Skip to content

Commit

Permalink
Fix Loading Results in Report (#607)
Browse files Browse the repository at this point in the history 
* Fix Loading Results in Report

* Reformat sandbox rules which apply

* Whitespace

* Fix Unsigned Binaries rules

* Log the string that failed to be hashed.

* Reduce verbosity of some outputs

* Fix nullability concerns

* Bump dependencies

* Update CollectObject.cs
  • Loading branch information
@gfs
gfs authored Aug 2, 2021
1 parent 050813f commit b2ea361
Show file tree
Hide file tree
Showing 15 changed files with 117 additions and 92 deletions.
2 changes: 1 addition & 1 deletion Benchmarks/LiteDbManager.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -361,7 +361,7 @@ public static PLATFORM RunIdToPlatform(string runid)
var col = db?.GetCollection<AsaRun>("Runs");

var results = col?.Find(x => x.RunId.Equals(runid));
if (results.Any())
if (results?.Any() ?? false)
{
return results.First().Platform;
}
Expand Down
45 changes: 29 additions & 16 deletions Cli/AttackSurfaceAnalyzerClient.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -192,7 +192,7 @@ private static ASA_ERROR RunGuidedModeCommand(GuidedModeCommandOptions opts)
results.TryAdd(key, monitorResult[key]);
});

return ExportGuidedModeResults(results, opts);
return ExportGuidedModeResults(results, opts, analysisFile.GetHash());
}

public static ConcurrentDictionary<(RESULT_TYPE, CHANGE_TYPE), List<CompareResult>> AnalyzeMonitored(CompareCommandOptions opts)
Expand Down Expand Up @@ -481,16 +481,16 @@ private static ASA_ERROR RunExportCollectCommand(ExportCollectCommandOptions opt
};

var results = CompareRuns(options);

var analysesHash = options.AnalysesFile.GetHash();
if (opts.SaveToDatabase)
{
InsertCompareResults(results, opts.FirstRunId, opts.SecondRunId, options.AnalysesFile.GetHash());
InsertCompareResults(results, opts.FirstRunId, opts.SecondRunId, analysesHash);
}

return ExportCompareResults(results, opts, AsaHelpers.MakeValidFileName(opts.FirstRunId + "_vs_" + opts.SecondRunId));
return ExportCompareResults(results, opts, AsaHelpers.MakeValidFileName(opts.FirstRunId + "_vs_" + opts.SecondRunId), analysesHash);
}

private static ASA_ERROR ExportGuidedModeResults(ConcurrentDictionary<(RESULT_TYPE, CHANGE_TYPE), List<CompareResult>> resultsIn, GuidedModeCommandOptions opts)
private static ASA_ERROR ExportGuidedModeResults(ConcurrentDictionary<(RESULT_TYPE, CHANGE_TYPE), List<CompareResult>> resultsIn, GuidedModeCommandOptions opts, string analysesHash)
{
if (opts.RunId == null)
{
Expand All @@ -510,10 +510,11 @@ private static ASA_ERROR ExportGuidedModeResults(ConcurrentDictionary<(RESULT_TY
{
outputPath = Directory.GetCurrentDirectory();
}
var metadata = AsaHelpers.GenerateMetadata();
metadata.Add("analyses-hash", analysesHash);
if (opts.ExplodedOutput)
{
results.Add("metadata", AsaHelpers.GenerateMetadata());

results.Add("metadata",metadata);
string path = Path.Combine(outputPath, AsaHelpers.MakeValidFileName(opts.RunId));
Directory.CreateDirectory(path);
foreach (var key in results.Keys)
Expand All @@ -534,7 +535,7 @@ private static ASA_ERROR ExportGuidedModeResults(ConcurrentDictionary<(RESULT_TY
string path = Path.Combine(outputPath, AsaHelpers.MakeValidFileName(opts.RunId + "_summary.json.txt"));
var output = new Dictionary<string, object>();
output["results"] = results;
output["metadata"] = AsaHelpers.GenerateMetadata();
output["metadata"] = metadata;
using (StreamWriter sw = new StreamWriter(path)) //lgtm[cs/path-injection]
{
using (JsonWriter writer = new JsonTextWriter(sw))
Expand All @@ -547,7 +548,7 @@ private static ASA_ERROR ExportGuidedModeResults(ConcurrentDictionary<(RESULT_TY
return ASA_ERROR.NONE;
}

