From c4cd04c1ffe79a1a64a2efb96e88aed40a2af1ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Mon, 9 Apr 2018 23:02:59 +0300 Subject: [PATCH 01/12] Create baseline.py just for checking error. it's not totally done --- pyt/baseline.py | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100644 pyt/baseline.py diff --git a/pyt/baseline.py b/pyt/baseline.py new file mode 100644 index 00000000..da5d1dd6 --- /dev/null +++ b/pyt/baseline.py @@ -0,0 +1,27 @@ +from pprint import pprint +import json + + +def isSame(res, base): + if res == base: + return(True) + return(False) + +def compare(results, baseline): + + baseline = json.load(open(baseline)) + results = json.load(open(results)) + result = {'generated_at':results["generated_at"], 'vulnerabilities':[]} + + if "generated_at" in results and baseline: + if not isSame(results["generated_at"], baseline["generated_at"]): + pprint(results["generated_at"]) + + if "vulnerabilities" in results and baseline: + if not isSame(results["vulnerabilities"], baseline["vulnerabilities"]): + for i in range(len(results["vulnerabilities"])): + if results["vulnerabilities"][i] not in baseline["vulnerabilities"]: + result["vulnerabilities"].append(results["vulnerabilities"][i]) + + result = json.dumps(result, indent=4) + print(result) From fb388e9ab07a35cdad324dce80ae4ab0a12240d5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Mon, 9 Apr 2018 23:03:42 +0300 Subject: [PATCH 02/12] Update __main__.py --- pyt/__main__.py | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index a07b3796..1bffd661 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -50,6 +50,7 @@ vulnerabilities_to_file ) from .vulnerabilities import find_vulnerabilities +from .baseline import compare def parse_args(args): @@ -136,6 +137,11 @@ def parse_args(args): parser.add_argument('-ppm', '--print-project-modules', help='Print project modules.', action='store_true') + parser.add_argument('-b', '--baseline', + help='path of a baseline report to compare against ' + '(only JSON-formatted files are accepted)', + type=str, + default=False) save_parser = subparsers.add_parser('save', help='Save menu.') save_parser.set_defaults(which='save') @@ -167,6 +173,7 @@ def parse_args(args): help='Output everything to file.', action='store_true') + search_parser = subparsers.add_parser( 'github_search', help='Searches through github and runs PyT' @@ -242,6 +249,7 @@ def main(command_line_args=sys.argv[1:]): repo.clean_up() exit() + if args.which == 'search': set_github_api_token() scan_github( @@ -303,7 +311,9 @@ def main(command_line_args=sys.argv[1:]): json.report(vulnerabilities, sys.stdout) else: text.report(vulnerabilities, sys.stdout) - + if args.baseline: + baseline = args.baseline + compare(json.report(vulnerabilities, sys.stdout),baseline) if args.draw_cfg: if args.output_filename: draw_cfgs(cfg_list, args.output_filename) From 4bfa8152d3a7434a62e6505cf4d9bdd6b7b4a43d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Mon, 9 Apr 2018 23:11:49 +0300 Subject: [PATCH 03/12] Update baseline.py --- pyt/baseline.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyt/baseline.py b/pyt/baseline.py index da5d1dd6..d7cad402 100644 --- a/pyt/baseline.py +++ b/pyt/baseline.py @@ -10,7 +10,7 @@ def isSame(res, base): def compare(results, baseline): baseline = json.load(open(baseline)) - results = json.load(open(results)) + #results = json.load(open(results)) result = {'generated_at':results["generated_at"], 'vulnerabilities':[]} if "generated_at" in results and baseline: From e824d1eb2ef469ef0d55d87c1653cd4383604856 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Thu, 12 Apr 2018 00:11:24 +0300 Subject: [PATCH 04/12] Update __main__.py --- pyt/__main__.py | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index 1bffd661..35944193 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -50,7 +50,7 @@ vulnerabilities_to_file ) from .vulnerabilities import find_vulnerabilities -from .baseline import compare +from .baseline import get_vulnerabilities_not_in_baseline def parse_args(args): @@ -308,12 +308,20 @@ def main(command_line_args=sys.argv[1:]): ) ) if args.json: - json.report(vulnerabilities, sys.stdout) + if args.baseline: + baseline = args.baseline + vulnerabilities = get_vulnerabilities_not_in_baseline(vulnerabilities,baseline) + json.report(vulnerabilities, sys.stdout) + else: + json.report(vulnerabilities, sys.stdout) else: - text.report(vulnerabilities, sys.stdout) - if args.baseline: - baseline = args.baseline - compare(json.report(vulnerabilities, sys.stdout),baseline) + if args.baseline: + baseline = args.baseline + vulnerabilities = get_vulnerabilities_not_in_baseline(vulnerabilities,baseline) + text.report(vulnerabilities, sys.stdout) + else: + text.report(vulnerabilities, sys.stdout) + if args.draw_cfg: if args.output_filename: draw_cfgs(cfg_list, args.output_filename) From 26a3bc0c3139844a4727430831057a30e65b060d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Thu, 12 Apr 2018 00:11:58 +0300 Subject: [PATCH 05/12] Update baseline.py --- pyt/baseline.py | 30 +++++++----------------------- 1 file changed, 7 insertions(+), 23 deletions(-) diff --git a/pyt/baseline.py b/pyt/baseline.py index d7cad402..e957148a 100644 --- a/pyt/baseline.py +++ b/pyt/baseline.py @@ -1,27 +1,11 @@ -from pprint import pprint import json - -def isSame(res, base): - if res == base: - return(True) - return(False) - -def compare(results, baseline): - +def get_vulnerabilities_not_in_baseline(vulnerabilities, baseline): baseline = json.load(open(baseline)) - #results = json.load(open(results)) - result = {'generated_at':results["generated_at"], 'vulnerabilities':[]} - - if "generated_at" in results and baseline: - if not isSame(results["generated_at"], baseline["generated_at"]): - pprint(results["generated_at"]) - - if "vulnerabilities" in results and baseline: - if not isSame(results["vulnerabilities"], baseline["vulnerabilities"]): - for i in range(len(results["vulnerabilities"])): - if results["vulnerabilities"][i] not in baseline["vulnerabilities"]: - result["vulnerabilities"].append(results["vulnerabilities"][i]) - result = json.dumps(result, indent=4) - print(result) + output = list() + vulnerabilities =[vuln.as_dict() for vuln in vulnerabilities] + for vuln in vulnerabilities: + if vuln not in baseline['vulnerabilities']: + output.append(vuln) + return(output) From 217eb0f6603fae611a6035f48ec33b64049c0749 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Thu, 12 Apr 2018 00:19:00 +0300 Subject: [PATCH 06/12] Update json.py --- pyt/formatters/json.py | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) diff --git a/pyt/formatters/json.py b/pyt/formatters/json.py index 6016a6ee..6875daf4 100644 --- a/pyt/formatters/json.py +++ b/pyt/formatters/json.py @@ -17,11 +17,16 @@ def report( """ TZ_AGNOSTIC_FORMAT = "%Y-%m-%dT%H:%M:%SZ" time_string = datetime.utcnow().strftime(TZ_AGNOSTIC_FORMAT) - - machine_output = { - 'generated_at': time_string, - 'vulnerabilities': [vuln.as_dict() for vuln in vulnerabilities] - } + try: + machine_output = { + 'generated_at': time_string, + 'vulnerabilities': [vuln.as_dict() for vuln in vulnerabilities] + } + except: + machine_output = { + 'generated_at': time_string, + 'vulnerabilities': [vuln for vuln in vulnerabilities] + } result = json.dumps( machine_output, From e8bbf3f53f9c3965b96a3dd5be18a3b72e701a35 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Thu, 12 Apr 2018 22:21:09 +0300 Subject: [PATCH 07/12] Update baseline.py --- pyt/baseline.py | 1 + 1 file changed, 1 insertion(+) diff --git a/pyt/baseline.py b/pyt/baseline.py index e957148a..b6a57deb 100644 --- a/pyt/baseline.py +++ b/pyt/baseline.py @@ -1,5 +1,6 @@ import json + def get_vulnerabilities_not_in_baseline(vulnerabilities, baseline): baseline = json.load(open(baseline)) From a530a69c263bb7b5e5202dafb38b9fd29196cb38 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Thu, 12 Apr 2018 22:55:31 +0300 Subject: [PATCH 08/12] Update __main__.py --- pyt/__main__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index 35944193..86ff3ebf 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -14,6 +14,7 @@ UImode ) from .ast_helper import generate_ast +from .baseline import get_vulnerabilities_not_in_baseline from .constraint_table import ( initialize_constraint_table, print_table @@ -50,7 +51,6 @@ vulnerabilities_to_file ) from .vulnerabilities import find_vulnerabilities -from .baseline import get_vulnerabilities_not_in_baseline def parse_args(args): From fa2ef7e79553bf6fa6079a1b69c51dc48c1075d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Fri, 13 Apr 2018 12:20:43 +0300 Subject: [PATCH 09/12] Update baseline.py --- pyt/baseline.