def run_example_tool(bat_file):
"""
This method is called from the run_analysis method. It is called for
each matching file. Files are matched against the glob expression
specified in main.
When this method is called, the script will have changed to the directory
where the batch file exists.
"""
# In order to run a source code analysis tool, build appropriate command
# line(s) as shown in the commented out example below
"""
build_name = "toolname.c_and_cpp." + py_common.get_timestamp() + "." + bat_file[:-4]
command1 = "mytool --build " + build_name + " --option1 --option2 " + bat_file
py_common.print_with_timestamp("Running " + command1)
py_common.run_commands([command1])
command2 = "mytool --analyze " + build_name + " --output " + build_name + ".xml"
py_common.print_with_timestamp("Running " + command2)
py_common.run_commands([command2])
"""
# The code below will just run the batch file to compile the test cases without using a tool
# Remove or comment out this code when modifying this file to use an analysis tool
command = bat_file
py_common.print_with_timestamp("Running " + command)
py_common.run_commands([command])
def run_example_tool(bat_file):
"""
This method is called from the run_analysis method. It is called for
each matching file. Files are matched against the glob expression
specified in main.
When this method is called, the script will have changed to the directory
where the batch file exists.
"""
# In order to run a source code analysis tool, build appropriate command
# line(s) as shown in the commented out example below
"""
build_name = "toolname.c_and_cpp." + py_common.get_timestamp() + "." + bat_file[:-4]
command1 = "mytool --build " + build_name + " --option1 --option2 " + bat_file
py_common.print_with_timestamp("Running " + command1)
py_common.run_commands([command1])
command2 = "mytool --analyze " + build_name + " --output " + build_name + ".xml"
py_common.print_with_timestamp("Running " + command2)
py_common.run_commands([command2])
"""
# The code below will just run the batch file to compile the test cases without using a tool
# Remove or comment out this code when modifying this file to use an analysis tool
command = bat_file
py_common.print_with_timestamp("Running " + command)
py_common.run_commands([command])
def retrieveTestResult(test_name):
compilation_issue = 0
undetected = 0
detected = 0
path = "path/media/noname/3a224af4-22de-4deb-ad88-08422268a9fc/Inception/Benchmark/klee" + test[
"name"]
py_common.run_commands([""])
return compilation_issue, detected, undetected
def run_analysis(self, glob_needle, run_analysis_fx, scannerList):
"""
Helper method to run an analysis using a tool. Takes a glob string to search
for and a function pointer.
"""
#AW20130730 some modifications to speed up the mscompiler. can only be used if no other scanner runs
#msCompilerCMD='C:\\Program Files\\Microsoft Visual Studio 10.0\\VC\\bin\\vcvars32.bat'
#py_common.run_commands([msCompilerCMD], True)
time_started = time.time()
# find all the files
files = glob.glob(glob_needle)
lastDir = 'none'
# run all the files using the function pointer
for file in files:
#AW20130717 ensure only defined file extensions are processed
if (any(file.endswith(x) for x in self.config.allowedFileTypes)):
# change into directory with the file
dir = os.path.dirname(file)
os.chdir(dir)
# run the the file
file = os.path.basename(file)
dirName = os.path.basename(dir)
#run_analysis_fx(file, scannerList)
for sc in scannerList:
if (not sc.scanFolder):
#AW20130309 set use shell to true here, otherwise pipes don't work
py_common.run_commands([sc.getCmdString(file, file)],
True)
print(sc.getCmdString(file, file))
elif (sc.scanFolder and lastDir != dir):
print(sc.getCmdString(dir, dirName))
py_common.run_commands([sc.getCmdString(dir, dirName)],
True)
lastDir = dir
# return to original working directory
os.chdir(sys.path[0])
time_ended = time.time()
#print("Started: " + time.ctime(time_started))
#print("Ended: " + time.ctime(time_ended))
elapsed_seconds = time_ended - time_started
def run_example_tool(bat_file):
"""
This method is called from the run_analysis method. It is called for
each matching file. Files are matched against the glob expression
specified in main.
When this method is called, the script will have changed to the directory
where the batch file exists.
