Merge pull request #47 from Minjung-Baek/master

Add .zip file and feature Dexter CLI for Linux

project/dexter-core/src/java/com/samsung/sec/dexter/core/config/DexterConfig.java

@@ -105,6 +105,11 @@ public class DexterConfig {
 	public static final Object FUNCTION_METRICS_BASE ="/functionMetrics/#/";
 	public static final Object FUNCTION_METRICS_FUNCTION_LIST="functionList";	
 
+	public static final String SECURITY_CHECK_PREFIX = "sec_";
+	public static final String EXECUTION_PERMISSION = "chmod 755";
+	public static final String DEXTER_SCRIPT_NAME = "dexter.sh";
+	public static final String DEXTER2_SCRIPT_NAME = "dexter2.sh";
+
 	/** common constants */
 	public static final String DEXTER_HOME_KEY = "dexterHome";
 

project/dexter-core/src/java/com/samsung/sec/dexter/core/defect/PreOccurence.java

@@ -45,6 +45,10 @@ public class PreOccurence extends BaseDefect {
 	private String categoryName = "";
 
 
+	public String getCategoryName() {
+		return categoryName;
+	}
+
 	/**
 	 * @param severityCode the severityCode to set
 	 */

project/dexter-cppcheck/src/java/com/samsung/sec/dexter/cppcheck/plugin/CppcheckDexterPlugin.java

@@ -43,6 +43,7 @@
 import com.samsung.sec.dexter.core.checker.CheckerConfig;
 import com.samsung.sec.dexter.core.config.DexterConfig;
 import com.samsung.sec.dexter.core.config.DexterConfig.LANGUAGE;
+import com.samsung.sec.dexter.core.exception.DexterRuntimeException;
 import com.samsung.sec.dexter.core.plugin.IDexterPlugin;
 import com.samsung.sec.dexter.core.plugin.PluginDescription;
 import com.samsung.sec.dexter.core.plugin.PluginVersion;
@@ -55,7 +56,7 @@ public class CppcheckDexterPlugin implements IDexterPlugin {
 	private PluginDescription pluginDescription;
 	private CppcheckWrapper cppcheck = new CppcheckWrapper();
 	private final static Logger logger = Logger.getLogger(CppcheckWrapper.class);
-
+	
 	/*
 	 * (non-Javadoc)
 	 * 
@@ -74,6 +75,44 @@ public void destroy() {
 		// do nothing
 	}
 
+
+	public boolean checkCppcheckPermission(){
+		String dexterHome = DexterConfig.getInstance().getDexterHome();
+
+		Process changePermissionProcess = null;
+    	StringBuilder changePermissionCmd = new StringBuilder(500);
+
+    	String dexterBin = dexterHome + DexterUtil.PATH_SEPARATOR + "bin";
+    	String cppcheckHome = dexterBin + DexterUtil.PATH_SEPARATOR + "cppcheck";
+
+    	if (Strings.isNullOrEmpty(dexterBin)) {
+			logger.error("Can't initialize Cppcheck plugin, because the dexter_home/bin is not initialized");
+			return false;
+		}
+
+    	if (Strings.isNullOrEmpty(cppcheckHome)) {
+			logger.error("Can't initialize Cppcheck plugin, because the cppcheckHome is not initialized");
+			return false;
+		}
+
+
+    	String baseCommand = DexterConfig.EXECUTION_PERMISSION + " ";
+    	changePermissionCmd.append(baseCommand).append(cppcheckHome).append(DexterUtil.PATH_SEPARATOR).append("cppcheck");
+
+    	try {
+			changePermissionProcess = Runtime.getRuntime().exec(changePermissionCmd.toString());
+		} catch (IOException e) {
+			  throw new DexterRuntimeException(e.getMessage() + " changePermissionCmd: " + changePermissionCmd.toString(), e);
+		}finally {
+        	if(changePermissionProcess != null){
+        		changePermissionProcess.destroy();
+        	}
+        }
+
+		return true;
+	}
+
+
 	public boolean copyCppcheckRunModule() {
 		String dexterHome = DexterConfig.getInstance().getDexterHome();
 		if (Strings.isNullOrEmpty(dexterHome)) {
@@ -88,10 +127,10 @@ public boolean copyCppcheckRunModule() {
 		if (DexterUtil.getOS() == DexterUtil.OS.WINDOWS) {
 			//zipFilePath += "/temp/cppcheck-windows_" + CppcheckDexterPlugin.version.getVersion() + ".zip";
 			zipFilePath += "/temp/cppcheck-windows_0.9.4.zip";
-
 			cppcheckPath = "/cppcheck-windows.zip";
-		} else {
-			return true;
+		} else { // LINUX or MAC
+			zipFilePath += "/temp/cppcheck-linux_0.9.4.zip";
+			cppcheckPath = "/cppcheck-linux.zip";
 		}
 
 		final File file = new File(zipFilePath);
@@ -104,11 +143,7 @@ public boolean copyCppcheckRunModule() {
 
