def make_queries(timetables_dir_path, keyspace, uri=settings.uri, log_file=settings.migration_logs_path + "graql_output_{}.txt".format(dt.datetime.now())): pathlib.Path(settings.migration_logs_path).mkdir(exist_ok=True) client = grakn.Client(uri=uri, keyspace=keyspace) start_time = dt.datetime.now() with open(log_file, "w") as graql_output: def query_function(graql_string): print(graql_string) print("---") graql_output.write(graql_string) # Send the graql query to the server response = client.execute(graql_string) graql_output.write("\n--response:\n" + str(response)) graql_output.write("\n{} insertions made \n ----- \n".format( len(response))) return response import_query_generator(query_function, timetables_dir_path) end_time = dt.datetime.now() time_taken = end_time - start_time time_taken_string = "----------\nTime taken: {}".format(time_taken) graql_output.write(time_taken_string) print(time_taken_string)
def main(keyspace): graph = grakn.Client(uri='http://localhost:4567', keyspace=keyspace) # Get address of printf to use for next query query1 = 'match $func isa function, has func-name contains "printf", has asm-address $a; offset 0; limit 100; get $a;' result1 = graph.execute(query1) if len(result1) > 0: print("Found potential calls at the following addresses:") for addr in result1: print(addr['a']['value']) # If printf is found continue query for printf_func in result1: # Pull any instructions that use printf and don't use a modifier (have var type and not data type) func_addr = int(printf_func['a']['value'], 16) print("Scanning address {}".format(hex(func_addr))) query2 = 'match $x isa instruction, has operation-type "MLIL_CALL_SSA", has asm-address $a; $y isa "MLIL_CONST_PTR"; ($x,$y); $z isa constant, has constant-value {}; ($y,$z); $l isa list, has list-size 1; ($x,$l); $s isa "MLIL_VAR_SSA"; ($l,$s); offset 0; limit 500; get $x, $a;'.format( func_addr) result2 = graph.execute(query2) # If there is an instruction that uses printf without modifier, output instruction if result2: for instr in result2: asm_addr = instr['a']['value'] print("CWE-134: Uncontrolled Format String possible at {} ". format(asm_addr))
def __init__(self, uri=settings.GRAKN_URL, keyspace=settings.GRAKN_KEYSPACE): self.client = grakn.Client( uri=uri, keyspace=keyspace, )
def open_client(self: Context, uri: str = grakn.Client.DEFAULT_URI) -> None: self.client = None try: self.client = grakn.Client(uri=uri, keyspace=new_keyspace(), timeout=30) except (grakn.GraknError, ConnectionError) as e: self._handle_error(e)
def main(keyspace): global graph graph = grakn.Client(uri='http://localhost:4567', keyspace=keyspace) #Find a variable being compared query1 = graph.execute( 'match {$comp isa MLIL_CMP_SGE;} or {$comp isa MLIL_CMP_SLE;} or {$comp isa MLIL_CMP_SLT;} or {$comp isa MLIL_CMP_SGT;};$node isa MLIL_VAR_SSA;$cons isa MLIL_CONST;($comp, $node);($comp, $cons);$varssa isa variable-ssa has var $var;($node, $varssa);get $comp, $var;' ) #Parse the output of query1 into the compare statements and varaible names comp, var = [], [] if query1: for entry in query1: comp.append(entry['comp']['id']) var.append(entry['var']['value']) else: fail() for entry in comp: #Do upper bound check if ('SGE' or 'SGT') in entry: lower = lowerCheck() if lower: for item in lower: if item['var']['value'] not in var: #failed to find upper bound check addr = get_addr(entry) print('CWE-129: Missing upper bound check at ' + str(addr[0]['addr']['value'])) else: adddr = get_addr(entry) else: addr = get_addr(entry) print('CWE-129: Missing upper bound check at ' + str(addr[0]['addr']['value'])) #Do lower bound check else: upper = upperCheck() if upper: for item in upper: if item['var']['value'] not in var: #failed to find lower bound check addr = get_addr(entry) print('CWE-129: Missing lower bound check at ' + str(addr[0]['addr']['value'])) else: addr = get_addr(entry) else: addr = get_addr(entry) print('CWE-129: Missing lower bound check at ' + str(addr[0]['addr']['value']))
