def vuln_patch_compare(vuln_id, neo4jdb): vuln_info = vulnerability_info.objects.get(vuln_id=vuln_id) vuln_name = vuln_info.cve_info.cveid.replace( "-", "_").upper() + "_VULN_" + vuln_info.vuln_func patch_name = vuln_info.cve_info.cveid.replace( "-", "_").upper() + "_PATCHED_" + vuln_info.vuln_func # if not is_character_db_on(): # start_character_db() # neo4jdb = JoernSteps() # try: # neo4jdb.setGraphDbURL('http://localhost:7474/db/data/') # neo4jdb.connectToDatabase() # except: start_time = time.time() report = func_similarity_reports() report.vuln_info = vuln_info report.status = "pending" report.save() vuln_func = getASTRootNodeByName(vuln_name, neo4jdb) if vuln_func is None: report.status = "vuln_func_not_found" report.save() return patched_func = getASTRootNodeByName(patch_name, neo4jdb) if patched_func is None: report.status = "patched_func_not_found" report.save() return s1 = serializedAST(neo4jdb, True, True) s2 = serializedAST(neo4jdb, False, True) s3 = serializedAST(neo4jdb, True, False) s4 = serializedAST(neo4jdb, False, False) r = ast_match_info() if s1.genSerilizedAST(vuln_func) == s1.genSerilizedAST(patched_func): r.distinct_type_and_const = True if s2.genSerilizedAST(vuln_func) == s2.genSerilizedAST(patched_func): r.distinct_const_no_type = True if s3.genSerilizedAST(vuln_func) == s3.genSerilizedAST(patched_func): r.distinct_const_no_type = True if s4.genSerilizedAST(vuln_func) == s4.genSerilizedAST(patched_func): r.no_type_no_const = True end_time = time.time() report.match_reports = pickle.dumps(r.get_dict()) report.status = "success" report.cost = round(end_time - start_time, 2) report.save()
def vuln_patch_compare(vuln_id, neo4jdb): vuln_info = vulnerability_info.objects.get(vuln_id=vuln_id) vuln_name = vuln_info.cve_info.cveid.replace("-", "_").upper() + "_VULN_" + vuln_info.vuln_func patch_name = vuln_info.cve_info.cveid.replace("-", "_").upper() + "_PATCHED_" + vuln_info.vuln_func # if not is_character_db_on(): # start_character_db() # neo4jdb = JoernSteps() # try: # neo4jdb.setGraphDbURL('http://localhost:7474/db/data/') # neo4jdb.connectToDatabase() # except: start_time = time.time() report = func_similarity_reports() report.vuln_info = vuln_info report.status = "pending" report.save() vuln_func = getASTRootNodeByName(vuln_name, neo4jdb) if vuln_func is None: report.status = "vuln_func_not_found" report.save() return patched_func = getASTRootNodeByName(patch_name, neo4jdb) if patched_func is None: report.status = "patched_func_not_found" report.save() return s1 = serializedAST(neo4jdb, True, True) s2 = serializedAST(neo4jdb, False, True) s3 = serializedAST(neo4jdb, True, False) s4 = serializedAST(neo4jdb, False, False) r = ast_match_info() if s1.genSerilizedAST(vuln_func) == s1.genSerilizedAST(patched_func): r.distinct_type_and_const = True if s2.genSerilizedAST(vuln_func) == s2.genSerilizedAST(patched_func): r.distinct_const_no_type = True if s3.genSerilizedAST(vuln_func) == s3.genSerilizedAST(patched_func): r.distinct_const_no_type = True if s4.genSerilizedAST(vuln_func) == s4.genSerilizedAST(patched_func): r.no_type_no_const = True end_time = time.time() report.match_reports = pickle.dumps(r.get_dict()) report.status = "success" report.cost = round(end_time - start_time, 2) report.save()
def func_similarity_astLevel(db1, funcs, db2, func_name): # @db1 待比对数据库 # @db2 漏洞特征数据库 # @func_name 目标函数名 start_time = time.time() target_func = getASTRootNodeByName(func_name, db2) return_type = getFuncRetType(target_func, db2) # 获取目标函数返回值类型 param_list = getFuncParamList(target_func, db2) # 获取目标函数参数类型列表 # funcs = getAllFuncs(db1) #获取所有函数 filter_funcs = filterFuncs(db1, funcs, return_type, param_list) # 过滤待比较函数 pattern1 = serializedAST(db2, True, True).genSerilizedAST(target_func) pattern2 = serializedAST(db2, False, True).genSerilizedAST(target_func) # 所有类型变量映射成相同值 pattern3 = serializedAST(db2, True, False).genSerilizedAST(target_func) pattern4 = serializedAST(db2, False, False).genSerilizedAST(target_func) s1 = serializedAST(db1, True, True) s2 = serializedAST(db1, False, True) s3 = serializedAST(db1, True, False) s4 = serializedAST(db1, False, False) report_dict = {} for func in filter_funcs: report = ast_match_info() if pattern1 == s1.genSerilizedAST(func): report.distinct_type_and_const = True if pattern2 == s2.genSerilizedAST(func): report.distinct_const_no_type = True if pattern3 == s3.genSerilizedAST(func): report.distinct_type_no_const = True if pattern4 == s4.genSerilizedAST(func): report.no_type_no_const = True if report.is_valid(): report_dict[func] = pickle.dumps(report) end_time = time.time() cost = end_time - start_time return report_dict, round(cost, 2)
def astLevel_similarity_proc(db1, funcs, db2, func_name): suffixtree_cmp = suffixtree() pattern1 = serializedAST(db2, True, True).genSerilizedAST(func_name) pattern2 = serializedAST(db2, False, True).genSerilizedAST(func_name) # 所有类型变量映射成相同值 pattern3 = serializedAST(db2, True, False).genSerilizedAST(func_name) pattern4 = serializedAST(db2, False, False).genSerilizedAST(func_name) #去掉前缀 prefix_str = r"^FunctionDef\([0-9]+\);CompoundStatement\([0-9]+\);" pattern1 = re.sub(prefix_str, "", pattern1) pattern2 = re.sub(prefix_str, "", pattern2) pattern3 = re.sub(prefix_str, "", pattern3) pattern4 = re.sub(prefix_str, "", pattern4) s1 = serializedAST(db1, True, True) s2 = serializedAST(db1, False, True) s3 = serializedAST(db1, True, False) s4 = serializedAST(db1, False, False) report_dict = {} for func in funcs: report = ast_match_info() if suffixtree_cmp.search(s1.genSerilizedAST(func), pattern1): report.distinct_type_and_const = True if suffixtree_cmp.search(s2.genSerilizedAST(func), pattern2): report.distinct_const_no_type = True if suffixtree_cmp.search(s3.genSerilizedAST(func), pattern3): report.distinct_type_no_const = True if suffixtree_cmp.search(s4.genSerilizedAST(func), pattern4): report.no_type_no_const = True if report.is_valid(): report_dict[func] = report return report_dict