Skip to content

Commit

Permalink
Added Call Stack Handling
Browse files Browse the repository at this point in the history
  • Loading branch information
mort666 committed Jan 26, 2013
1 parent 16c35ec commit ca2697b
Show file tree
Hide file tree
Showing 5 changed files with 187 additions and 8 deletions.
59 changes: 59 additions & 0 deletions lib/veracode/api/call_stack.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
require 'veracode/api/types'

module Veracode
module Result
class Call < Veracode::Common::Base
api_field :data_path, :tag => :data_path
api_field :file_path, :tag => :file_path
api_field :function_name, :tag => :function_name
api_field :line_number, :tag => :line_number
end

class CallStack < Veracode::Common::Base
api_field :module_name, :tag => :module_name
api_field :steps, :tag => :steps
api_field :local_path, :tag => :local_path
api_field :function_name, :tag => :function_name
api_field :line_number, :tag => :line_number

def calls
@calls ||= []
begin
if @calls.empty?
if @xml_hash.call.class == Array
@calls = @xml_hash.call.map do |item|
Call.new(item)
end
else
@calls << Call.new(@xml_hash.call)
end
end
rescue NoMethodError
end
return @calls
end
end

class CallStacks < Veracode::Common::Base
api_field :build_id, :tag => :build_id
api_field :flaw_id, :tag => :flaw_id

def callstack
@callstacks ||= []
begin
if @callstacks.empty?
if @xml_hash.callstack.class == Array
@callstacks = @xml_hash.callstack.map do |item|
CallStack.new(item)
end
else
@callstacks << CallStack.new(@xml_hash.callstack)
end
end
rescue NoMethodError
end
return @callstacks
end
end
end
end
28 changes: 21 additions & 7 deletions lib/veracode/results.rb
Original file line number Diff line number Diff line change
Expand Up @@ -3,18 +3,32 @@
require 'veracode/api/builds'
require 'veracode/api/detailed'
require 'veracode/api/summary'
require 'veracode/api/call_stack'


module Veracode
module API
class Results < Veracode::API::Base
GET_APP_BUILDS_URI = "/api/2.0/getappbuilds.do";
DETAILED_REPORT_URI = "/api/2.0/detailedreport.do";
DETAILED_REPORT_PDF_URI = "/api/2.0/detailedreportpdf.do";
SUMMARY_REPORT_URI = "/api/2.0/summaryreport.do";
SUMMARY_REPORT_PDF_URI = "/api/2.0/summaryreportpdf.do";
THIRD_PARTY_REPORT_PDF_URI = "/api/2.0/thirdpartyreportpdf.do";

GET_APP_BUILDS_URI = "/api/2.0/getappbuilds.do"
DETAILED_REPORT_URI = "/api/2.0/detailedreport.do"
DETAILED_REPORT_PDF_URI = "/api/2.0/detailedreportpdf.do"
GET_CALL_STACKS_URI = "/api/2.0/getcallstacks.do"
SUMMARY_REPORT_URI = "/api/2.0/summaryreport.do"
SUMMARY_REPORT_PDF_URI = "/api/2.0/summaryreportpdf.do"
THIRD_PARTY_REPORT_PDF_URI = "/api/2.0/thirdpartyreportpdf.do"

def get_callstacks(build_id, flaw_id)
xml = getXML(GET_CALL_STACKS_URI + "?build_id=" + build_id + "&flaw_id=" + flaw_id)
case xml.code
when 200
clean_xml = xml.body.strip
parsed = Veracode::Parser.parse(clean_xml)
builds = Veracode::Result::CallStacks.new(parsed)
else
xml.error!
end
end