private static ASA_ERROR ExportCompareResults(ConcurrentDictionary<(RESULT_TYPE, CHANGE_TYPE), List<CompareResult>> resultsIn, ExportOptions opts, string baseFileName)
private static ASA_ERROR ExportCompareResults(ConcurrentDictionary<(RESULT_TYPE, CHANGE_TYPE), List<CompareResult>> resultsIn, ExportOptions opts, string baseFileName, string analysesHash)
{
var results = resultsIn.Select(x => new KeyValuePair<string, object>($"{x.Key.Item1}_{x.Key.Item2}", x.Value)).ToDictionary(x => x.Key, x => x.Value);
JsonSerializer serializer = JsonSerializer.Create(new JsonSerializerSettings()
Expand All @@ -563,9 +564,11 @@ private static ASA_ERROR ExportCompareResults(ConcurrentDictionary<(RESULT_TYPE,
{
outputPath = Directory.GetCurrentDirectory();
}
var metadata = AsaHelpers.GenerateMetadata();
metadata.Add("analyses-hash", analysesHash);
if (opts.ExplodedOutput)
{
results.Add("metadata", AsaHelpers.GenerateMetadata());
results.Add("metadata", metadata);

string path = Path.Combine(outputPath, AsaHelpers.MakeValidFileName(baseFileName));
Directory.CreateDirectory(path);
Expand All @@ -587,7 +590,7 @@ private static ASA_ERROR ExportCompareResults(ConcurrentDictionary<(RESULT_TYPE,
string path = Path.Combine(outputPath, AsaHelpers.MakeValidFileName(baseFileName + "_summary.json.txt"));
var output = new Dictionary<string, object>();
output["results"] = results;
output["metadata"] = AsaHelpers.GenerateMetadata();
output["metadata"] = metadata;
using (StreamWriter sw = new StreamWriter(path)) //lgtm[cs/path-injection]
{
using (JsonWriter writer = new JsonTextWriter(sw))
Expand Down Expand Up @@ -624,6 +627,14 @@ protected override JsonProperty CreateProperty(MemberInfo member, MemberSerializ
}
}

if (property.DeclaringType == typeof(CompareResult))
{
if (property.PropertyName == "AnalysesHash")
{
property.ShouldSerialize = _ => { return false; };
}
}

return property;
}
}
Expand Down Expand Up @@ -658,12 +669,14 @@ private static ASA_ERROR RunExportMonitorCommand(ExportMonitorCommandOptions opt

var monitorResult = AnalyzeMonitored(monitorCompareOpts);

var analysesHash = monitorCompareOpts.AnalysesFile.GetHash();

if (opts.SaveToDatabase)
{
InsertCompareResults(monitorResult, null, opts.RunId, monitorCompareOpts.AnalysesFile.GetHash());
InsertCompareResults(monitorResult, null, opts.RunId, analysesHash);
}

return ExportCompareResults(monitorResult, opts, AsaHelpers.MakeValidFileName(opts.RunId));
return ExportCompareResults(monitorResult, opts, AsaHelpers.MakeValidFileName(opts.RunId), analysesHash);
}

public static void WriteMonitorJson(string RunId, int ResultType, string OutputPath)
Expand Down Expand Up @@ -984,21 +997,21 @@ public static void AdminOrWarn()
{
if (!Elevation.IsAdministrator())
{
Log.Warning(Strings.Get("Err_RunAsAdmin"));
Log.Information(Strings.Get("Err_RunAsAdmin"));
}
}
else if (RuntimeInformation.IsOSPlatform(OSPlatform.Linux))
{
if (!Elevation.IsRunningAsRoot())
{
Log.Warning(Strings.Get("Err_RunAsRoot"));
Log.Information(Strings.Get("Err_RunAsRoot"));
}
}
else if (RuntimeInformation.IsOSPlatform(OSPlatform.OSX))
{
if (!Elevation.IsRunningAsRoot())
{
Log.Warning(Strings.Get("Err_RunAsRoot"));
Log.Information(Strings.Get("Err_RunAsRoot"));
}
}
}
Expand Down
8 changes: 4 additions & 4 deletions Cli/Cli.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,10 +35,10 @@
</ItemGroup>

<ItemGroup>
<PackageReference Include="Microsoft.CodeAnalysis.Common" Version="3.9.0" />
<PackageReference Include="Microsoft.CodeAnalysis.CSharp" Version="3.9.0" />
<PackageReference Include="Microsoft.CST.OAT" Version="1.0.91" />
<PackageReference Include="Microsoft.CST.OAT.Blazor.Components" Version="1.0.91" />
<PackageReference Include="Microsoft.CodeAnalysis.Common" Version="3.10.0" />
<PackageReference Include="Microsoft.CodeAnalysis.CSharp" Version="3.10.0" />
<PackageReference Include="Microsoft.CST.OAT" Version="1.0.95" />
<PackageReference Include="Microsoft.CST.OAT.Blazor.Components" Version="1.0.95" />
<PackageReference Include="Tewr.Blazor.FileReader" Version="3.2.0.21211" />
</ItemGroup>

