def write_files(self):
        """
        This method writes code for then current selection into files
        It adds an entry into the manifest with specified informations
        """
        current_flaw_group = self.current_sink.flaw_group.lower()
        current_flaw = self.current_sink.flaw_type
        files_path = []
        # Create main file
        main_filename = self.generate_file_name("File1")
        filemanager = FileManager(main_filename, self.dir_name,
                                  "OWASP_" + current_flaw_group, current_flaw,
                                  self.is_safe_selection(), self.current_code)
        filemanager.createFile()
        full_path = filemanager.getPath() + main_filename
        line = 0
        if not self.is_safe_selection():
            line = Generator.findFlaw(full_path,
                                      self.file_template.comment['inline'])
        files_path.append({'path': full_path, 'line': line})

        # Create other classes
        for i, cl in enumerate(self.classes_code):
            filename = self.generate_file_name("File" + str(i + 2))
            filemanager = FileManager(filename, self.dir_name,
                                      "OWASP_" + current_flaw_group,
                                      current_flaw, self.is_safe_selection(),
                                      cl['code'])
            filemanager.createFile()
            full_path = filemanager.getPath() + filename
            files_path.append({'path': full_path, 'line': 0})

        # Update the report
        if current_flaw_group not in self.report:
            self.report[current_flaw_group] = {}
        if current_flaw not in self.report[current_flaw_group]:
            self.report[current_flaw_group][current_flaw] = {}
            self.report[current_flaw_group][current_flaw]["safe_sample"] = 0
            self.report[current_flaw_group][current_flaw]["unsafe_sample"] = 0

        if self.is_safe_selection():
            self.report[current_flaw_group][current_flaw]["safe_sample"] += 1
        else:
            self.report[current_flaw_group][current_flaw]["unsafe_sample"] += 1

        # update manifest

        input_type = "None : None"
        if self.current_input:
            input_type = self.current_input.input_type
        self.manifest.addTestCase(input_type, current_flaw_group, current_flaw,
                                  files_path, self.file_template.language_name)
    def write_files(self):
        """
        This method writes code for then current selection into files
        It adds an entry into the manifest with specified informations
        """
        current_flaw_group = self.current_sink.flaw_group.lower()
        current_flaw = self.current_sink.flaw_type
        files_path = []
        # Create main file
        main_filename = self.generate_file_name("File1")
        filemanager = FileManager(main_filename, self.dir_name,
                                  "OWASP_"+current_flaw_group,
                                  current_flaw,
                                  self.is_safe_selection(),
                                  self.current_code)
        filemanager.createFile()
        full_path = filemanager.getPath() + main_filename
        line = 0
        if not self.is_safe_selection():
            line = Generator.findFlaw(full_path, self.file_template.comment['inline'])
        files_path.append({'path': full_path, 'line': line})

        # Create other classes
        for i, cl in enumerate(self.classes_code):
            filename = self.generate_file_name("File"+str(i+2))
            filemanager = FileManager(filename, self.dir_name,
                                      "OWASP_"+current_flaw_group,
                                      current_flaw,
                                      self.is_safe_selection(),
                                      cl['code'])
            filemanager.createFile()
            full_path = filemanager.getPath() + filename
            files_path.append({'path': full_path, 'line': 0})

        # Update the report
        if current_flaw_group not in self.report:
            self.report[current_flaw_group] = {}
        if current_flaw not in self.report[current_flaw_group]:
            self.report[current_flaw_group][current_flaw] = {}
            self.report[current_flaw_group][current_flaw]["safe_sample"] = 0
            self.report[current_flaw_group][current_flaw]["unsafe_sample"] = 0

        if self.is_safe_selection():
            self.report[current_flaw_group][current_flaw]["safe_sample"] += 1
        else:
            self.report[current_flaw_group][current_flaw]["unsafe_sample"] += 1

        # update manifest

        input_type = "None : None"
        if self.current_input:
            input_type = self.current_input.input_type
        self.manifest.addTestCase(input_type,
                                  current_flaw_group,
                                  current_flaw,
                                  files_path,
                                  self.file_template.language_name)
    def __init__(self, date, language="cs"):
        self._max_recursion = 1
        self._number_generated = -1
        self.date = date
        self.safe_sample = 0
        self.unsafe_sample = 0
        self.report = {}
        self.flaw_type_user = None
        self.flaw_group_user = None
        self.start = time.time()
        self.end = 0