def get_application_builds
xml = getXML(GET_APP_BUILDS_URI)
case xml.code
Expand Down
2 changes: 1 addition & 1 deletion lib/veracode/version.rb
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
module Veracode
module API
VERSION = "0.3.1"
VERSION = "0.4.1"
end
end
82 changes: 82 additions & 0 deletions spec/fixtures/veracode_cassettes/base.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7234,4 +7234,86 @@ http_interactions:
'
http_version:
recorded_at: Fri, 28 Dec 2012 13:00:22 GMT
- request:
method: get
uri: https://test:test@analysiscenter.veracode.com/api/2.0/getcallstacks.do?build_id=44905&flaw_id=132
body:
encoding: US-ASCII
string: ''
headers: {}
response:
status:
code: 200
message: OK
headers:
Pragma:
- ''
Cache-Control:
- no-store private must-revalidate
Expires:
- Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie:
- JSESSIONID=2CA6FB985F4BAE2D8E63F4714BAC3EC4; Path=/; Secure
- JSESSIONID=8CF06392B3F085E721F8FBEFB5D31A49; Path=/; Secure
Content-Type:
- text/xml
Transfer-Encoding:
- chunked
Date:
- Thu, 24 Jan 2013 23:31:48 GMT
Server:
- Apache
body:
encoding: US-ASCII
string: ! '<?xml version="1.0" encoding="UTF-8"?>


<callstacks xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="https://analysiscenter.veracode.com/schema/2.0/callstacks"
xsi:schemaLocation="https://analysiscenter.veracode.com/schema/2.0/callstacks
https://analysiscenter.veracode.com/resource/2.0/callstacks.xsd" build_id="44905"
flaw_id="132">

<callstack module_name="WebGoat-5.0-with-jsp.war" steps="11" local_path="org/owasp/webgoat/util/Exec.java"
function_name="execOptions" line_number="103">

<call data_path="11" file_path="org/owasp/webgoat/util/Exec.java" function_name="execOptions"
line_number="103"/>

<call data_path="10" file_path="org/owasp/webgoat/util/Exec.java" function_name="execOptions"
line_number="103"/>

<call data_path="9" file_path="org/owasp/webgoat/util/Exec.java" function_name="execSimple"
line_number="455"/>

<call data_path="8" file_path="org/owasp/webgoat/lessons/Challenge2Screen.java"
function_name="getNetstatResults" line_number="654"/>

<call data_path="7" file_path="org/owasp/webgoat/lessons/Challenge2Screen.java"
function_name="getNetstatResults" line_number="653"/>

<call data_path="6" file_path="org/owasp/webgoat/lessons/Challenge2Screen.java"
function_name="getNetstatResults" line_number="642"/>

<call data_path="5" file_path="org/owasp/webgoat/session/ParameterParser.java"
function_name="getRawParameter" line_number="608"/>

<call data_path="4" file_path="org/owasp/webgoat/session/ParameterParser.java"
function_name="getRawParameter" line_number="608"/>

<call data_path="3" file_path="org/owasp/webgoat/session/ParameterParser.java"
function_name="getRawParameter" line_number="638"/>

<call data_path="2" file_path="org/owasp/webgoat/session/ParameterParser.java"
function_name="getRawParameter" line_number="633"/>

<call data_path="1" file_path="org/owasp/webgoat/session/ParameterParser.java"
function_name="getRawParameter" line_number="627"/>

</callstack>

</callstacks>

'
http_version:
recorded_at: Thu, 24 Jan 2013 23:31:48 GMT
recorded_with: VCR 2.2.0
24 changes: 24 additions & 0 deletions spec/lib/veracode/call_stack_spec.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
require (File.expand_path('./../../../spec_helper', __FILE__))

describe Veracode::API::Results do
describe "GET Call Stack" do

let(:veracode) { Veracode::API::Results.new(:username => "test", :password => "test") }

before do
VCR.insert_cassette 'base', :record => :new_episodes
end

after do
VCR.eject_cassette
end

it "must have a get_callstacks method" do
veracode.must_respond_to :get_callstacks
end

it "must parse the api response from XML to Veracode::Result::CallStacks" do
veracode.get_callstacks("44905", "132").must_be_instance_of Veracode::Result::CallStacks
end
end
end

0 comments on commit ca2697b

Please sign in to comment.