"""
# In order to run a source code analysis tool, build appropriate command
# line(s) as shown in the commented out example below
"""
build_name = "toolname.csharp." + py_common.get_timestamp() + "." + bat_file[:-4]
command1 = "mytool --build " + build_name + " --option1 --option2 " + bat_file
py_common.print_with_timestamp("Running " + command1)
py_common.run_commands([command1])
command2 = "mytool --analyze " + build_name + " --output " + build_name + ".xml"
py_common.print_with_timestamp("Running " + command2)
py_common.run_commands([command2])
"""
msbuildPath = "C:\\Program Files (x86)\\Microsoft Visual Studio\\2019\\Community\\MSBuild\\Current\\Bin\\MSBuild.exe"
solutionPath = "D:\\GitHub\\MyGit\\JulietTestSuite\\Example\\Example.csproj"
parameter = "-p:Configuration=Release"
command1 = msbuildPath + " " + solutionPath + " " + parameter
py_common.print_with_timestamp("Running " + command1)
py_common.run_commands([command1])
# The code below will just run ant to compile the test cases without using a
# tool
# Remove or comment out this code when modifying this file to use an analysis
# tool
command = bat_file
py_common.print_with_timestamp("Running " + command)
py_common.run_commands([command])
def compile_c(self, file_path, test_name):
# import IPython; IPython.embed()
directory = os.path.dirname(file_path)
output_dir = self.output_dir + file_path
test_file_src = output_dir + "/" + test_name + ".ll"
test_file_ll = test_name + ".ll"
test_file_bc = test_name + ".bc"
# Compile main_linux
py_common.run_commands(CWECompiler.CC + CWECompiler.CFLAGS +
self.includes + ["-D" + test_name] +
["./testcasesupport/main_linux.cpp"] +
[file_path])
# Link ll files
py_common.run_commands([
"llvm-link", test_file_ll, "./core.elf.ll", "./main_linux.ll",
"-o", test_file_bc
])
def run_example_tool(build_xml_file):
"""
This method is called from the run_analysis method. It is called for
each matching file. Files are matched against the glob expression
specified in main.
When this method is called, the script will have changed to the directory
where the build.xml file exists.
"""
# In order to run a source code analysis tool, build appropriate command
# line(s) as shown in the commented out example below
"""
# retrieve the CWE # from the parent directory name
path = os.getcwd()
cwe_id = re.search("(CWE\d+)_", os.path.basename(path)).group(1)
build_name = "toolname.java." + py_common.get_timestamp() + "." + cwe_id
command1 = "mytool --build " + build_name + " --option1 --option2 " + build_xml_file
print("Running " + command1)
py_common.run_commands([command1], True)
command2 = "mytool --analyze " + build_name + " --output " + build_name + ".xml"
print("Running " + command2)
py_common.run_commands([command2], True)
"""
# The code below will just run ant to compile the test cases without using a tool
# Remove or comment out this code when modifying this file to use an analysis tool
command = "ant"
print("Running " + command)
py_common.run_commands([command], True)
def run_example_tool(build_xml_file):
"""
This method is called from the run_analysis method. It is called for
each matching file. Files are matched against the glob expression
specified in main.
When this method is called, the script will have changed to the directory
where the build.xml file exists.
"""
# In order to run a source code analysis tool, build appropriate command
# line(s) as shown in the commented out example below
"""
# retrieve the CWE # from the parent directory name
path = os.getcwd()
cwe_id = re.search("(CWE\d+)_", os.path.basename(path)).group(1)
build_name = "toolname.java." + py_common.get_timestamp() + "." + cwe_id
command1 = "mytool --build " + build_name + " --option1 --option2 " + build_xml_file
py_common.print_with_timestamp("Running " + command1)
py_common.run_commands([command1], True)
command2 = "mytool --analyze " + build_name + " --output " + build_name + ".xml"
py_common.print_with_timestamp("Running " + command2)
py_common.run_commands([command2], True)
"""
# The code below will just run ant to compile the test cases without using a tool
# Remove or comment out this code when modifying this file to use an analysis tool
command = "ant"
py_common.print_with_timestamp("Running " + command)
py_common.run_commands([command], True)
def run_fortify_c_cpp(bat_file):
"""
Build and analyze the source code using the batch file.