        # parse XML files
        tree_input = ET.parse(FileManager.getXML("input", language)).getroot()
        self.tab_input = [InputSample(inp) for inp in tree_input]
        tree_filtering = ET.parse(FileManager.getXML("filtering",
                                                     language)).getroot()
        self.tab_filtering = [
            FilteringSample(filtering) for filtering in tree_filtering
        ]
        tree_sink = ET.parse(FileManager.getXML("sink", language)).getroot()
        self.tab_sink = [SinkSample(sink) for sink in tree_sink]
        tree_exec_query = ET.parse(FileManager.getXML("exec_queries",
                                                      language)).getroot()
        self.tab_exec_queries = [
            ExecQuerySample(exec_query) for exec_query in tree_exec_query
        ]
        tree_complexities = ET.parse(
            FileManager.getXML("complexities", language)).getroot()
        self.tab_complexity = [
            ComplexitySample(complexity)
            for complexity in tree_complexities.find("complexities")
        ]
        tree_condition = ET.parse(FileManager.getXML("complexities",
                                                     language)).getroot()
        self.tab_condition = [
            ConditionSample(condition)
            for condition in tree_condition.find("conditions")
        ]

        self.file_template = FileTemplate(
            ET.parse(FileManager.getXML("file_template", language)).getroot())

        self.dir_name = "TestSuite_" + date + "/" + self.file_template.language_name
        self.manifest = Manifest(self.dir_name, self.date)

        # set current samples
        self.current_input = None
        self.current_filtering = None
        self.current_sink = None
        self.current_exec_queries = None
        self.current_code = None
        self.complexities_queue = []
        self.map_CWE_group = {}
    def __init__(self, date, language="cs"):
        self._max_recursion = 1
        self._number_generated = -1
        self.date = date
        self.safe_sample = 0
        self.unsafe_sample = 0
        self.report = {}
        self.flaw_type_user = None
        self.flaw_group_user = None
        self.start = time.time()
        self.end = 0

        # parse XML files
        tree_input = ET.parse(FileManager.getXML("input", language)).getroot()
        self.tab_input = [InputSample(inp) for inp in tree_input]
        tree_filtering = ET.parse(FileManager.getXML("filtering", language)).getroot()
        self.tab_filtering = [FilteringSample(filtering) for filtering in tree_filtering]
        tree_sink = ET.parse(FileManager.getXML("sink", language)).getroot()
        self.tab_sink = [SinkSample(sink) for sink in tree_sink]
        tree_exec_query = ET.parse(FileManager.getXML("exec_queries", language)).getroot()
        self.tab_exec_queries = [ExecQuerySample(exec_query) for exec_query in tree_exec_query]
        tree_complexities = ET.parse(FileManager.getXML("complexities", language)).getroot()
        self.tab_complexity = [ComplexitySample(complexity) for complexity in tree_complexities.find("complexities")]
        tree_condition = ET.parse(FileManager.getXML("complexities", language)).getroot()
        self.tab_condition = [ConditionSample(condition) for condition in tree_condition.find("conditions")]

        self.file_template = FileTemplate(ET.parse(FileManager.getXML("file_template", language)).getroot())

        self.dir_name = "TestSuite_"+date+"/"+self.file_template.language_name
        self.manifest = Manifest(self.dir_name, self.date)

        # set current samples
        self.current_input = None
        self.current_filtering = None
        self.current_sink = None
        self.current_exec_queries = None
        self.current_code = None
        self.complexities_queue = []
        self.map_CWE_group = {}
def main():
    ASTYLE_PATH = "./astyle/build/gcc/bin/astyle"
    debug = False
    safe = True
    unsafe = True
    date = time.strftime("%m-%d-%Y_%Hh%Mm%S")

    args = docopt(__doc__, version='0.4')

    # get selected language
    language = None
    if args["--language"]:
        language = args["--language"]
    else:
        print("Specify a language with -l/--language option (cs, php)")
        sys.exit(1)

    # check if language exists
    if not FileManager.exist_language(language):
        print("Patch your language folder '{}'".format(language))
        sys.exit(1)

