private static void analysisOfFile(ListVulners lv, FileWriter outFile, String filename)
throws IOException {
VulnerLDAPI v;
String cl, correctedCode = "", aux = "";
Iterator<VulnerLDAPI> it;
int i = 0;
LinesToCorrect ltc;
Object key;
String setPlainText = "";
String setBoldText = "";
if (GlobalDataApp.isWindows.booleanValue() == false) {
setPlainText = "\033[0;0m";
setBoldText = "\033[0;1m";
}
for (it = lv.getListOfVulners().iterator(); it.hasNext(); ) {
v = it.next();
if (v.IsFP() == 0)
System.out.println(setBoldText + "\n\t= = = = Vulnerability n.: " + (i + 1) + " = = = =");
else
System.out.println(
setBoldText
+ "\n\t= = = = Vulnerability n.: "
+ (i + 1)
+ " >>> is a possible False Positive <<< = = = =");
System.out.println("\tVulnerable code:" + setPlainText);
if (GlobalDataApp.args_flags[4] == 1) {
if (v.IsFP() == 0)
outFile.write("\n\t= = = = Vulnerability n.: " + (i + 1) + " = = = =\n");
else
outFile.write(
"\n\t= = = = Vulnerability n.: "
+ (i + 1)
+ " >>> is a possible False Positive <<< = = = =\n");
outFile.write("\tVulnerable code:\n");
}
i++;
try {
// escrever vulnerabilidade e sua correccao no ecra
String f;
correctedCode = "";
for (int l = v.getLinesOfVulner().size() - 1; l >= 0; l--) {
f = "";
if (v.getFilesOfVulner().get(l).equals(lv.getFilename()) == false)
f = (String) v.getFilesOfVulner().get(l);
ManageFiles fff = new ManageFiles((String) v.getFilesOfVulner().get(l));
cl = fff.getLineOfCode((Integer) v.getLinesOfVulner().get(l));
System.out.println("\t" + v.getLinesOfVulner().get(l) + ": " + cl);
if (GlobalDataApp.args_flags[4] == 1) {
outFile.write("\t" + v.getLinesOfVulner().get(l) + ": " + cl + "\n");
}
if (f.equals("") == false) {
System.out.println("\t (" + f + ")");
if (GlobalDataApp.args_flags[4] == 1) {
outFile.write("\t (" + f + ")\n");
}
}
if (v.IsFP() == 0) {
// escrita do corrected code no ecra
ltc = GlobalDataLDAPi.MainLinesToCorrect.get(v.getFileOfLineToSanitize());
Map sortedMap = new TreeMap(ltc.getMapLinesToCorrect());
if (ltc.getMapLinesToCorrect().containsKey(v.getLinesOfVulner().get(l)) == true) {
key = v.getLinesOfVulner().get(l);
aux = "\t" + (Integer) key + ": " + sortedMap.get(key).toString() + "\n";
} else aux = "\t" + v.getLinesOfVulner().get(l) + ": " + cl + "\n";
correctedCode = correctedCode + aux;
}
}
} catch (Exception e) {
aux = "\tSome unexpected error in analysis happened. Sorry :-(";
correctedCode = correctedCode + aux;
}
if (v.IsFP() == 0) {
System.out.println(setBoldText + "\n\tCorrected code:" + setPlainText);
System.out.println(correctedCode);
if (GlobalDataApp.args_flags[4] == 1)
outFile.write("\n\tCorrected code:\n" + correctedCode);
}
}
}