def main(keyspace): graph = grakn.Client(uri='http://localhost:4567', keyspace=keyspace) # Check for gets() function # Get address of function to use for next query function_name = 'gets' query1 = 'match $func isa function, has func-name contains "{}", has asm-address $a; get $a;'.format( function_name) result1 = graph.execute(query1) # If the function is found continue query if result1: # Get all instructions that have function name func_addr = int(result1[0]['a']['value'], 16) query2 = 'match $x has operation-type "MLIL_CALL_SSA" has asm-address $a; $y isa"MLIL_CONST_PTR"; ($x,$y); $z isa constant, has constant-value {}; ($y,$z); get $x, $a;'.format( func_addr) result2 = graph.execute(query2) # If there are instructions that use the function check the instructions for instr in result2: ins_addr = instr['a']['value'] print( "CWE-120: Buffer Copy Without Checking Size of Input at {}\n". format(ins_addr))
def test_throws_without_server(self) -> None: with self.assertRaises(ConnectionError): client_to_no_server = grakn.Client(uri=mock_uri_to_no_server, keyspace=keyspace, timeout=0) client_to_no_server.execute(query)
def client() -> grakn.Client: return grakn.Client(uri=mock_uri, keyspace=keyspace, timeout=5)
def main(keyspace): global graph graph = grakn.Client(uri='http://localhost:4567', keyspace=keyspace) # Find possible arrays array = [] q1 = query1() if q1: i = 0 for item in q1: array.append(q1[i]['index']['id']) i += 1 else: fail() # Find loops involving the array block = [] q2 = query2() if q2: i = 0 for item in q2: if q2[i]['index']['id'] in array: block.append(q2[i]['block']['id']) i += 1 else: fail() # Do the 'loop' blocks contain if statements? if_id = [] block2 = block.copy() for item in block2: q3 = query3(item) if not q3: block.remove(item) # Find the loop counters var, version, var_id, reg, reg_type, block2 = [], [], [], [], [], block.copy( ) for entry in block2: q4 = query4(entry) if q4: i = 0 for item in q4: reg.append(item['reg']['id']) reg_type.append(item['reg']['type']['label']) print(item['reg']['type']['label']) var.append(item['index']['value']) version.append(item['version']['value']) var_id.append(item['index']['id']) i += 1 else: block.remove(entry) i = len(var) - 1 # Find is the bounds of the loop counter are checked var2 = [] q5 = query5() i = 0 for entry in q5: var2.append(q5[i]['var']['value']) i += 1 # Any variables in var[] but not var2[] are potential vulnerabilities i = 0 for entry in var: if entry not in var2: q6 = query6(reg_type[i], reg[i]) print('CWE-788: Array index missing bounds check at ' + q6[0]['adr']['value'] + ' associated with ' + var[i] + '#' + str(version[i]) + ' id = ' + var_id[i] + ' sub of ' + reg_type[i] + ' id = ' + reg[i]) i += 1
def step_impl(context: Context): context.client = grakn.Client(keyspace=env.new_keyspace())
def test_accepts_two_arguments(self): client = grakn.Client('http://www.google.com', 'mykeyspace') self.assertEqual(client.uri, 'http://www.google.com') self.assertEqual(client.keyspace, 'mykeyspace')
def test_accepts_no_arguments(self): client = grakn.Client() self.assertEqual(client.keyspace, 'grakn') self.assertEqual(client.uri, 'http://localhost:4567')
from django.db import models from django.db.models.signals import post_save from django.dispatch import receiver # Create your models here. from django.contrib.auth.models import AbstractUser from django.db import models import grakn import uuid client = grakn.Client(uri='http://35.197.194.67:4567', keyspace='dsvgraph') class CustomUser(AbstractUser): # add additional fields in here def __str__(self): return self.email @receiver(post_save, sender=CustomUser) def create_profile(sender, instance, created, **kwargs): """Create a matching profile whenever a user object is created.""" if created: print(instance.username) print(instance.email) client.execute('insert $x isa person, has email "'+instance.email+'", has name "'+instance.username+'";') # dictionaries are nested structures #profile, new = UserProfile.objects.get_or_create(user=instance)
import grakn client = grakn.Client(uri='http://localhost:4567', keyspace='nucleus') #print(client.execute("match $x sub entity;get;")) #print(client.execute("insert has name 'Romania', isa Country;")) #print(client.execute("insert has name 'UK', isa Country;")) #print(client.execute("insert has name 'France', isa Country;")) #print(client.execute("insert has name 'USA', isa Country;")) #print(client.execute("insert has name 'Germany', isa Country;")) #print(client.execute("insert has name 'Rusia', isa Country;")) #print(client.execute("insert has name 'EUR', isa Currency;")) #print(client.execute("match $cu has name 'EUR', isa Currency; $co has name 'Germany', isa Country; insert (currencyIssuer: $co, currency: $cu) isa countryCurrency;"))