    # create generator for specified language
    g = Generator(date, language=language)

    # List of flaws
    flaw_list = g.get_group_list()
    cwe_list = g.get_cwe_list()

    flaw_group_user = [x.lower() for x in args["--flaw-group"]]
    for flaw in flaw_group_user:
        if flaw.lower() not in flaw_list:
            print("There is no flaws associated with the given flaw group (-f {} option).\
                  See --help.".format(flaw.lower()))
            sys.exit(1)
    try:
        flaw_type_user = [int(x) for x in args["--cwe"]]
    except ValueError:
        print("Invalid format. Value of the -c option must be an integer. See --help")
        sys.exit(1)
    for cwe in flaw_type_user:
        if cwe not in cwe_list:
            print("There is no flaws associated with the given CWE (-c {} option). See --help.".format(cwe))
            sys.exit(1)
    if args["--safe"]:
        safe = True
        unsafe = False
    if args["--unsafe"]:
        safe = False
        unsafe = True
    debug = args["--debug"]
    try:
        arg = args["--depth"]
        g.max_recursion = int(arg) if arg is not None else 1
    except ValueError:
        print("Invalid format. Value of the -r option must be an integer. See --help")
        sys.exit(1)
    try:
        arg = args["--number-generated"]
        g.number_generated = int(arg) if arg is not None else -1
    except ValueError:
        print("Invalid format. Value of the -g option must be an integer. See --help")
        sys.exit(1)

    # set user list
    g.set_flaw_type_user(flaw_type_user)
    g.set_flaw_group_user(flaw_group_user)

    # run generation
    g.generate(debug=debug, generate_safe=safe, generate_unsafe=unsafe)

    # check if astyle is here
    if os.path.isfile(ASTYLE_PATH):
        print("Indentation ...")
        cmd = ASTYLE_PATH+" -r TestSuite_"+date+"/*."+g.get_extension()+" --style=java --suffix=none --indent-switches -q"
        os.system(cmd)
    else:
        print("No indentation")

    print("Finish")
示例#6
0
def main():
    ASTYLE_PATH = "./astyle/build/gcc/bin/astyle"
    debug = False
    safe = True
    unsafe = True
    date = time.strftime("%m-%d-%Y_%Hh%Mm%S")

    args = docopt(__doc__, version='0.4')

    # get selected language
    language = None
    if args["--language"]:
        language = args["--language"]
    else:
        print("Specify a language with -l/--language option (cs, php)")
        sys.exit(1)

    # check if language exists
    if not FileManager.exist_language(language):
        print("Patch your language folder '{}'".format(language))
        sys.exit(1)

    # create generator for specified language
    g = Generator(date, language=language)

    # List of flaws
    flaw_list = g.get_group_list()
    cwe_list = g.get_cwe_list()

    flaw_group_user = [x.lower() for x in args["--flaw-group"]]
    for flaw in flaw_group_user:
        if flaw.lower() not in flaw_list:
            print(
                "There is no flaws associated with the given flaw group (-f {} option).\
                  See --help.".format(flaw.lower()))
            sys.exit(1)
    try:
        flaw_type_user = [int(x) for x in args["--cwe"]]
    except ValueError:
        print(
            "Invalid format. Value of the -c option must be an integer. See --help"
        )
        sys.exit(1)
    for cwe in flaw_type_user:
        if cwe not in cwe_list:
            print(
                "There is no flaws associated with the given CWE (-c {} option). See --help."
                .format(cwe))
            sys.exit(1)
    if args["--safe"]:
        safe = True
        unsafe = False
    if args["--unsafe"]:
        safe = False
        unsafe = True
    debug = args["--debug"]
    try:
        arg = args["--depth"]
        g.max_recursion = int(arg) if arg is not None else 1
    except ValueError:
        print(
            "Invalid format. Value of the -r option must be an integer. See --help"
        )
        sys.exit(1)
    try:
        arg = args["--number-generated"]
        g.number_generated = int(arg) if arg is not None else -1
    except ValueError:
        print(
            "Invalid format. Value of the -g option must be an integer. See --help"
        )
        sys.exit(1)

    # set user list
    g.set_flaw_type_user(flaw_type_user)
    g.set_flaw_group_user(flaw_group_user)

    # run generation
    g.generate(debug=debug, generate_safe=safe, generate_unsafe=unsafe)

    # check if astyle is here
    if os.path.isfile(ASTYLE_PATH):
        print("Indentation ...")
        cmd = ASTYLE_PATH + " -r TestSuite_" + date + "/*." + g.get_extension(
        ) + " --style=java --suffix=none --indent-switches -q"
        os.system(cmd)
    else:
        print("No indentation")

    print("Finish")