Last active
September 8, 2023 09:57
-
-
Save anon767/7733fe29751d59592410d42e5271398a to your computer and use it in GitHub Desktop.
VulTrigger
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import os | |
import glob | |
from pydriller import Repository, Git | |
from unidiff import PatchSet | |
import subprocess | |
REPOS = {"Augeas": "https://github.com/hercules-team/augeas", "BitlBee": "https://github.com/bitlbee/bitlbee", "Cantata": "https://github.com/CDrummond/cantata", "ImageMagick": "https://github.com/ImageMagick/ImageMagick" | |
,"JPEGSnoop": "https://github.com/ImpulseAdventure/JPEGsnoop", "JasPer": "https://github.com/jasper-software/jasper", "LibRaw": "https://github.com/LibRaw/LibRaw", "PHP": "https://github.com/php/php-src", "WavPack": "https://github.com/dbry/WavPack", | |
"Ceph": "https://github.com/ceph/ceph", "FFmpeg": "https://github.com/FFmpeg/FFmpeg", "file":"https://github.com/file/file", "freetype2":"https://github.com/aseprite/freetype2", "libgd": "https://github.com/libgd/libgd", "libpng": "https://github.com/glennrp/libpng", | |
"libsndfile": "https://github.com/libsndfile/libsndfile", "libtiff":"https://github.com/libsdl-org/libtiff", "libxml2": "https://github.com/GNOME/libxml2", "lua": "https://github.com/lua/lua", "miniupnp": "https://github.com/miniupnp/miniupnp", "mupdf": "https://github.com/ArtifexSoftware/mupdf", "openjpeg": "https://github.com/uclouvain/openjpeg", "openssl": "https://github.com/openssl/openssl", "qemu": "https://github.com/qemu/qemu", "radare2": "https://github.com/radareorg/radare2", "sqlite3": "https://github.com/sqlite/sqlite", "tcpdump": "https://github.com/the-tcpdump-group/tcpdump"} | |
def git_clone_coverity(github_url, git_hash, cve): | |
repo_path = "data/tmp/" + github_url.split("/")[-1] | |
if not os.path.exists(repo_path): | |
os.system("git clone {} {}".format(github_url, repo_path)) | |
build = "/Applications/cov-analysis-macosx-2022.12.1/bin/cov-run-desktop --disconnected --build --auth-key-file /Applications/cov-analysis-macosx-2022.12.1/bin/auth-key.txt make" | |
command = "/Applications/cov-analysis-macosx-2022.12.1/bin/cov-run-desktop --disconnected --auth-key-file /Applications/cov-analysis-macosx-2022.12.1/bin/auth-key.txt --analyze-captured-source" | |
os.chdir(repo_path) | |
os.system("git checkout {}^".format(git_hash)) | |
os.system("autoreconf -i && ./configure && make clean && {} || true && {} || true >> {}.txt 2>&1".format(build, command, cve)) | |
os.chdir("/Users/USER/Projects/VulTrigger/dataset") | |
def git_clone(github_url, git_hash, cve): | |
repo_path = "data/tmp/" + github_url.split("/")[-1] | |
if not os.path.exists(repo_path): | |
os.system("git clone {} {}".format(github_url, repo_path)) | |
os.chdir(repo_path) | |
os.system("git checkout {}^".format(git_hash)) | |
os.system("autoreconf -i && ./configure && scan-build make >> {}.txt 2>&1 || true".format(cve)) | |
os.chdir("/Users/USER/Projects/VulTrigger/dataset") | |
for project in glob.glob("DIFF_NEW_OLD/*"): | |
splitted = project.split("/")[1] | |
if splitted in REPOS: | |
github_url = REPOS[splitted] | |
print(github_url, splitted, project) | |
for cve in glob.glob(project + "/*/"): | |
cve_name = cve.split("/")[-2].replace("/", "") | |
print("cve", cve_name) | |
if not os.path.exists("data/{}.txt".format(cve_name)): | |
continue | |
for diff in glob.glob(cve + "/*.diff"): | |
git_hash = diff.split("/")[-1].split("_")[2] | |
print(git_hash) | |
try: | |
patchset = PatchSet(open(diff, "r").read()) | |
except: | |
continue | |
files = [] | |
for patch in patchset.modified_files: | |
files.append("/".join(patch.source_file.split("/")[1:])) | |
git_clone(github_url, git_hash, cve) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment