def write_files(self):
"""
This method writes code for then current selection into files
It adds an entry into the manifest with specified informations
"""
current_flaw_group = self.current_sink.flaw_group.lower()
current_flaw = self.current_sink.flaw_type
files_path = []
# Create main file
main_filename = self.generate_file_name("File1")
filemanager = FileManager(main_filename, self.dir_name,
"OWASP_" + current_flaw_group, current_flaw,
self.is_safe_selection(), self.current_code)
filemanager.createFile()
full_path = filemanager.getPath() + main_filename
line = 0
if not self.is_safe_selection():
line = Generator.findFlaw(full_path,
self.file_template.comment['inline'])
files_path.append({'path': full_path, 'line': line})
# Create other classes
for i, cl in enumerate(self.classes_code):
filename = self.generate_file_name("File" + str(i + 2))
filemanager = FileManager(filename, self.dir_name,
"OWASP_" + current_flaw_group,
current_flaw, self.is_safe_selection(),
cl['code'])
filemanager.createFile()
full_path = filemanager.getPath() + filename
files_path.append({'path': full_path, 'line': 0})
# Update the report
if current_flaw_group not in self.report:
self.report[current_flaw_group] = {}
if current_flaw not in self.report[current_flaw_group]:
self.report[current_flaw_group][current_flaw] = {}
self.report[current_flaw_group][current_flaw]["safe_sample"] = 0
self.report[current_flaw_group][current_flaw]["unsafe_sample"] = 0
if self.is_safe_selection():
self.report[current_flaw_group][current_flaw]["safe_sample"] += 1
else:
self.report[current_flaw_group][current_flaw]["unsafe_sample"] += 1
# update manifest
input_type = "None : None"
if self.current_input:
input_type = self.current_input.input_type
self.manifest.addTestCase(input_type, current_flaw_group, current_flaw,
files_path, self.file_template.language_name)
def write_files(self):
"""
This method writes code for then current selection into files
It adds an entry into the manifest with specified informations
"""
current_flaw_group = self.current_sink.flaw_group.lower()
current_flaw = self.current_sink.flaw_type
files_path = []
# Create main file
main_filename = self.generate_file_name("File1")
filemanager = FileManager(main_filename, self.dir_name,
"OWASP_"+current_flaw_group,
current_flaw,
self.is_safe_selection(),
self.current_code)
filemanager.createFile()
full_path = filemanager.getPath() + main_filename
line = 0
if not self.is_safe_selection():
line = Generator.findFlaw(full_path, self.file_template.comment['inline'])
files_path.append({'path': full_path, 'line': line})
# Create other classes
for i, cl in enumerate(self.classes_code):
filename = self.generate_file_name("File"+str(i+2))
filemanager = FileManager(filename, self.dir_name,
"OWASP_"+current_flaw_group,
current_flaw,
self.is_safe_selection(),
cl['code'])
filemanager.createFile()
full_path = filemanager.getPath() + filename
files_path.append({'path': full_path, 'line': 0})
# Update the report
if current_flaw_group not in self.report:
self.report[current_flaw_group] = {}
if current_flaw not in self.report[current_flaw_group]:
self.report[current_flaw_group][current_flaw] = {}
self.report[current_flaw_group][current_flaw]["safe_sample"] = 0
self.report[current_flaw_group][current_flaw]["unsafe_sample"] = 0
if self.is_safe_selection():
self.report[current_flaw_group][current_flaw]["safe_sample"] += 1
else:
self.report[current_flaw_group][current_flaw]["unsafe_sample"] += 1
# update manifest
input_type = "None : None"
if self.current_input:
input_type = self.current_input.input_type
self.manifest.addTestCase(input_type,
current_flaw_group,
current_flaw,
files_path,
self.file_template.language_name)
def __init__(self, date, language="cs"):
self._max_recursion = 1
self._number_generated = -1
self.date = date
self.safe_sample = 0
