forked from seclab-ucr/Patchlocator
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathPatch_matcher_src.py
134 lines (127 loc) · 4.34 KB
/
Patch_matcher_src.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
import sys,os
import helpers.helper_zz as helper_zz
import pickle
def compare_sourcecode(branch,targetpath):
print '\nLocate_patches in sourcecodesnapshot',targetpath,' with reference branch',branch
filepath='./output/Patch_evolution_'+branch+'_pickle'
pickle_in=open(filepath,'rb')
cve_commit_element_content=pickle.load(pickle_in)
cvelist=[cve for cve in cve_commit_element_content]
cvelist.sort()
cve_result={}
outputfile=targetpath+'/matchresults'
countTrue=0
countFalse=0
countNone=0
Truelist=[]
Falselist=[]
Nonelist=[]
for cve in cve_commit_element_content:
result='None'
for afterpatchcommit in cve_commit_element_content[cve]['aftercommits']:
for (filename,funcname) in cve_commit_element_content[cve]['aftercommits'][afterpatchcommit]:
refcontent=cve_commit_element_content[cve]['aftercommits'][afterpatchcommit][(filename,funcname)]
targetcontents=helper_zz.get_function_content(targetpath,filename,funcname)
if len(targetcontents)>0:
result='N'
if refcontent in targetcontents:
result='P'
break
if result == 'P':
break
cve_result[cve]=result
if result== 'P':
countTrue +=1
Truelist += [cve]
elif result=='N':
countFalse +=1
Falselist += [cve]
elif result=='None':
countNone +=1
Nonelist += [cve]
with open(outputfile,'w') as f:
for cve in cvelist:
if cve in cve_result:
f.write(cve+' '+str(cve_result[cve])+'\n')
print 'patched vulnerability list ',len(Truelist)
print Truelist
print 'not patched vulnerability list',len(Falselist)
print Falselist
print 'none vulnerability list:',len(Nonelist)
print Nonelist
def comparewithgroundtruth():
resultpath=sys.argv[1]
groundtruthpath=sys.argv[2]
cve_result1={}
with open(resultpath,'r') as f:
f_buf=f.readlines()
for line in f_buf:
line=line[:-1]
cve=line.split(' ')[0]
if cve in cve_discarded:
continue
result=line.split(' ')[1]
if result in ['P','N','None']:
cve_result1[cve]=result
elif result=='True':
cve_result1[cve]='P'
elif result=='False' or result=='N':
cve_result1[cve]='N'
elif result == 'None':
cve_result1[cve]='None'
else:
print 'invalid result:',line
cve_result2={}
with open(groundtruthpath,'r') as f:
f_buf=f.readlines()
for line in f_buf:
line=line[:-1]
cve=line.split(' ')[0]
result=line.split(' ')[1]
if result in ['P','N','None']:
cve_result2[cve]=result
if result=='True':
cve_result2[cve]='P'
elif result=='False' or result=='N':
cve_result2[cve]='N'
elif result == 'None':
cve_result2[cve]='None'
truepositive=[]
falsepositive=[]
truenegative=[]
falsenegative=[]
truenone=[]
falsenone=[]
for cve in cve_result1:
result=cve_result1[cve]
if result=='P':
if result==cve_result2[cve]:
truepositive += [cve]
else:
falsepositive += [cve]
elif result=='N':
if result==cve_result2[cve]:
truenegative += [cve]
else:
falsenegative += [cve]
elif result=='None':
if result==cve_result2[cve]:
truenone += [cve]
else:
falsenone += [cve]
print 'truepositive:',len(truepositive)
print 'falsepositive:',len(falsepositive)
print 'truenegative:',len(truenegative)
print truenegative
print 'falsenegative:',len(falsenegative)
print 'accuracy(without none):',(float)(len(truepositive)+len(truenegative))/(len(truepositive)+len(falsepositive)+len(truenegative)+len(falsenegative))
print 'falsepositivelist:'
print falsepositive
print 'falsenegativelist:'
print falsenegative
#[branch] [target kernel]
if __name__ == '__main__':
branch = sys.argv[1]
targetkernel_list = sys.argv[2:]
for targetkernel in targetkernel_list:
compare_sourcecode(branch,targetkernel)