Merge pull request #27 from jensdietrich/tim-shadedetector-tooling-only

Tooling for generating Tim's shadedetector run scripts
jensdietrich · Sep 27, 2023 · c7042d2 · c7042d2
2 parents a95168b + 1333b84
commit c7042d2
Show file tree

Hide file tree

Showing 32 changed files with 82 additions and 1 deletion.
diff --git a/CVE-2013-2186/mvn_clean_test.exitstatus b/CVE-2013-2186/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2013-5960/mvn_clean_test.exitstatus b/CVE-2013-5960/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2014-0050/mvn_clean_test.exitstatus b/CVE-2014-0050/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2015-6420/mvn_clean_test.exitstatus b/CVE-2015-6420/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+0
diff --git a/CVE-2015-6748/mvn_clean_test.exitstatus b/CVE-2015-6748/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2015-7501/mvn_clean_test.exitstatus b/CVE-2015-7501/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+0
diff --git a/CVE-2016-0779/mvn_clean_test.exitstatus b/CVE-2016-0779/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2016-2510/mvn_clean_test.exitstatus b/CVE-2016-2510/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+0
diff --git a/CVE-2016-5394/mvn_clean_test.exitstatus b/CVE-2016-5394/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2016-6798/mvn_clean_test.exitstatus b/CVE-2016-6798/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2016-6802/mvn_clean_test.exitstatus b/CVE-2016-6802/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2016-7051/mvn_clean_test.exitstatus b/CVE-2016-7051/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2017-15717/mvn_clean_test.exitstatus b/CVE-2017-15717/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2017-18349/mvn_clean_test.exitstatus b/CVE-2017-18349/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2018-1002201/mvn_clean_test.exitstatus b/CVE-2018-1002201/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+0
diff --git a/CVE-2018-10237/mvn_clean_test.exitstatus b/CVE-2018-10237/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+0
diff --git a/CVE-2018-11771/mvn_clean_test.exitstatus b/CVE-2018-11771/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2018-1324/mvn_clean_test.exitstatus b/CVE-2018-1324/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+0
diff --git a/CVE-2018-8017/mvn_clean_test.exitstatus b/CVE-2018-8017/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+0
diff --git a/CVE-2019-0225/mvn_clean_test.exitstatus b/CVE-2019-0225/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2019-12402/mvn_clean_test.exitstatus b/CVE-2019-12402/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2020-1953/mvn_clean_test.exitstatus b/CVE-2020-1953/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2021-29425/mvn_clean_test.exitstatus b/CVE-2021-29425/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+1
diff --git a/CVE-2021-44228/mvn_clean_test.exitstatus b/CVE-2021-44228/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+0
diff --git a/CVE-2022-25845/mvn_clean_test.exitstatus b/CVE-2022-25845/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+0
diff --git a/CVE-2022-38749/mvn_clean_test.exitstatus b/CVE-2022-38749/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+0
diff --git a/CVE-2022-38751/mvn_clean_test.exitstatus b/CVE-2022-38751/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+0
diff --git a/CVE-2022-42889/mvn_clean_test.exitstatus b/CVE-2022-42889/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+0
diff --git a/CVE-2022-45688/mvn_clean_test.exitstatus b/CVE-2022-45688/mvn_clean_test.exitstatus
@@ -0,0 +1 @@
+0
diff --git a/tools/create-pov-project.js b/tools/create-pov-project.js
@@ -86,12 +86,22 @@ if (json.affected.length > 1) {
 const nvdUrl = 'https://nvd.nist.gov/vuln/detail/'
 const ghsaUrl = 'https://github.com/advisories/'
 
+let testSignalWhenVulnerable = "success|failure";	// User needs to figure out which
+try {
+	const mvnTestExitStatus = fs.readFileSync('mvn_clean_test.exitstatus');
+	testSignalWhenVulnerable = mvnTestExitStatus === '1' ? 'failure' : 'success';
+	console.error(`Auto-determined testSignalWhenVulnerable=${testSignalWhenVulnerable}`);
+} catch (e) {
+	// Ignore; most likely the file did not exist
+	console.error('Could not auto-determine testSignalWhenVulnerable');
+}
+
 const xshady = {
     id: cve,
     artifact: affected.package.name,
     vulnerableVersions: affected.versions,
     fixVersion: null,
-    testSignalWhenVulnerable: "success|failure",
+    testSignalWhenVulnerable,
     references: [nvdUrl + cve, ghsaUrl + ghsa]
 }
 

diff --git a/tools/guess_gav.pl b/tools/guess_gav.pl
@@ -0,0 +1,13 @@
+#!/usr/bin/perl
+
+my ($g, $a, $v);
+
+while (<>) {
+	if ((/<dependency>/ .. m|</dependency>|) && !defined($v)) {
+		m|<groupId>(.*?)</groupId>| and $g = $1;
+		m|<artifactId>(.*?)</artifactId>| and $a = $1;
+		m|<version>(.*?)</version>| and $v = $1;
+	}
+}
+
+print "$g:$a:$v\n";
diff --git a/tools/run_shadedetector_on_all.pl b/tools/run_shadedetector_on_all.pl
@@ -0,0 +1,29 @@
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+
+my $n = 100;
+
+my $localScratchCacheDir = '/local/scratch/whitewa/shadedetector/.cache';
+my $cacheDir = (-d $localScratchCacheDir ? $localScratchCacheDir : "$ENV{HOME}/code/shadedetector/.cache");
+my $jarPath = "../target/shadedetector.jar";
+my $xshadyPath = "$ENV{HOME}/code/xshady";
+
+foreach my $d (<CVE-*>) {
+	my $gav = `tools/guess_gav.pl < $d/pom.xml`;
+	chomp $gav;
+	my $exitStatus = `cat $d/mvn_clean_test.exitstatus`;
+	chomp $exitStatus;
+	my $sig = ($exitStatus eq '0' ? 'success' : 'failure');
+
+	#print "$d: $gav\n";
+	my ($g, $a, $v) = split /:/, $gav;
+
+	# For now just assume exit status 1 means failures, not errors (it's actually the case for now).
+	my $cmd = "/usr/bin/time java -jar $jarPath -g $g -a $a -v $v -vul $xshadyPath/$d -sig $sig -l log$n-$d.log -vos vuln_staging -vov vuln_final --stats stats$n-$d.log -o1 csv.details?dir=details$n-$d -o2 csv.summary?file=summary$n-$d.csv -cache $cacheDir";
+
+	print "$cmd\n";
+
+	++$n;
+}