tools_deteced_bug) >= bug_type_threshold: fp_count +=1 else: excluded +=1 smartcheck_FPs.append({'BugType':bug,'FalsePositives':fp_count,'ExcludedByMajority':excluded,'Total':(fp_count+excluded)}) smartcheck_FPs.append({'BugType':'Other','FalsePositives':other_count,'ExcludedByMajority':0,'Total':other_count}) elif tool == "Slither": tool_bugs = [bugs['bug'] for bugs in slither_bug_codes] for bug in tool_bugs: fp_count = 0 excluded = 0 other_count = 0 bug_type_threshold = [thr['threshold'] for thr in thresholds if thr['bug']==bug][0] for sc in x: type_specific_bugs = [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] == bug and bugs['contract']==sc] other_bugs= [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] not in tool_bugs and bugs['contract']==sc] other_count += len(other_bugs) for sbugs in type_specific_bugs: tools_deteced_bug = [bugs for bugs in coded_reported_non_injected if bugs['lines'] == sbugs['lines'] and bugs['bugType']== bug and bugs['contract']==sc] if not len(tools_deteced_bug) >= bug_type_threshold: fp_count +=1 else: excluded +=1 slither_FPs.append({'BugType':bug,'FalsePositives':fp_count,'ExcludedByMajority':excluded,'Total':(fp_count+excluded)}) slither_FPs.append({'BugType':'Other','FalsePositives':other_count,'ExcludedByMajority':0,'Total':other_count}) if tool == "Manticore": tool_bugs = [bugs['bug'] for bugs in manticore_bug_codes] for bug in tool_bugs: fp_count = 0 excluded = 0 other_count = 0 bug_type_threshold = [thr['threshold'] for thr in thresholds if thr['bug']==bug][0] for sc in x: type_specific_bugs = [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] == bug and bugs['contract']==sc] other_bugs= [bugs for bugs in coded_reported_non_injected if bugs['tool'] == tool and bugs['bugType'] not in tool_bugs and bugs['contract']==sc] other_count += len(other_bugs) for sbugs in type_specific_bugs: tools_deteced_bug = [bugs for bugs in coded_reported_non_injected if bugs['lines'] == sbugs['lines'] and bugs['bugType']== bug and bugs['contract']==sc] if not len(tools_deteced_bug) >= bug_type_threshold: fp_count +=1 else: excluded +=1 manticore_FPs.append({'BugType':bug,'FalsePositives':fp_count,'ExcludedByMajority':excluded,'Total':(fp_count+excluded)}) manticore_FPs.append({'BugType':'Other','FalsePositives':other_count,'ExcludedByMajority':0,'Total':other_count}) #Export False positive results csv_columns = ['BugType','FalsePositives','ExcludedByMajority','Total'] for tool in tools: csv_file = os.path.join("FPs/"+tool+"_FPs.csv") try: with open(csv_file, 'w') as csvfile: writer = csv.DictWriter(csvfile, fieldnames=csv_columns) writer.writeheader() if tool =="Oyente": for data in oyente_FPs: writer.writerow(data) elif tool =="Securify": for data in securify_FPs: writer.writerow(data) elif tool =="Mythril": for data in mythril_FPs: writer.writerow(data) elif tool =="Smartcheck": for data in smartcheck_FPs: writer.writerow(data) elif tool =="Slither": for data in slither_FPs: writer.writerow(data) elif tool =="Manticore": for data in manticore_FPs: writer.writerow(data) print ("\n************************** "+tool +" False Positives *******************\n") df = pandas.read_csv(csv_file) print(df) except IOError: print("I/O error")