From 7205866239c93016f66391f503e0da5709059629 Mon Sep 17 00:00:00 2001 From: sig1nt Date: Tue, 15 Jun 2021 09:55:29 -0700 Subject: [PATCH] Break out `GadgetChain` from the `GadgetChainDiscovery` class This will allow for us to do other things with the discovered chains rather than just printing them out. --- .../java/gadgetinspector/GadgetChain.java | 37 ++++++++++ .../gadgetinspector/GadgetChainDiscovery.java | 69 +------------------ .../java/gadgetinspector/GadgetChainLink.java | 31 +++++++++ .../java/gadgetinspector/GadgetInspector.java | 20 ++++-- 4 files changed, 86 insertions(+), 71 deletions(-) create mode 100644 src/main/java/gadgetinspector/GadgetChain.java create mode 100644 src/main/java/gadgetinspector/GadgetChainLink.java diff --git a/src/main/java/gadgetinspector/GadgetChain.java b/src/main/java/gadgetinspector/GadgetChain.java new file mode 100644 index 0000000..473ea81 --- /dev/null +++ b/src/main/java/gadgetinspector/GadgetChain.java @@ -0,0 +1,37 @@ +package gadgetinspector; + +import java.util.List; +import java.util.ArrayList; +import java.io.Writer; +import java.io.IOException; + +class GadgetChain { + public final List links; + + public GadgetChain(List links) { + this.links = links; + } + + public GadgetChain(GadgetChain gadgetChain, GadgetChainLink link) { + List links = new ArrayList(gadgetChain.links); + links.add(link); + this.links = links; + } + + public void write(Writer writer) throws IOException { + writer.write(String.format("%s.%s%s (%d)%n", + this.links.get(0).method.getClassReference().getName(), + this.links.get(0).method.getName(), + this.links.get(0).method.getDesc(), + this.links.get(0).taintedArgIndex)); + for (int i = 1; i < this.links.size(); i++) { + writer.write(String.format(" %s.%s%s (%d)%n", + this.links.get(i).method.getClassReference().getName(), + this.links.get(i).method.getName(), + this.links.get(i).method.getDesc(), + this.links.get(i).taintedArgIndex)); + } + writer.write("\n"); + } + +} diff --git a/src/main/java/gadgetinspector/GadgetChainDiscovery.java b/src/main/java/gadgetinspector/GadgetChainDiscovery.java index 9217905..664c608 100644 --- a/src/main/java/gadgetinspector/GadgetChainDiscovery.java +++ b/src/main/java/gadgetinspector/GadgetChainDiscovery.java @@ -38,7 +38,7 @@ public GadgetChainDiscovery(GIConfig config) { this.config = config; } - public void discover() throws Exception { + public Set discover() throws Exception { Map methodMap = DataLoader.loadMethods(); InheritanceMap inheritanceMap = InheritanceMap.load(); Map> methodImplMap = InheritanceDeriver.getAllMethodImplementations( @@ -128,72 +128,7 @@ public void discover() throws Exception { } } - try (OutputStream outputStream = Files.newOutputStream(Paths.get("gadget-chains.txt")); - Writer writer = new OutputStreamWriter(outputStream, StandardCharsets.UTF_8)) { - for (GadgetChain chain : discoveredGadgets) { - printGadgetChain(writer, chain); - } - } - - LOGGER.info("Found {} gadget chains.", discoveredGadgets.size()); - } - - private static void printGadgetChain(Writer writer, GadgetChain chain) throws IOException { - writer.write(String.format("%s.%s%s (%d)%n", - chain.links.get(0).method.getClassReference().getName(), - chain.links.get(0).method.getName(), - chain.links.get(0).method.getDesc(), - chain.links.get(0).taintedArgIndex)); - for (int i = 1; i < chain.links.size(); i++) { - writer.write(String.format(" %s.