Skip to content

Commit 71e9319

Browse files
henrikplatehenrikplate
committed
Merge branch 'master' into slicing
2 parents 01a90e7 + 10e0c32 commit 71e9319

40 files changed

+361
-575
lines changed

docs/public/content/user/manuals/analysis.md

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -120,7 +120,7 @@ The first objective supports the risk assessment for a given vulnerability, whil
120120
#### Limitations
121121

122122
- Python is not supported
123-
- Java 9 and later versions are not supported by the underlying frameworks
123+
- Java 9 and later versions are only supported when using Soot as call graph construction framework
124124

125125
#### Result
126126

@@ -157,7 +157,7 @@ vulas.reach.bugs =
157157

158158
# Analysis framework to be used
159159
# Possible values: wala, soot
160-
vulas.reach.fwk = wala
160+
vulas.reach.fwk = soot
161161

162162
# Regex to filter entry points (semicolon separated)
163163
vulas.reach.constructFilter =
@@ -268,7 +268,7 @@ vulas.reach.soot.spark.rta = false
268268
# | none (default) | no 'DummyMainMethod' is generated (default) |
269269
# | soot.jimple.infoflow.entryPointCreators.SequentialEntryPointCreator | a 'DummyMainMethod' that invokes all entrypoints is generated |
270270
# | soot.jimple.infoflow.entryPointCreators.DefaultEntryPointCreator | a 'DummyMainMethod' in which all entrypoints are generated (random order) |
271-
# | com.sap.psr.vulas.cg.soot.CustomEntryPointCreator | same as DefaultEntryPointCreated + for abstract classes/interface a dummy implementation is generated |
271+
# | org.eclipse.steady.cg.soot.CustomEntryPointCreator | same as DefaultEntryPointCreated + for abstract classes/interface a dummy implementation is generated |
272272
vulas.reach.soot.entrypointGenerator = none
273273
```
274274

lang-java-reach-soot/pom.xml

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@
4646
<dependency>
4747
<groupId>ca.mcgill.sable</groupId>
4848
<artifactId>soot</artifactId>
49-
<version>3.3.0</version>
49+
<version>4.1.0</version>
5050
<scope>compile</scope>
5151
<exclusions>
5252
<exclusion>
@@ -58,7 +58,7 @@
5858
<dependency>
5959
<groupId>de.tud.sse</groupId>
6060
<artifactId>soot-infoflow</artifactId>
61-
<version>2.7.1.1</version>
61+
<version>2.8</version>
6262
<scope>compile</scope>
6363
<!-- Defined in its dependency on soot:3.2.0, which is any how irrelevant
6464
due to the above dep on soot:3.2.0 -->
@@ -75,6 +75,10 @@
7575
<groupId>ca.mcgill.sable</groupId>
7676
<artifactId>jasmin</artifactId>
7777
</exclusion>
78+
<exclusion>
79+
<groupId>com.google.guava</groupId>
80+
<artifactId>guava</artifactId>
81+
</exclusion>
7882
</exclusions>
7983
</dependency>
8084

lang-java-reach-soot/src/main/java/org/eclipse/steady/cg/soot/CustomEntryPointCreator.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -309,7 +309,7 @@ else if (isSimpleType(methodToImplement.getReturnType().toString())) {
309309
return generatedMethod;
310310
}
311311

312-
private Type getSimpleTypeFromType(Type type) {
312+
protected Type getSimpleTypeFromType(Type type) {
313313
if (type.toString().equals("java.lang.String")) {
314314
assert type instanceof RefType;
315315

lang-java-reach/src/main/resources/vulas-reach.properties

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ vulas.reach.bugs =
2626

2727
# Analysis framework to be used
2828
# Possible values: wala, soot
29-
vulas.reach.fwk = wala
29+
vulas.reach.fwk = soot
3030

3131
# Whether or not to stop the CG analysis as soon as entry points
3232
# supposed to be used for the callgraph construction cannot be found by the

lang-java/pom.xml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -185,6 +185,10 @@
185185
<pattern>org.apache.http</pattern>
186186
<shadedPattern>org.eclipse.steady.repackaged.org.apache.http</shadedPattern>
187187
</relocation>
188+
<relocation>
189+
<pattern>javassist</pattern>