"""
# build_name is based upon the name of the batch file
build_name = get_build_name(bat_file)
build_id = TOOL_NAME.replace(
" ", "_") #Replace any spaces in the tool name with underscore
build_id += "." + project_prefix
build_id += "." + py_common.get_timestamp()
build_id += "." + build_name
# Create file names and paths - we do this here so that the commands
# generated below can remain unchanged as long as there are no new options
# being passed to Fortify
build_log_filename = build_id + "-build-log.txt"
scan_log_filename = build_id + "-scan-log.txt"
clean_log_filename = build_id + "-clean-log.txt"
fpr_file = os.path.join(output_path, build_id) + ".fpr"
# Build the command to compile the code
command = MAIN_TOOL_COMMAND
command += " " + "-b" + " " + build_id
command += " " + "-logfile" + " " + build_log_filename
command += " " + "touchless"
command += " " + bat_file
py_common.print_with_timestamp("Running " + command)
py_common.run_commands([command])
# Build the command to analyze the code
command = MAIN_TOOL_COMMAND
command += " " + "-b" + " " + build_id
command += " " + "-logfile" + " " + scan_log_filename
command += " " + "-scan"
command += " " + "-f" + " \"" + fpr_file + "\""
command += " " + "-Dcom.fortify.sca.limiters.MaxIndirectResolutionsForCall=" + MAX_INDIRECT_RESOLUTIONS_FOR_CALL
command += " " + "-Dcom.fortify.sca.limiters.MaxFunPtrsForCall=" + MAX_FUN_PTRS_FOR_CALL
py_common.print_with_timestamp("Running " + command)
py_common.run_commands([command])
# Perform a clean so that we don't fill up the HD
command = MAIN_TOOL_COMMAND
command += " " + "-b" + " " + build_id
command += " " + "-logfile" + " " + clean_log_filename
command += " " + "-clean"
py_common.print_with_timestamp("Running " + command)
py_common.run_commands([command])
def transformResultForScanner(self, scanner, tmpDataDir):
outputFolder = os.path.dirname(scanner.outputFile)
execCMD = "java -jar " + self.config.motJar + " -input:" + outputFolder + " -meta:" + self.config.motMeta + "\\" + scanner.motMetaFile + " -output:" + tmpDataDir + scanner.name + ".csv"
py_common.run_commands([execCMD], True)
def transformResultForScanner(self, scanner, tmpDataDir):
outputFolder = os.path.dirname(scanner.outputFile)
execCMD = "java -jar "+self.config.motJar+" -input:"+outputFolder+" -meta:"+self.config.motMeta+"\\"+scanner.motMetaFile+" -output:"+tmpDataDir+scanner.name+".csv"
py_common.run_commands([execCMD], True)
def run_example_tool(self, bat_file, scannerList):
for sc in scannerList:
#AW20130309 set use shell to true here, otherwise pipes don't work
py_common.run_commands([sc.getCmdString(bat_file)], True)
cwe_sub_dirs = py_common.find_directories_in_dir(dir, "^s\d.*")
for sub_dir in cwe_sub_dirs:
# copy Program.cs into this testcase dir
copy_templates_and_program_to(sub_dir, is_dir_split)
# update all the files in this directory
update_csharp_templates.update_csharp_templates(
testcase_location=sub_dir, main_path=sub_dir)
if auto_build_sln:
# build solution
oldWD = os.getcwd()
os.chdir(sub_dir)
if OMITGOOD:
py_common.run_commands(
["msbuild -p:DefineConstants=OMITGOOD"], True)
elif OMITBAD:
py_common.run_commands(
["msbuild -p:DefineConstants=OMITBAD"], True)
else:
py_common.run_commands(["msbuild"], True)
os.chdir(oldWD)
else:
# copy Program.cs into this testcase dir
copy_templates_and_program_to(dir, is_dir_split)
# update all the files in this directory
update_csharp_templates.update_csharp_templates(
testcase_location=dir, main_path=dir)
def run_analysis(self, glob_needle, run_analysis_fx, scannerList):
"""
Helper method to run an analysis using a tool. Takes a glob string to search
for and a function pointer.