%s%s (%d)%n", - chain.links.get(i).method.getClassReference().getName(), - chain.links.get(i).method.getName(), - chain.links.get(i).method.getDesc(), - chain.links.get(i).taintedArgIndex)); - } - writer.write("\n"); - } - - private static class GadgetChain { - private final List links; - - private GadgetChain(List links) { - this.links = links; - } - - private GadgetChain(GadgetChain gadgetChain, GadgetChainLink link) { - List links = new ArrayList(gadgetChain.links); - links.add(link); - this.links = links; - } - } - - private static class GadgetChainLink { - private final MethodReference.Handle method; - private final int taintedArgIndex; - - private GadgetChainLink(MethodReference.Handle method, int taintedArgIndex) { - this.method = method; - this.taintedArgIndex = taintedArgIndex; - } - - @Override - public boolean equals(Object o) { - if (this == o) return true; - if (o == null || getClass() != o.getClass()) return false; - - GadgetChainLink that = (GadgetChainLink) o; - - if (taintedArgIndex != that.taintedArgIndex) return false; - return method != null ? method.equals(that.method) : that.method == null; - } - - @Override - public int hashCode() { - int result = method != null ? method.hashCode() : 0; - result = 31 * result + taintedArgIndex; - return result; - } + return discoveredGadgets; } /* diff --git a/src/main/java/gadgetinspector/GadgetChainLink.java b/src/main/java/gadgetinspector/GadgetChainLink.java new file mode 100644 index 0000000..3909b8d --- /dev/null +++ b/src/main/java/gadgetinspector/GadgetChainLink.java @@ -0,0 +1,31 @@ +package gadgetinspector; + +import gadgetinspector.data.MethodReference; + +class GadgetChainLink { + public final MethodReference.Handle method; + public final int taintedArgIndex; + + GadgetChainLink(MethodReference.Handle method, int taintedArgIndex) { + this.method = method; + this.taintedArgIndex = taintedArgIndex; + } + + @Override + public boolean equals(Object o) { + if (this == o) return true; + if (o == null || getClass() != o.getClass()) return false; + + GadgetChainLink that = (GadgetChainLink) o; + + if (taintedArgIndex != that.taintedArgIndex) return false; + return method != null ? method.equals(that.method) : that.method == null; + } + + @Override + public int hashCode() { + int result = method != null ? method.hashCode() : 0; + result = 31 * result + taintedArgIndex; + return result; + } +} diff --git a/src/main/java/gadgetinspector/GadgetInspector.java b/src/main/java/gadgetinspector/GadgetInspector.java index 910ffb4..cb19b26 100644 --- a/src/main/java/gadgetinspector/GadgetInspector.java +++ b/src/main/java/gadgetinspector/GadgetInspector.java @@ -12,6 +12,11 @@ import java.nio.file.Path; import java.nio.file.Paths; import java.util.Arrays; +import java.util.Set; +import java.io.Writer; +import java.io.OutputStream; +import java.io.OutputStreamWriter; +import java.nio.charset.StandardCharsets; /** * Main entry point for running an end-to-end analysis. Deletes all data files before starting and writes discovered @@ -118,12 +123,19 @@ public static void main(String[] args) throws Exception { sourceDiscovery.save(); } - { - LOGGER.info("Searching call graph for gadget chains..."); - GadgetChainDiscovery gadgetChainDiscovery = new GadgetChainDiscovery(config); - gadgetChainDiscovery.discover(); + LOGGER.info("Searching call graph for gadget chains..."); + GadgetChainDiscovery gadgetChainDiscovery = new GadgetChainDiscovery(config); + Set discoveredGadgets = gadgetChainDiscovery.discover(); + + try (OutputStream outputStream = Files.newOutputStream(Paths.get("gadget-chains.txt")); + Writer writer = new OutputStreamWriter(outputStream, StandardCharsets.UTF_8)) { + for (GadgetChain chain : discoveredGadgets) { + chain.write(writer); + } } + LOGGER.info("Found {} gadget chains.", discoveredGadgets.size()); + LOGGER.info("Analysis complete!"); }