Expand Down
56 changes: 30 additions & 26 deletions Cli/Components/States/Results.razor
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,28 +22,28 @@

@if (pageCount > 0)
{
<p>@foundResultTypes[(RESULT_TYPE)Enum.Parse(typeof(RESULT_TYPE), SelectedResultType)] results found for type @SelectedResultType.</p>
<nav aria-label="Paged results navigation">
<ul class="pagination">
<li class="page-item">
<a class="page-link page-step" aria-label="Previous page" @onclick="() => GetResultsPageByOffset(-1)">
<span aria-hidden="true">&lt;</span>
<span class="sr-only">Previous</span>
</a>
</li>
@for (int i = 1; i <= pageCount; i++)
{
var pageNum = i;
<li class="page-item @GetPageState(i)"><a class="page-link" aria-label="Page-@pageNum" @onclick="() => GetResultsPage(pageNum)">@pageNum</a></li>
}
<li class="page-item">
<a class="page-link page-step" aria-label="Next page" @onclick="() => GetResultsPageByOffset(1)">
<span aria-hidden="true">&gt;</span>
<span class="sr-only">Next</span>
</a>
</li>
</ul>
</nav>
<p>@foundResultTypes[(RESULT_TYPE)Enum.Parse(typeof(RESULT_TYPE), SelectedResultType)] results found for type @SelectedResultType.</p>
<nav aria-label="Paged results navigation">
<ul class="pagination">
<li class="page-item">
<a class="page-link page-step" aria-label="Previous page" @onclick="() => GetResultsPageByOffset(-1)">
<span aria-hidden="true">&lt;</span>
<span class="sr-only">Previous</span>
</a>
</li>
@for (int i = 1; i <= pageCount; i++)
{
var pageNum = i;
<li class="page-item @GetPageState(i)"><a class="page-link" aria-label="Page-@pageNum" @onclick="() => GetResultsPage(pageNum)">@pageNum</a></li>
}
<li class="page-item">
<a class="page-link page-step" aria-label="Next page" @onclick="() => GetResultsPageByOffset(1)">
<span aria-hidden="true">&gt;</span>
<span class="sr-only">Next</span>
</a>
</li>
</ul>
</nav>

@for (int i = 0; i < analysisResults.Count; i++)
{
Expand All @@ -67,15 +67,19 @@ else
}

@code {
string _firstRunId = string.Empty;
string _secondRundId = string.Empty;
string _analysesHash = string.Empty;
string _monitorRunId = string.Empty;

[Parameter]
public string FirstRunId { get; set; } = string.Empty;
public string FirstRunId { get { return _firstRunId; } set { _firstRunId = value; OnInitialized(); } }
[Parameter]
public string SecondRunId { get; set; } = string.Empty;
public string SecondRunId { get { return _secondRundId; } set { _secondRundId = value; OnInitialized(); } }
[Parameter]
public string AnalysesHash { get; set; } = string.Empty;
public string AnalysesHash { get { return _analysesHash; } set { _analysesHash = value; OnInitialized(); } }
[Parameter]
public string MonitorRunId { get; set; } = string.Empty;
public string MonitorRunId { get { return _monitorRunId; } set { _monitorRunId = value; OnInitialized(); } }

protected override void OnInitialized()
{
Expand Down
8 changes: 7 additions & 1 deletion Cli/Pages/Report.razor
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,13 @@
<select class="form-control mr-3" id="RunId" @bind="RunIdInput">
@for (int i = 0; i < Runs.Count; i++)
{
<option value="@i">@Runs[i]</option>
if (!string.IsNullOrEmpty(@Runs[i].firstRunId))
{
<option value="@i">@Runs[i].firstRunId vs @Runs[i].secondRunId (@Runs[i].runStatus)</option>
}
else{
<option value="@i">@Runs[i].secondRunId (@Runs[i].runStatus)</option>
}
}
</select>
</div>
Expand Down
15 changes: 9 additions & 6 deletions Cli/Pages/Sandbox.razor
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,6 @@
}
</select>
<button class="btn btn-primary mr-2" @onclick="RemoveLastObject" disabled=@removeDisabled>Remove Last Object</button>
<button class="btn btn-primary" @onclick="RefreshState">Re-Run Rules</button>
</div>
<div class="form-group">
@if (ParseErrors.Any())
Expand Down Expand Up @@ -90,14 +89,18 @@