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/pyt/baseline.py b/pyt/baseline.py index b6a57deb..1e3258a0 100644 --- a/pyt/baseline.py +++ b/pyt/baseline.py @@ -3,10 +3,9 @@ def get_vulnerabilities_not_in_baseline(vulnerabilities, baseline): baseline = json.load(open(baseline)) - output = list() - vulnerabilities =[vuln.as_dict() for vuln in vulnerabilities] + vulnerabilities =[vuln for vuln in vulnerabilities] for vuln in vulnerabilities: - if vuln not in baseline['vulnerabilities']: + if vuln.as_dict() not in baseline['vulnerabilities']: output.append(vuln) return(output) From 4c9434b60bace1b9fc537368aa3f5944eeb027ad Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Fri, 13 Apr 2018 12:21:30 +0300 Subject: [PATCH 10/12] Update json.py --- pyt/formatters/json.py | 16 +++++----------- 1 file changed, 5 insertions(+), 11 deletions(-) diff --git a/pyt/formatters/json.py b/pyt/formatters/json.py index 6875daf4..efc95b95 100644 --- a/pyt/formatters/json.py +++ b/pyt/formatters/json.py @@ -10,23 +10,17 @@ def report( ): """ Prints issues in JSON format. - Args: vulnerabilities: list of vulnerabilities to report fileobj: The output file object, which may be sys.stdout """ TZ_AGNOSTIC_FORMAT = "%Y-%m-%dT%H:%M:%SZ" time_string = datetime.utcnow().strftime(TZ_AGNOSTIC_FORMAT) - try: - machine_output = { - 'generated_at': time_string, - 'vulnerabilities': [vuln.as_dict() for vuln in vulnerabilities] - } - except: - machine_output = { - 'generated_at': time_string, - 'vulnerabilities': [vuln for vuln in vulnerabilities] - } + + machine_output = { + 'generated_at': time_string, + 'vulnerabilities': [vuln.as_dict() for vuln in vulnerabilities] + } result = json.dumps( machine_output, From 458cf83623b18aa798fff670bb343bbfe8675076 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Fri, 13 Apr 2018 12:22:51 +0300 Subject: [PATCH 11/12] Update __main__.py --- pyt/__main__.py | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/pyt/__main__.py b/pyt/__main__.py index 86ff3ebf..4ceb67d1 100644 --- a/pyt/__main__.py +++ b/pyt/__main__.py @@ -307,20 +307,13 @@ def main(command_line_args=sys.argv[1:]): args.trigger_word_file ) ) + if args.baseline: + vulnerabilities = get_vulnerabilities_not_in_baseline(vulnerabilities, args.baseline) + if args.json: - if args.baseline: - baseline = args.baseline - vulnerabilities = get_vulnerabilities_not_in_baseline(vulnerabilities,baseline) - json.report(vulnerabilities, sys.stdout) - else: - json.report(vulnerabilities, sys.stdout) + json.report(vulnerabilities, sys.stdout) else: - if args.baseline: - baseline = args.baseline - vulnerabilities = get_vulnerabilities_not_in_baseline(vulnerabilities,baseline) - text.report(vulnerabilities, sys.stdout) - else: - text.report(vulnerabilities, sys.stdout) + text.report(vulnerabilities, sys.stdout) if args.draw_cfg: if args.output_filename: From 8c4b03ab1029aa6738d96018f2fe3c1172da7aff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=96mer=20G=C3=BCnal?= Date: Fri, 13 Apr 2018 12:38:51 +0300 Subject: [PATCH 12/12] update for baseline.py --- tests/command_line_test.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/command_line_test.py b/tests/command_line_test.py index 987a58de..a4663225 100644 --- a/tests/command_line_test.py +++ b/tests/command_line_test.py @@ -27,7 +27,7 @@ def test_no_args(self): [-p | -vp | -trim | -i] [-t TRIGGER_WORD_FILE] [-m BLACKBOX_MAPPING_FILE] [-py2] [-l LOG_LEVEL] [-a ADAPTOR] [-db] [-dl DRAW_LATTICE [DRAW_LATTICE ...]] - [-j] [-li | -re | -rt] [-ppm] + [-j] [-li | -re | -rt] [-ppm] [-b BASELINE] {save,github_search} ...\n""" + \ "python -m pyt: error: one of the arguments " + \ "-f/--filepath -gr/--git-repos is required\n"