lon = self._transform_to_current_scale(lon) lat = self._transform_to_current_scale(lat) radius = self._transform_to_current_scale((int(score) / max_score) * upper_radius) centrality_element_id = self._canvas.create_circle(lon, lat, radius, fill=colour, outline="") self._station_centrality_points[concept_id] = centrality_element_id # Send the drawn elements to behind the station point self._canvas.tag_lower(centrality_element_id, station_element_id) self._displaying_centrality = True def undisplay_centrality(self): if self._displaying_centrality: for concept_id, point_id in self._station_centrality_points.items(): self._canvas.delete(point_id) self._displaying_centrality = False if __name__ == "__main__": # Set up a connection to Grakn. Grakn needs to be running first, with settings found in the settings file of this # project grakn_client = grakn.Client(uri=settings.uri, keyspace=settings.keyspace) # Build the Tkinter application root = tk.Tk() tube_gui = TubeGui(root, grakn_client) root.mainloop()
def test_accepts_keyword_arguments(self): client = grakn.Client(keyspace='mykeyspace', uri='http://www.google.com') self.assertEqual(client.uri, 'http://www.google.com') self.assertEqual(client.keyspace, 'mykeyspace')
def setUp(self): self.client = grakn.Client(uri=f'http://{mock_uri}', keyspace=keyspace)
def step_impl(context: Context): context.client = grakn.Client(env.broken_connection)
def main(keyspace): graph = grakn.Client(uri='http://localhost:4567', keyspace=keyspace) # Functions with indexes for (dest, sizeof(dest)) stored in dict functions = { "receive_delim": (2, 3), "fgets": (0, 1), "strncpy": (0, 2), "receive_until": (0, 2), "memcpy": (0, 2), "freaduntil": (1, 2), "read": (1, 2) } # Check for potential vuln in each function for function_name in functions: # Get address of function to use for next query query1 = 'match $func isa function, has func-name contains "{}", has asm-address $a; get $a;'.format( function_name) result1 = graph.execute(query1) # If the function is found continue query if result1: # Get all instructions that have function name func_addr = int(result1[0]['a']['value'], 16) query2 = 'match $x has operation-type "MLIL_CALL_SSA"; $y isa"MLIL_CONST_PTR"; ($x,$y); $z isa constant, has constant-value {}; ($y,$z); get $x;'.format( func_addr) result2 = graph.execute(query2) # If there are instructions that use the function check the instructions if result2: buff_index = functions[function_name][0] size_index = functions[function_name][1] for instr in result2: Id = instr['x']['id'] query3 = 'match $x id "' + Id + '"; $l isa list; ($x,$l); (from-node: $l, $q); $q has edge-label $e; (from-node: $q, $v); {$v has var $s;} or {$v has constant-value $s;}; get $e, $s;' result3 = graph.execute(query3) # This section grabs instrution params and insert into an array param_array = [0, 0, 0, 0, 0, 0, 0, 0] for ele in result3: index = int(ele['e']['value']) val = ele['s']['value'] param_array[index] = val # Get var name - This is done to determine how many bytes the variable is var_name = param_array[buff_index] var_name = var_name.split('#', 1)[0].lstrip() # NOTE Enhancement Make finding buff_size the same as string_size # This assumes that buffer_size is a number, breaks when its a var or register # Get buffer size try: buff_size = int(param_array[size_index]) except ValueError as err: continue # Get size of string in by finding initialization Ex. var_88 = &var_58 # Find where string is initialzed query4 = 'match $x id "{}"; $y isa basic-block; ($x,$y); $z isa instruction, has operation-type "MLIL_SET_VAR_SSA"; ($y,$z); {{$v1 isa variable, has var "{}";}} or {{$v1 isa variable-ssa, has var "{}";}}; ($z, $v1); $w isa MLIL_ADDRESS_OF; ($w, $z); $v isa variable, has var-size $s; ($w, $v); get $s, $x;'.format( Id, var_name, var_name) result4 = graph.execute(query4) if (result4): string_size = result4[0]['s']['value'] # Finally Determine if buffer size == sizeof(str) if string_size != buff_size: instruction_ID = result4[0]['x']['id'] query5 = 'match $i id {}, has asm-address $a; get $a;'.format( instruction_ID) result5 = graph.execute(query5) instr_addr = result5[0]['a']['value'] print( "CWE-121: Stack-based Overflow possible at {}". format(instr_addr))