"""
#AW20130730 some modifications to speed up the mscompiler. can only be used if no other scanner runs
#msCompilerCMD='C:\\Program Files\\Microsoft Visual Studio 10.0\\VC\\bin\\vcvars32.bat'
#py_common.run_commands([msCompilerCMD], True)
time_started = time.time()
# find all the files
files = glob.glob(glob_needle, recursive=True)
lastDir = 'none'
# run all the files using the function pointer
for file in files:
#AW20130717 ensure only defined file extensions are processed
if (any(file.endswith(x) for x in self.config.allowedFileTypes)):
# change into directory with the file
dir = os.path.dirname(file)
os.chdir(dir)
# run the the file
file = os.path.basename(file)
dirName = os.path.basename(dir)
if (dirName.startswith("s")
or dirName.startswith("HelperClass")):
dirName = os.path.basename(os.path.dirname(dir))
#run_analysis_fx(file, scannerList)
for sc in scannerList:
if (not sc.scanFolder):
#AW20130309 set use shell to true here, otherwise pipes don't work
py_common.run_commands([sc.getCmdString(file, file)],
True)
print(sc.getCmdString(file, file))
elif (sc.scanFolder and lastDir != dir):
print(sc.getCmdString(dir, dirName))
py_common.run_commands([sc.getCmdString(dir, dirName)],
True)
lastDir = dir
with open(
sc.outputFile.replace("#filename",
dirName).replace(
"Java/",
"Java/tmpDir/"),
'r') as infile:
if (sc.name == "sonarqube"):
data = json.load(infile)
xml = dicttoxml.dicttoxml(data,
attr_type=False)
with open(
sc.outputFile.replace(
"#filename",
dirName).replace("json", "xml"),
'ab') as outfile:
outfile.write(xml)
else:
with open(
sc.outputFile.replace(
"#filename", dirName),
'a') as outfile:
outfile.write(infile.read())
# return to original working directory
os.chdir(sys.path[0])
time_ended = time.time()
#print("Started: " + time.ctime(time_started))
#print("Ended: " + time.ctime(time_ended))
elapsed_seconds = time_ended - time_started
def run_example_tool(test_core):
FNULL = open(os.devnull, 'w')
for test in tests:
FLAGS = [
"-D" + test["name"],
"-I/home/noname/Inception2/Inception-analyzer/include"
]
directory = os.path.dirname(test["filepath"])
filename = os.path.basename(test["filepath"])
py_common.print_with_timestamp("Testing " + test["name"])
output_dir = "/home/noname/Inception2/Juliet_test_suite/results/" + test[
"name"]
test_file_src = directory + "/" + test["name"] + ".ll"
test_file_ll = test["name"] + ".ll"
test_file_bc = test["name"] + ".bc"
"""
Klee will not run if the output directory is not empty
"""
dir = Path(output_dir)
if dir.is_dir():
continue
"""
Check if we need to compile or not
"""
dir = Path("tests_klee/" + test_file_bc)
if dir.is_file():
try:
# P = subprocess.check_output(["klee", "-max-time=30", "-output-dir=/media/noname/3a224af4-22de-4deb-ad88-08422268a9fc/Inception/Benchmark/klee"+test["name"], test_file_bc], timeout=10)
p = subprocess.Popen([
"klee", "-max-time=300", "-output-dir=" + output_dir,
test_file_bc
],
stderr=FNULL,
stdout=FNULL)
p.wait(timeout=300)
# py_common.run_commands(["klee", "-output-dir=/media/noname/3a224af4-22de-4deb-ad88-08422268a9fc/Inception/Benchmark/klee"+test["name"], test_file_bc], use_shell=True, stdout=False, stderr=False)
except CalledProcessError:
colorlog.error(
'One test failed during execution in Klee. Test named ' +
test["name"])
sys.stdout.write("\033[K")
continue
except subprocess.TimeoutExpired:
p.kill()
sys.stdout.write("\033[K")
continue
continue
try:
#Compile vuln.c with tested function activated
if filename.endswith(".c"):
py_common.run_commands(CC + CFLAGS + INCLUDES + FLAGS +
["testcasesupport/main_linux.cpp"] +
[test["filepath"]])
elif filename.endswith(".cpp"):
py_common.run_commands(CPP + CXXFLAGS + INCLUDES + FLAGS +
["testcasesupport/main_linux.cpp"] +
[test["filepath"]])
else:
print("Unsupported file extension" + file_name)
except CalledProcessError:
# colorlog.error('Aborted, press any key to continue')
print("Aborted test due to compilation issue")
# key = input()
continue
py_common.run_commands([
"llvm-link", test_file_ll, test_core, "./main_linux.ll", "-o",
test_file_bc
])
py_common.run_commands(
["mv", test_file_ll, "tests_klee/" + test_file_ll],
use_shell=False)
# output_dir = "/media/noname/3a224af4-22de-4deb-ad88-08422268a9fc/Inception/Benchmark/JULIA/klee"+test["name"]
try:
# P = subprocess.check_output(["klee", "-max-time=30", "-output-dir=/media/noname/3a224af4-22de-4deb-ad88-08422268a9fc/Inception/Benchmark/klee"+test["name"], test_file_bc], timeout=10)
p = subprocess.Popen([
"klee", "-max-time=300", "-output-dir=" + output_dir,
test_file_bc
],
stderr=FNULL,
stdout=FNULL)
p.wait(timeout=300)
# py_common.run_commands(["klee", "-output-dir=/media/noname/3a224af4-22de-4deb-ad88-08422268a9fc/Inception/Benchmark/klee"+test["name"], test_file_bc], use_shell=True, stdout=False, stderr=False)
except CalledProcessError:
colorlog.error(
'One test failed during execution in Klee. Test named ' +
test["name"])
sys.stdout.write("\033[K")
continue
except subprocess.TimeoutExpired:
p.kill()
sys.stdout.write("\033[K")
continue
py_common.print_with_timestamp("Done ")
FNULL.close()