self.unsafe_sample = 0
self.report = {}
self.flaw_type_user = None
self.flaw_group_user = None
self.start = time.time()
self.end = 0
# parse XML files
tree_input = ET.parse(FileManager.getXML("input", language)).getroot()
self.tab_input = [InputSample(inp) for inp in tree_input]
tree_filtering = ET.parse(FileManager.getXML("filtering",
language)).getroot()
self.tab_filtering = [
FilteringSample(filtering) for filtering in tree_filtering
]
tree_sink = ET.parse(FileManager.getXML("sink", language)).getroot()
self.tab_sink = [SinkSample(sink) for sink in tree_sink]
tree_exec_query = ET.parse(FileManager.getXML("exec_queries",
language)).getroot()
self.tab_exec_queries = [
ExecQuerySample(exec_query) for exec_query in tree_exec_query
]
tree_complexities = ET.parse(
FileManager.getXML("complexities", language)).getroot()
self.tab_complexity = [
ComplexitySample(complexity)
for complexity in tree_complexities.find("complexities")
]
tree_condition = ET.parse(FileManager.getXML("complexities",
language)).getroot()
self.tab_condition = [
ConditionSample(condition)
for condition in tree_condition.find("conditions")
]
self.file_template = FileTemplate(
ET.parse(FileManager.getXML("file_template", language)).getroot())
self.dir_name = "TestSuite_" + date + "/" + self.file_template.language_name
self.manifest = Manifest(self.dir_name, self.date)
# set current samples
self.current_input = None
self.current_filtering = None
self.current_sink = None
self.current_exec_queries = None
self.current_code = None
self.complexities_queue = []
self.map_CWE_group = {}
def __init__(self, date, language="cs"):
self._max_recursion = 1
self._number_generated = -1
self.date = date
self.safe_sample = 0
self.unsafe_sample = 0
self.report = {}
self.flaw_type_user = None
self.flaw_group_user = None
self.start = time.time()
self.end = 0
# parse XML files
tree_input = ET.parse(FileManager.getXML("input", language)).getroot()
self.tab_input = [InputSample(inp) for inp in tree_input]
tree_filtering = ET.parse(FileManager.getXML("filtering", language)).getroot()
self.tab_filtering = [FilteringSample(filtering) for filtering in tree_filtering]
tree_sink = ET.parse(FileManager.getXML("sink", language)).getroot()
self.tab_sink = [SinkSample(sink) for sink in tree_sink]
tree_exec_query = ET.parse(FileManager.getXML("exec_queries", language)).getroot()
self.tab_exec_queries = [ExecQuerySample(exec_query) for exec_query in tree_exec_query]
tree_complexities = ET.parse(FileManager.getXML("complexities", language)).getroot()
self.tab_complexity = [ComplexitySample(complexity) for complexity in tree_complexities.find("complexities")]
tree_condition = ET.parse(FileManager.getXML("complexities", language)).getroot()
self.tab_condition = [ConditionSample(condition) for condition in tree_condition.find("conditions")]
self.file_template = FileTemplate(ET.parse(FileManager.getXML("file_template", language)).getroot())
self.dir_name = "TestSuite_"+date+"/"+self.file_template.language_name
self.manifest = Manifest(self.dir_name, self.date)
# set current samples
self.current_input = None
self.current_filtering = None
self.current_sink = None
self.current_exec_queries = None
self.current_code = None
self.complexities_queue = []
self.map_CWE_group = {}
def main():
ASTYLE_PATH = "./astyle/build/gcc/bin/astyle"
debug = False
safe = True
unsafe = True
date = time.strftime("%m-%d-%Y_%Hh%Mm%S")
args = docopt(__doc__, version='0.4')
# get selected language
language = None
if args["--language"]:
language = args["--language"]
else:
print("Specify a language with -l/--language option (cs, php)")
sys.exit(1)
# check if language exists
if not FileManager.exist_language(language):
print("Patch your language folder '{}'".format(language))
sys.exit(1)
# create generator for specified language
g = Generator(date, language=language)