190+
<shadedPattern>org.eclipse.steady.repackaged.javassist</shadedPattern>
191+
</relocation>
188192
</relocations>
189193
</configuration>
190194
</execution>

lang-java/src/main/java/org/eclipse/steady/java/JarWriter.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -543,6 +543,7 @@ public Path rewrite(Path _todir) throws JarAnalysisException {
543543
}
544544

545545
// Add additional files
546+
546547
for (Map.Entry<String, Path> e : this.additionalFiles.entrySet()) {
547548
if (e.getValue().toFile().exists()) {
548549
new_entry = new JarEntry(e.getKey());

lang-java/src/main/java/org/eclipse/steady/java/sign/gson/ASTSignatureChangeSerializer.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -67,6 +67,7 @@ private void writeSourceCodeEntityElement(
6767
jgen.writeObjectFieldStart(_property_name);
6868
jgen.writeStringField("UniqueName", _entity.getUniqueName().toString());
6969
jgen.writeStringField("EntityType", _entity.getType().toString());
70+
7071
jgen.writeStringField("Modifiers", Integer.toString(_entity.getModifiers()));
7172
jgen.writeObjectFieldStart("SourceCodeRange");
7273
jgen.writeStringField("Start", Integer.toString(_entity.getSourceRange().getStart()));

lang/src/main/java/org/eclipse/steady/report/Report.java

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,6 @@
3636
import javax.validation.constraints.NotNull;
3737

3838
import org.apache.logging.log4j.Logger;
39-
4039
import org.apache.velocity.Template;
4140
import org.apache.velocity.VelocityContext;
4241
import org.apache.velocity.app.VelocityEngine;
@@ -426,7 +425,7 @@ public void processVulnerabilities() {
426425

427426
// Basic info
428427
this.context.put(
429-
"vulas-backend-serviceUrl",
428+
"vulasBackendServiceUrl",
430429
this.goalContext.getVulasConfiguration().getServiceUrl(Service.BACKEND));
431430
this.context.put("app", app);
432431
this.context.put("space", this.goalContext.getSpace());
@@ -457,7 +456,7 @@ public void processVulnerabilities() {
457456
.getConfiguration()
458457
.getString(VulasConfiguration.BUILD_BRANCH, "unknown"));
459458
this.context.put(
460-
"vulas-shared-homepage",
459+
"vulasSharedHomepage",
461460
this.goalContext
462461
.getVulasConfiguration()
463462
.getConfiguration()

lang/src/main/resources/velocity_template.html

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -393,10 +393,10 @@ <h2>Target: </h2>
393393

394394
<h2>Links: </h2>
395395
<div class="target-summary">
396-
<span><a href="$vulas-shared-homepage/user/manuals" target="_blank">Docs - User Manual</a></span><br>
397-
<span><a href="$vulas-shared-homepage/user/manuals/assess_and_mitigate" target="_blank">Docs - Assess and Mitigate</a></span><br>
398-
<span><a href="$vulas-shared-homepage/user/support" target="_blank">Docs - Getting Help</a></span><br>
399-
<span><a href="$vulas-backend-serviceUrl/../apps/#/$space.getSpaceToken()" target="_blank">Web Frontend</a></span><br>
396+
<span><a href="$vulasSharedHomepage/user/manuals" target="_blank">Docs - User Manual</a></span><br>
397+
<span><a href="$vulasSharedHomepage/user/manuals/assess_and_mitigate" target="_blank">Docs - Assess and Mitigate</a></span><br>
398+
<span><a href="$vulasSharedHomepage/user/support" target="_blank">Docs - Getting Help</a></span><br>
399+
<span><a href="$vulasBackendServiceUrl/../apps/#/$space.getSpaceToken()" target="_blank">Web Frontend</a></span><br>
400400
</div>
401401
</td>
402402
<td valign="top" width="75%">
@@ -544,7 +544,7 @@ <h2>
544544
#foreach( $analysis in $vul.analyses )
545545
<li>
546546
<div class="tooltip">
547-
<a href="$vulas-backend-serviceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
547+
<a href="$vulasBackendServiceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
548548
#if($exceptionThreshold=='dependsOn' && $analysis.isThrowsException()) style="color: #e94f37; font-weight: bold;"
549549