@for (int i = 0; i < AppState.TestObjects.Count; i++)
{
var results = analyzer.Analyze(AppState.Rules, AppState.TestObjects[i]);
var results = analyzer.Analyze(AppState.Rules, AppState.TestObjects[i]).ToList();
<div>
<span>@results.Count() rules applied.</span>
@foreach (var result in results)
<div><span>@results.Count rules applied</span></div>

@for (int j = 0; j < results.Count; j++)
{
<b>@result.Name</b>
<div>
<b>@results[j].Name</b>: @results[j].Description
</div>
}
<ObjectInput id="@i.ToString()" Object="@AppState.TestObjects[i]" Collapsable="true" />

<ObjectInput id="@i.ToString()" Object="@AppState.TestObjects[i]" Collapsable="true" onChangeAction="RefreshPage" />
</div>
}
</div>
Expand Down
9 changes: 5 additions & 4 deletions Lib/Collectors/BaseCompare.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,6 @@ public void Compare(IEnumerable<(CollectObject, string)> differentObjects, IEnum
{
BaseRunId = firstRunId,
CompareRunId = secondRunId,
BaseRowKey = colObj.RowKey,
};

if (different.Item2.Equals(firstRunId))
Expand Down Expand Up @@ -152,9 +151,7 @@ public void Compare(IEnumerable<(CollectObject, string)> differentObjects, IEnum
Base = first,
Compare = second,
BaseRunId = firstRunId,
CompareRunId = secondRunId,
BaseRowKey = modified.Item1.RowKey,
CompareRowKey = modified.Item2.RowKey,
CompareRunId = secondRunId
};

var properties = first.GetType().GetProperties();
Expand All @@ -165,6 +162,10 @@ public void Compare(IEnumerable<(CollectObject, string)> differentObjects, IEnum
{
try
{
if (Attribute.IsDefined(prop, typeof(SkipCompareAttribute)))
{
continue;
}
List<Diff> diffs;
object? added = null;
object? removed = null;
Expand Down
6 changes: 3 additions & 3 deletions Lib/Lib.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,9 +35,9 @@

<ItemGroup>
<PackageReference Include="MedallionShell" Version="1.6.2" />
<PackageReference Include="Microsoft.CodeAnalysis.Common" Version="3.9.0" />
<PackageReference Include="Microsoft.CodeAnalysis.CSharp" Version="3.9.0" />
<PackageReference Include="Microsoft.CST.OAT" Version="1.0.91" />
<PackageReference Include="Microsoft.CodeAnalysis.Common" Version="3.10.0" />
<PackageReference Include="Microsoft.CodeAnalysis.CSharp" Version="3.10.0" />
<PackageReference Include="Microsoft.CST.OAT" Version="1.0.95" />
<PackageReference Include="Microsoft.CST.RecursiveExtractor" Version="1.1.1" />
<PackageReference Include="Microsoft.SourceLink.GitHub" Version="1.0.0" PrivateAssets="All" />
<PackageReference Include="CompareNETObjects" Version="4.73.0" />
Expand Down
17 changes: 6 additions & 11 deletions Lib/Objects/CollectObject.cs
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
// Copyright (c) Microsoft Corporation. All rights reserved. Licensed under the MIT License.
using Microsoft.CST.AttackSurfaceAnalyzer.Types;
using Microsoft.CST.AttackSurfaceAnalyzer.Utils;
using Newtonsoft.Json;
using System.Globalization;

namespace Microsoft.CST.AttackSurfaceAnalyzer.Objects
Expand All @@ -13,14 +14,18 @@ public abstract class CollectObject
public abstract string Identity { get; }
public RESULT_TYPE ResultType { get; set; }

[SkipCompare]
[JsonIgnore]
public string RowKey
{
get
{
return Serialized.GetHashCode().ToString(CultureInfo.InvariantCulture);
}
}


[SkipCompare]
[JsonIgnore]
public string Serialized
{
get
Expand All @@ -34,16 +39,6 @@ public string Serialized
}
}

public static bool ShouldSerializeRowKey()
{
return false;
}

public static bool ShouldSerializeSerialized()
{
return false;
}

private string? _serialized = null;
}
}
Loading

0 comments on commit b2ea361

Please sign in to comment.