예제 #1
0
def func_similarity_cfg_level(soft_db, funcs, character_db, func_name, worksheet):
    # @db1 待比对数据库
    # @db2 漏洞特征数据库
    # @func_name 目标函数名
    
    #过滤一下
    ast_root = get_function_ast_root(character_db, func_name)
    if ast_root is None:
        print "no function found"
        return
    
    return_type = get_function_return_type(character_db, ast_root)  # 获取目标函数返回值类型
    param_list = get_function_param_list(character_db, ast_root)  # 获取目标函数参数类型列表

    filter_funcs = filter_functions(soft_db, funcs, return_type, param_list) # 过滤待比较函数
    tar_func = get_function_node(character_db, func_name)
    
    for ast_root in filter_funcs:
        src_func = get_function_node_by_ast_root(soft_db, ast_root)
        
        
        match, simi = func_cfg_similarity(src_func, soft_db, tar_func, character_db)
        if match:
            
            file = get_function_file(soft_db, src_func.properties[u'name'])[41:]
            worksheet.append(
                             (func_name, file, src_func.properties[u'name'],match,
                              round(simi,4) ))
        elif simi == -1:
            print u"节点太多,未进行比较 "
예제 #2
0
def get_software_var_map(soft, port):
    neo4j_db = Graph("http://127.0.0.1:%d/db/data/" % port)
    sql_db = sqlite3.connect("/home/bert/Documents/data/" + soft + ".db")
    sql_db.execute('''create table if not exists %s(
            func_id INT PRIMARY KEY,
            func_name CHAR(100) NOT NULL,
            file CHAR(200) NOT NULL,
            var_map TEXT NOT NULL,
            ast_type_const TEXT NOT NULL,
            ast_type_only TEXT NOT NULL,
            ast_const_only TEXT NOT NULL,
            ast_no_type_const TEXT NOT NULL,
            no_mapping TEXT NOT NULL)''' % soft)
    sql_db.commit()

    funcs = get_all_functions(neo4j_db)
    open("" + len(funcs).__str__(), "w")
    print "get all functions OK:", len(funcs)

    for func in funcs:
        # 查重
        ret = sql_db.execute("select * from %s where func_id=?" % soft,
                             (func._id, ))
        if ret.fetchone():
            continue

        print "[%s] processing %s " % (datetime.datetime.now().strftime(
            "%y-%m-%d %H:%M:%S"), func.properties[u'name'])

        try:
            ast_root = get_function_ast_root(neo4j_db, func)
            func_file = get_function_file(neo4j_db, func)
            ser = serializedAST(neo4j_db)
            ret = ser.genSerilizedAST(ast_root)
            var_map = ser.variable_maps
            ast1 = ";".join(ret[0])
            ast2 = ";".join(ret[1])
            ast3 = ";".join(ret[2])
            ast4 = ";".join(ret[3])
            ast5 = ";".join(ret[4])
        except Exception, e:
            traceback.print_exc()

        try:
            sql_db.execute(
                'insert into %s values(?, ?, ?, ?, ?, ?, ?, ?,?)' % soft,
                (func._id, func.properties[u'name'], func_file,
                 var_map.__str__(), ast1, ast2, ast3, ast4, ast5))
            sql_db.commit()
        except Exception, e:
            print e
예제 #3
0
def func_similarity_segement_level(db1, funcs, db2, func_name, worksheet):
    # @db1 待比对数据库
    # @db2 漏洞特征数据库
    # @func_name 目标函数名

    tar_func = get_function_node(db2, func_name)
    for src_func in funcs:
        match, simi = func_cfg_similarity(src_func, db1, tar_func, db2)
        if match:

            file = get_function_file(db1, src_func.properties[u'name'])[41:]
            worksheet.append(
                (func_name, file, src_func.properties[u'name'], match,
                 round(simi, 4)))
        elif simi == -1:
            print u"节点太多,未进行比较 "
예제 #4
0
def func_similarity_segement_level(db1, funcs, db2, func_name, worksheet):
    # @db1 待比对数据库
    # @db2 漏洞特征数据库
    # @func_name 目标函数名
    
    tar_func = get_function_node(db2, func_name)
    for src_func in funcs: 
        match, simi = func_cfg_similarity(src_func, db1, tar_func, db2)
        if match:
            
            file = get_function_file(db1, src_func.properties[u'name'])[41:]
            worksheet.append(
                             (func_name, file, src_func.properties[u'name'],match,
                              round(simi,4) ))
        elif simi == -1:
            print u"节点太多,未进行比较 "
예제 #5
0
def func_similarity_astLevel(db1, funcs, db2, func_name, suffix_tree_obj, worksheet):
    # @db1 待比对数据库
    # @db2 漏洞特征数据库
    # @func_name 目标函数名
    
    target_func = get_function_ast_root(db2, func_name)
    return_type = get_function_return_type(db2, target_func)  # 获取目标函数返回值类型
    param_list = get_function_param_list(db2, target_func)  # 获取目标函数参数类型列表
    
    # funcs = getAllFuncs(db1) #获取所有函数
    filter_funcs = filter_functions(db1, funcs, return_type, param_list) # 过滤待比较函数
    
    ret = serializedAST(db2).genSerilizedAST(target_func)
    pattern1 = ";".join(ret[0][2:])
    pattern2 = ";".join(ret[1][2:])
    pattern3 = ";".join(ret[2][2:])
    pattern4 = ";".join(ret[3][2:])  
    
    for func in filter_funcs:
        ast_root = get_function_ast_root(db1, func.properties[u'name'])
        s1 = serializedAST(db1, True, True).genSerilizedAST(ast_root)[0][:-1]
        s2 = serializedAST(db1, False, True).genSerilizedAST(ast_root)[0][:-1]
        s3 = serializedAST(db1, True, False).genSerilizedAST(ast_root)[0][:-1]
        s4 = serializedAST(db1, False, False).genSerilizedAST(ast_root)[0][:-1] 
        
        report = {}
        if suffix_tree_obj.search(s1, pattern1):
            report['distinct_type_and_const'] = True
        
        if suffix_tree_obj.search(s2, pattern2):
            report['distinct_const_no_type'] = True
        
        if suffix_tree_obj.search(s3, pattern3):
            report['distinct_type_no_const'] = True
        
        if suffix_tree_obj.search(s4, pattern4):
            report['distinct_type_no_const'] = True
        
        if report['distinct_type_and_const'] or  report['distinct_const_no_type']\
            or report['distinct_type_no_const'] or report['no_type_no_const']:
            
            file = get_function_file(db1, func.properties[u'name'])
            worksheet.append(
                             (func_name, file, func.properties[u'name'],report['distinct_type_and_const'],
                              report['distinct_const_no_type'], report['distinct_type_no_const'],
                              report['distinct_type_no_const'] ))