def compare(self, vulnType, oCatalog, oIdx, cCatalog, cIdx):
cIdxBase = 0
oIdxBase = 0
if cCatalog == 'DELETE':
cIdxBase = len(self.diffAbstract['INSERT'][vulnType])
else:
oIdxBase = len(self.diffAbstract['INSERT'][vulnType])
print '-' * SEPARATOR_LENGTH
print 'Comparing {0}: {1}({2}) with {3}({4})'.format(vulnType, oIdx + oIdxBase, oCatalog, cIdx, cCatalog)
oVuln = self.diffAbstract[oCatalog][vulnType].values()[int(oIdx) - 1]
cVuln = self.diffAbstract[cCatalog][vulnType].values()[int(cIdx) - cIdxBase - 1]
s = seqmatcher(None, oVuln['tb'], cVuln['tb'])
self.print_vuln_abstract_uuid(oIdx + oIdxBase, oVuln)
self.print_vuln_abstract_tb(oVuln, s.get_opcodes(), 1)
self.print_vuln_abstract_uuid(cIdx, cVuln)
self.print_vuln_abstract_tb(cVuln, s.get_opcodes(), 3)
def show_vuln(self, vulnType, catalog, vulnIdx):
theVuln = self.diffAbstract[catalog][vulnType].values()[int(vulnIdx) - 1]
idxBase = 0
if catalog == 'DELETE':
idxBase = len(self.diffAbstract['INSERT'][vulnType])
self.print_vuln_abstract_uuid(vulnIdx + idxBase, theVuln)
self.print_vuln_abstract_tb(theVuln)
counterCatalog = filter(lambda x: x != catalog, self.diffAbstract.keys())[0]
counterIdxBase = 0
if counterCatalog == 'DELETE':
counterIdxBase = len(self.diffAbstract['INSERT'][vulnType])
similarTBIdx = []
counterIdx = counterIdxBase
print
for counterVuln in self.diffAbstract[counterCatalog][vulnType].values():
counterIdx += 1
sMatcher = seqmatcher(None, theVuln['tb'], counterVuln['tb'])
if sMatcher.ratio() > 0.75:
similarTBIdx.append(str(counterIdx))
print '\t[{0}] {1:.1f}% {2}'.format(counterIdx, sMatcher.ratio() * 100, counterVuln['uuid'])
print '\n => Press d/D to show detailed traceback;'
if len(similarTBIdx) > 0:
print ' => enter index of similar vulnerability to compare;'
print ' => or enter ANY KEY ELSE to continue:',
userInput = raw_input().upper()
inputProcessed = False
if userInput == 'D':
vulnDetail = self.soup[catalog].findAll('rd:vulnerability', uuid = theVuln['uuid'])[0]
self.show_vuln_detail(vulnDetail, catalog)
inputProcessed = True
elif userInput in similarTBIdx:
self.compare(vulnType, catalog, vulnIdx, counterCatalog, userInput)
inputProcessed = True
else:
return
self._press_any_key()
self.show_vuln(vulnType, catalog, vulnIdx)
def compare(self, vulnType, oCatalog, oIdx, cCatalog, cIdx):
cIdxBase = 0
oIdxBase = 0
if cCatalog == "DELETE":
cIdxBase = len(self.diffAbstract["INSERT"][vulnType])
else:
oIdxBase = len(self.diffAbstract["INSERT"][vulnType])
print "-" * SEPARATOR_LENGTH
print "Comparing {0}: {1}({2}) with {3}({4})".format(vulnType, oIdx + oIdxBase, oCatalog, cIdx, cCatalog)
oVuln = self.diffAbstract[oCatalog][vulnType].values()[int(oIdx) - 1]
cVuln = self.diffAbstract[cCatalog][vulnType].values()[int(cIdx) - cIdxBase - 1]
s = seqmatcher(None, oVuln["tb"], cVuln["tb"])
self.print_vuln_abstract_uuid(oIdx + oIdxBase, oVuln)
self.print_vuln_abstract_tb(oVuln, s.get_opcodes(), 1)
self.print_vuln_abstract_uuid(cIdx, cVuln)
self.print_vuln_abstract_tb(cVuln, s.get_opcodes(), 3)
def show_vuln(self, vulnType, catalog, vulnIdx):
theVuln = self.diffAbstract[catalog][vulnType].values()[int(vulnIdx) - 1]
idxBase = 0
if catalog == "DELETE":
idxBase = len(self.diffAbstract["INSERT"][vulnType])
self.print_vuln_abstract_uuid(vulnIdx + idxBase, theVuln)
self.print_vuln_abstract_tb(theVuln)
counterCatalog = filter(lambda x: x != catalog, self.diffAbstract.keys())[0]
counterIdxBase = 0
if counterCatalog == "DELETE":
counterIdxBase = len(self.diffAbstract["INSERT"][vulnType])
similarTBIdx = []
counterIdx = counterIdxBase
print
for counterVuln in self.diffAbstract[counterCatalog][vulnType].values():
counterIdx += 1
sMatcher = seqmatcher(None, theVuln["tb"], counterVuln["tb"])
if sMatcher.ratio() > 0.75:
similarTBIdx.append(str(counterIdx))
print "\t[{0}] {1:.1f}% {2}".format(counterIdx, sMatcher.ratio() * 100, counterVuln["uuid"])
print "\n => Press d/D to show detailed traceback;"
if len(similarTBIdx) > 0:
print " => enter index of similar vulnerability to compare;"
print " => or enter ANY KEY ELSE to continue:",
userInput = raw_input().upper()
inputProcessed = False
if userInput == "D":
vulnDetail = self.soup[catalog].findAll("rd:vulnerability", uuid=theVuln["uuid"])[0]
self.show_vuln_detail(vulnDetail, catalog)
inputProcessed = True
elif userInput in similarTBIdx:
self.compare(vulnType, catalog, vulnIdx, counterCatalog, userInput)
inputProcessed = True
else:
return
self._press_any_key()
self.show_vuln(vulnType, catalog, vulnIdx)
def fuzzy(str1, str2): """Returns some fuzzy string comparison of the two strings.""" return seqmatcher(None, str1, str2).ratio()
def fuzzy(str1, str2):
"""Returns some fuzzy string comparison of the two strings."""
return seqmatcher(None, str1, str2).ratio()