 			try {
 				FileUtils.copyInputStreamToFile(is, file);
-
-				if (DexterUtil.getOS() == DexterUtil.OS.WINDOWS) {
-					DexterUtil.unzip(zipFilePath, dexterHome + CppcheckWrapper.CPPCHECK_HOME_DIR);
-				} else { // LINUX or MAC
-				}
+				DexterUtil.unzip(zipFilePath, dexterHome + CppcheckWrapper.CPPCHECK_HOME_DIR);
 			} catch (IOException e) {
 				logger.error(e.getMessage(), e);
 				return false;
@@ -160,6 +195,9 @@ public AnalysisResult analyze(final AnalysisConfig config) {
 		if (bin.exists() == false){
 			DexterConfig.getInstance().createInitialFolderAndFiles();
 			copyCppcheckRunModule();
+			if (DexterUtil.getOS() == DexterUtil.OS.LINUX || DexterUtil.getOS() == DexterUtil.OS.MAC) {
+				checkCppcheckPermission();
+			}
 		}
 
 		IAnalysisEntityFactory factory = new AnalysisEntityFactory();
@@ -210,6 +248,9 @@ public boolean supportLanguage(final LANGUAGE language) {
 	@Override
     public void handleDexterHomeChanged(String oldPath, String newPath) {
 		copyCppcheckRunModule();
+		if (DexterUtil.getOS() == DexterUtil.OS.LINUX || DexterUtil.getOS() == DexterUtil.OS.MAC) {
+			checkCppcheckPermission();
+		}
     }
 
 	@Override

project/dexter-cppcheck/src/java/com/samsung/sec/dexter/cppcheck/plugin/CppcheckWrapper.java

@@ -76,7 +76,7 @@ public CheckerConfig getCheckerConfig() {
     	 * cmd.append(" --library=").append(cfgFile).append(" ");
     	 * cmd.append(" 2> ").append(resultFile);
     	 * 
-    	 * -rp=<path>  --rule=<rule>,  --rule-file=<file>,  --template,  -D디파인, -U언디파인
+    	 * -rp=<path>  --rule=<rule>,  --rule-file=<file>,  --template,  -D�뷀뙆�� -U�몃뵒�뚯씤
 	 * 
 	 * @param result void
 	 * @throws Exception 
@@ -93,7 +93,6 @@ public void analyze(final AnalysisResult result){
     	// 3. Create Command
     	final StringBuilder cmd = new StringBuilder(500);
 
-
     	setCppcheckCommand(cmd);
     	setCustomRuleOption(cmd);
     	cmd.append(" --inconclusive "); // for unreachableCode
@@ -105,7 +104,6 @@ public void analyze(final AnalysisResult result){
     	setLanguageOption(cmd);
     	setHeaderFilesOption(cmd);
 
-
     	// 4. Run Command
     	Process process = null;
     	try {
@@ -129,7 +127,7 @@ public void analyze(final AnalysisResult result){
         }
     }
 
-	private void setCppcheckCommand(final StringBuilder cmd) {
+    private void setCppcheckCommand(final StringBuilder cmd) {
 	    final String dexterHome = DexterConfig.getInstance().getDexterHome();
     	final String tempFolder = dexterHome + DexterUtil.PATH_SEPARATOR + "temp";
 
@@ -138,21 +136,20 @@ private void setCppcheckCommand(final StringBuilder cmd) {
     			throw new DexterRuntimeException("Can't create temp folder to save cppcheck result: " + tempFolder);
     		}
     	}
+
+    	final String cppcheckHome = dexterHome + DexterUtil.PATH_SEPARATOR + "bin" + DexterUtil.PATH_SEPARATOR + "cppcheck";
+    	if(new File(cppcheckHome).exists() == false){
+    		throw new DexterRuntimeException("There is no cppcheck home folder : " + cppcheckHome);
+    	}
+
     	if(DexterUtil.getOsBit() == DexterUtil.OS_BIT.WIN32 || DexterUtil.getOsBit() == DexterUtil.OS_BIT.WIN64){
-    		cmd.append("cmd /C ");
-
-    		final String cppcheckHome = dexterHome + DexterUtil.PATH_SEPARATOR + "bin" + DexterUtil.PATH_SEPARATOR + "cppcheck";
-        	if(new File(cppcheckHome).exists() == false){
-        		throw new DexterRuntimeException("There is no cppcheck home folder : " + cppcheckHome);
-        	}
-
-        	cmd.append(cppcheckHome).append(DexterUtil.PATH_SEPARATOR).append("cppcheck");
+    		cmd.append("cmd /C ").append(cppcheckHome).append(DexterUtil.PATH_SEPARATOR).append("cppcheck");
     	} else if(DexterUtil.getOsBit() == DexterUtil.OS_BIT.LINUX32 || DexterUtil.getOsBit() == DexterUtil.OS_BIT.LINUX64){
-    		//cmd.append("/bin/bash -c ");
-    		cmd.append("cppcheck");
+    		cmd.append(cppcheckHome).append(DexterUtil.PATH_SEPARATOR).append("cppcheck");
     	} else {
     		throw new DexterRuntimeException("This command supports only Windows and Linux('bin/bash')");
     	}
+
     }
 
 	private void setCustomRuleOption(final StringBuilder cmd){

project/dexter-cppcheck/src/java/com/samsung/sec/dexter/cppcheck/plugin/ResultFileHandler.java