#elseif($exceptionThreshold=='dependsOn' && $analysis.isThrowsExceptionExcluded()) style="color: #a5b452; font-weight: bold;"
550550
#else style="color: #393e41; font-weight: bold"
@@ -585,7 +585,7 @@ <h2>
585585
#if( !$analysis.isNoneAffectedVersion())
586586
<li>
587587
<div class="tooltip">
588-
<a href="$vulas-backend-serviceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
588+
<a href="$vulasBackendServiceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
589589
#if( $exceptionThreshold=='potentiallyExecutes' && $analysis.isThrowsException()) style="color: #e94f37; font-weight: bold;"
590590
#elseif($exceptionThreshold=='potentiallyExecutes' && $analysis.isThrowsExceptionExcluded()) style="color: #a5b452; font-weight: bold;"
591591
#else style="color: #393e41; font-weight: bold"
@@ -627,7 +627,7 @@ <h2>
627627
#if( !$analysis.isNoneAffectedVersion())
628628
<li>
629629
<div class="tooltip">
630-
<a href="$vulas-backend-serviceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
630+
<a href="$vulasBackendServiceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
631631
#if( $exceptionThreshold=='actuallyExecutes' && $analysis.isThrowsException()) style="color: #e94f37; font-weight: bold;"
632632
#elseif($exceptionThreshold=='actuallyExecutes' && $analysis.isThrowsExceptionExcluded()) style="color: #a5b452; font-weight: bold;"
633633
#else style="color: #393e41; font-weight: bold"
@@ -747,7 +747,7 @@ <h2>
747747
#foreach( $analysis in $vul.analyses )
748748
<li>
749749
<div class="tooltip">
750-
<a href="$vulas-backend-serviceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
750+
<a href="$vulasBackendServiceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
751751
#if($exceptionThreshold=='dependsOn' && $analysis.isThrowsException()) style="color: #e94f37; font-weight: bold;"
752752
#elseif($exceptionThreshold=='dependsOn' && $analysis.isThrowsExceptionExcluded()) style="color: #e94f37; font-weight: bold;"
753753
#else style="color: #393e41; font-weight: bold"
@@ -789,7 +789,7 @@ <h2>
789789
#if( !$analysis.isNoneAffectedVersion())
790790
<li>
791791
<div class="tooltip">
792-
<a href="$vulas-backend-serviceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
792+
<a href="$vulasBackendServiceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
793793
#if( $exceptionThreshold=='potentiallyExecutes' && $analysis.isThrowsException()) style="color: #e94f37; font-weight: bold;"
794794
#elseif($exceptionThreshold=='potentiallyExecutes' && $analysis.isThrowsExceptionExcluded()) style="color: #e94f37; font-weight: bold;"
795795
#else style="color: #393e41; font-weight: bold"
@@ -831,7 +831,7 @@ <h2>
831831
#if( !$analysis.isNoneAffectedVersion())
832832
<li>
833833
<div class="tooltip">
834-
<a href="$vulas-backend-serviceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
834+
<a href="$vulasBackendServiceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()"
835835
#if( $exceptionThreshold=='actuallyExecutes' && $analysis.isThrowsException()) style="color: #e94f37; font-weight: bold;"
836836
#elseif($exceptionThreshold=='actuallyExecutes' && $analysis.isThrowsExceptionExcluded()) style="color: #e94f37; font-weight: bold;"
837837
#else style="color: #393e41; font-weight: bold"

lang/src/main/resources/velocity_template.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -63,7 +63,7 @@
6363
"artifactId": "$analysis.getApp().getArtifact()",
6464
"version": "$analysis.getApp().getVersion()",
6565

66-
"href": "$vulas-backend-serviceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()",
66+
"href": "$vulasBackendServiceUrl/../apps/#/$space.getSpaceToken()/$analysis.getApp().getMvnGroup()/$analysis.getApp().getArtifact()/$analysis.getApp().getVersion()",
6767

6868
"scope": "$analysis.getDep().getScope()",
6969
"isTransitive": $analysis.getDep().getTransitive(),

0 commit comments

Comments
 (0)