# List of flaws
flaw_list = g.get_group_list()
cwe_list = g.get_cwe_list()
flaw_group_user = [x.lower() for x in args["--flaw-group"]]
for flaw in flaw_group_user:
if flaw.lower() not in flaw_list:
print("There is no flaws associated with the given flaw group (-f {} option).\
See --help.".format(flaw.lower()))
sys.exit(1)
try:
flaw_type_user = [int(x) for x in args["--cwe"]]
except ValueError:
print("Invalid format. Value of the -c option must be an integer. See --help")
sys.exit(1)
for cwe in flaw_type_user:
if cwe not in cwe_list:
print("There is no flaws associated with the given CWE (-c {} option). See --help.".format(cwe))
sys.exit(1)
if args["--safe"]:
safe = True
unsafe = False
if args["--unsafe"]:
safe = False
unsafe = True
debug = args["--debug"]
try:
arg = args["--depth"]
g.max_recursion = int(arg) if arg is not None else 1
except ValueError:
print("Invalid format. Value of the -r option must be an integer. See --help")
sys.exit(1)
try:
arg = args["--number-generated"]
g.number_generated = int(arg) if arg is not None else -1
except ValueError:
print("Invalid format. Value of the -g option must be an integer. See --help")
sys.exit(1)
# set user list
g.set_flaw_type_user(flaw_type_user)
g.set_flaw_group_user(flaw_group_user)
# run generation
g.generate(debug=debug, generate_safe=safe, generate_unsafe=unsafe)
# check if astyle is here
if os.path.isfile(ASTYLE_PATH):
print("Indentation ...")
cmd = ASTYLE_PATH+" -r TestSuite_"+date+"/*."+g.get_extension()+" --style=java --suffix=none --indent-switches -q"
os.system(cmd)
else:
print("No indentation")
print("Finish")
def main():
ASTYLE_PATH = "./astyle/build/gcc/bin/astyle"
debug = False
safe = True
unsafe = True
date = time.strftime("%m-%d-%Y_%Hh%Mm%S")
args = docopt(__doc__, version='0.4')
# get selected language
language = None
if args["--language"]:
language = args["--language"]
else:
print("Specify a language with -l/--language option (cs, php)")
sys.exit(1)
# check if language exists
if not FileManager.exist_language(language):
print("Patch your language folder '{}'".format(language))
sys.exit(1)
# create generator for specified language
g = Generator(date, language=language)
# List of flaws
flaw_list = g.get_group_list()
cwe_list = g.get_cwe_list()
flaw_group_user = [x.lower() for x in args["--flaw-group"]]
for flaw in flaw_group_user:
if flaw.lower() not in flaw_list:
print(
"There is no flaws associated with the given flaw group (-f {} option).\
See --help.".format(flaw.lower()))
sys.exit(1)
try:
flaw_type_user = [int(x) for x in args["--cwe"]]
except ValueError:
print(
"Invalid format. Value of the -c option must be an integer. See --help"
)
sys.exit(1)
for cwe in flaw_type_user:
if cwe not in cwe_list:
print(
"There is no flaws associated with the given CWE (-c {} option). See --help."
.format(cwe))
sys.exit(1)
if args["--safe"]:
safe = True
unsafe = False
if args["--unsafe"]:
safe = False
unsafe = True
debug = args["--debug"]
try:
arg = args["--depth"]
g.max_recursion = int(arg) if arg is not None else 1
except ValueError:
print(
"Invalid format. Value of the -r option must be an integer. See --help"
)
sys.exit(1)
try:
arg = args["--number-generated"]
g.number_generated = int(arg) if arg is not None else -1
except ValueError:
print(
"Invalid format. Value of the -g option must be an integer. See --help"
)
sys.exit(1)
# set user list
g.set_flaw_type_user(flaw_type_user)
g.set_flaw_group_user(flaw_group_user)
# run generation
g.generate(debug=debug, generate_safe=safe, generate_unsafe=unsafe)
# check if astyle is here
if os.path.isfile(ASTYLE_PATH):
print("Indentation ...")
cmd = ASTYLE_PATH + " -r TestSuite_" + date + "/*." + g.get_extension(
) + " --style=java --suffix=none --indent-switches -q"
os.system(cmd)
else:
print("No indentation")
print("Finish")