private static void analysisOfFile(ListVulners lv, FileWriter outFile, String filename) throws IOException { VulnerLDAPI v; String cl, correctedCode = "", aux = ""; Iterator<VulnerLDAPI> it; int i = 0; LinesToCorrect ltc; Object key; String setPlainText = ""; String setBoldText = ""; if (GlobalDataApp.isWindows.booleanValue() == false) { setPlainText = "\033[0;0m"; setBoldText = "\033[0;1m"; } for (it = lv.getListOfVulners().iterator(); it.hasNext(); ) { v = it.next(); if (v.IsFP() == 0) System.out.println(setBoldText + "\n\t= = = = Vulnerability n.: " + (i + 1) + " = = = ="); else System.out.println( setBoldText + "\n\t= = = = Vulnerability n.: " + (i + 1) + " >>> is a possible False Positive <<< = = = ="); System.out.println("\tVulnerable code:" + setPlainText); if (GlobalDataApp.args_flags[4] == 1) { if (v.IsFP() == 0) outFile.write("\n\t= = = = Vulnerability n.: " + (i + 1) + " = = = =\n"); else outFile.write( "\n\t= = = = Vulnerability n.: " + (i + 1) + " >>> is a possible False Positive <<< = = = =\n"); outFile.write("\tVulnerable code:\n"); } i++; try { // escrever vulnerabilidade e sua correccao no ecra String f; correctedCode = ""; for (int l = v.getLinesOfVulner().size() - 1; l >= 0; l--) { f = ""; if (v.getFilesOfVulner().get(l).equals(lv.getFilename()) == false) f = (String) v.getFilesOfVulner().get(l); ManageFiles fff = new ManageFiles((String) v.getFilesOfVulner().get(l)); cl = fff.getLineOfCode((Integer) v.getLinesOfVulner().get(l)); System.out.println("\t" + v.getLinesOfVulner().get(l) + ": " + cl); if (GlobalDataApp.args_flags[4] == 1) { outFile.write("\t" + v.getLinesOfVulner().get(l) + ": " + cl + "\n"); } if (f.equals("") == false) { System.out.println("\t (" + f + ")"); if (GlobalDataApp.args_flags[4] == 1) { outFile.write("\t (" + f + ")\n"); } } if (v.IsFP() == 0) { // escrita do corrected code no ecra ltc = GlobalDataLDAPi.MainLinesToCorrect.get(v.getFileOfLineToSanitize()); Map sortedMap = new TreeMap(ltc.getMapLinesToCorrect()); if (ltc.getMapLinesToCorrect().containsKey(v.getLinesOfVulner().get(l)) == true) { key = v.getLinesOfVulner().get(l); aux = "\t" + (Integer) key + ": " + sortedMap.get(key).toString() + "\n"; } else aux = "\t" + v.getLinesOfVulner().get(l) + ": " + cl + "\n"; correctedCode = correctedCode + aux; } } } catch (Exception e) { aux = "\tSome unexpected error in analysis happened. Sorry :-("; correctedCode = correctedCode + aux; } if (v.IsFP() == 0) { System.out.println(setBoldText + "\n\tCorrected code:" + setPlainText); System.out.println(correctedCode); if (GlobalDataApp.args_flags[4] == 1) outFile.write("\n\tCorrected code:\n" + correctedCode); } } }
public static void outputAnalysisWithCorrection( String type_analyse, String filename, LinesToCorrect ltc, int num_file) throws IOException { FileWriter out_FileOfPaths; File dir = null; BufferedWriter bufferWritter = null; Date date = new Date(System.currentTimeMillis()); int i = GlobalDataLDAPi.MainLinesToCorrect.size(); if (type_analyse.equals("project") == true) { dir = new File(System.getProperty("base.dir") + File.separator + "NewFiles"); // Se ja houve analises anteriores apaga dir if (GlobalDataApp.numAnalysis == 0 && dir.exists() == true && num_file == i) { ManageFiles r = new ManageFiles(dir.toString()); r.deleteDir(dir); GlobalDataApp.numAnalysis++; } // Criar directorio para colocar fichs corrigidos if (dir.exists() == false) dir.mkdir(); // cria ficheiro que contem a path dos ficheiros que serao corrigidos File fileOfPaths = new File(dir + File.separator + "PathNewFiles.txt"); if (fileOfPaths.exists() == true) out_FileOfPaths = new FileWriter(fileOfPaths, true); else out_FileOfPaths = new FileWriter(fileOfPaths); bufferWritter = new BufferedWriter(out_FileOfPaths); } // Escrever Ficheiro corrigido String file = ltc.getNameFile(); ManageFiles relativeFile = new ManageFiles(file); if (type_analyse.equals("single_file") == true || type_analyse.equals("files") == true) { File baseDir = relativeFile.getBaseDir(); dir = new File(baseDir + File.separator + "NewFiles"); // Se ja houve analises anteriores apaga dir if (GlobalDataApp.numAnalysis == 0 && dir.exists() == true && num_file == i) { ManageFiles r = new ManageFiles(dir.toString()); r.deleteDir(dir); GlobalDataApp.numAnalysis++; } // Criar directorio para colocar fichs corrigidos File fileOfPaths = new File(dir + File.separator + "PathNewFiles.txt"); if (dir.exists() == false) dir.mkdir(); // if (fileOfPaths.exists() == true && i>=1 ) if (fileOfPaths.exists() == true) out_FileOfPaths = new FileWriter(fileOfPaths, true); else out_FileOfPaths = new FileWriter(fileOfPaths); bufferWritter = new BufferedWriter(out_FileOfPaths); } if (ltc.getMapLinesToCorrect().isEmpty() == false) { File ff = new File(dir + File.separator + file); File in = null, out = null, temp = null, inn = null; if (ff.exists() == false) { bufferWritter.write(date + " " + file + "\n"); in = new File(file); try { int ind = file.lastIndexOf(File.separator); String s = file.substring(0, ind); File d = new File(dir + File.separator + s); d.mkdirs(); out = new File(ff.toString()); } catch (Exception e) { } } else { inn = new File(ff.toString()); temp = new File(ff.toString() + "temp"); inn.renameTo(temp); in = new File(temp.toString()); out = new File(dir + File.separator + file); } Scanner fscanner = new Scanner(in); FileWriter outFinalFile = new FileWriter(out); Map sortedMap = new TreeMap(ltc.getMapLinesToCorrect()); Set a = sortedMap.keySet(); String codeLine; int line = 0; for (Object key : a) { for (int j = line + 1; j < (Integer) key; j++) { codeLine = fscanner.nextLine(); outFinalFile.write(codeLine + "\n"); } codeLine = fscanner.nextLine(); outFinalFile.write(sortedMap.get(key).toString() + "\n"); line = (Integer) key; } while (fscanner.hasNextLine()) { codeLine = fscanner.nextLine(); outFinalFile.write(codeLine + "\n"); } fscanner.close(); outFinalFile.close(); if (inn != null && inn.exists()) inn.delete(); if (type_analyse.equals("single_file") == true || type_analyse.equals("files") == true) bufferWritter.close(); } // } if (type_analyse.equals("project") == true) bufferWritter.close(); }