@@ -39,6 +39,7 @@
 import com.samsung.sec.dexter.core.analyzer.ResultFileConstant;
 import com.samsung.sec.dexter.core.checker.Checker;
 import com.samsung.sec.dexter.core.checker.CheckerConfig;
+import com.samsung.sec.dexter.core.config.DexterConfig;
 import com.samsung.sec.dexter.core.config.DexterConfig.LANGUAGE;
 import com.samsung.sec.dexter.core.defect.PreOccurence;
 import com.samsung.sec.dexter.core.exception.DexterRuntimeException;
@@ -87,7 +88,12 @@ public void startElement(final String uri, final String localName, final String
 
 	    	currentOccurence = new PreOccurence();
 	    	currentOccurence.setLanguage(LANGUAGE.CPP.toString());
-	    	currentOccurence.setMessage(attributes.getValue("verbose").replace("'", "'"));
+	    	if(checkerCode.startsWith(DexterConfig.SECURITY_CHECK_PREFIX)){
+	    		currentOccurence.setMessage(attributes.getValue("msg").replace("'", "'"));
+	    	}	
+	    	else{
+	    		currentOccurence.setMessage(attributes.getValue("verbose").replace("'", "'"));
+	    	}
 	    	currentOccurence.setToolName(CppcheckDexterPlugin.PLUGIN_NAME);
 	    	currentOccurence.setFileName(config.getFileName());
 	    	currentOccurence.setModulePath(config.getModulePath());
@@ -110,7 +116,6 @@ public void startElement(final String uri, final String localName, final String
 	    		} else {
 	    			setSeverityForNewChecker(attributes, checker);
 	    		}
-
 	    		checkerConfig.addChecker(checker);
 	    		logger.info("Found new checker(" + checkerCode + ") in " + config.getSourceFileFullPath());
 	    	}

project/dexter-executor/META-INF/MANIFEST.MF

@@ -20,6 +20,7 @@ Bundle-ClassPath: .,
  lib/jspf.remote.xmlrpcdelight-1.0.2.jar,
  lib/mockito-all-1.10.19.jar
 Export-Package: com.samsung.sec.dexter.executor,
+ com.samsung.sec.dexter.executor.cli,
  org.junit
 Require-Bundle: org.eclipse.core.runtime,
  dexter-core,

project/dexter-executor/src/java/com/samsung/sec/dexter/executor/cli/Main.java

@@ -668,7 +668,9 @@ private void printDefect(List<Defect> allDefectList) {
 							etcCnt++;
 							break;
 						default:
-							LOG.errorln("Unknown severity code: " + defect.getSeverityCode() + " / " + defect.getCheckerCode());
+							defect.setSeverityCode("ETC");
+							etcCnt++;
+							break;
 					}
 
 					totalCnt++;

project/dexter-metrics/src/java/com/samsung/sec/dexter/metrics/util/CdtUtil.java

@@ -148,9 +148,6 @@ public int visit(IASTDeclaration declaration) {
 		final Map<String, Integer> mapSourceMatrices = CdtUtilHelper.mapSourceMatrices;
 		final Map<String, Integer> mapLocSourceMetrices = CdtUtilHelper.mapFunctionLocMetrices;
 
-		logger.info(mapSourceMatrices);
-		logger.info(mapLocSourceMetrices);
-
 		final List<Map<String, Object>> functionMetricsMap = new ArrayList<Map<String, Object>>();
 
 		for (int i = 0; i < functionList.size(); i++) {

project/dexter-vd-cpp/src/java/checker-config.json

@@ -1,16 +1,16 @@
 {"checkerList":
 [
-{"code":"USLEEP","name":"USEEP for Critical Secure Coding","type":"BOTH","categoryName":"Market Issue","severityCode":"CRI","version":"0.9.2","description":"usleep(useconds_t usec) function can affect system performance, if usec parameter set too shortly. VD recommend that you use more than 10000 ms of usleep function.","isActive":true,"properties":{"value":"10000"},"cwe":0},
-{"code":"VECTOR_ERASE_FUNCTION_MISUSE","name":"Vector Erase Function Misuse","type":"BOTH","categoryName":"CRC","severityCode":"MAJ","version":"0.9.2","description":"Avoid vector erase function inside iterative block;","isActive":true,"properties":{"RegExp":"[A-Z][0-9_A-Z]+"},"cwe":3},
-{"code":"SIGNED_UNSIGNED_ASSIGNMENT_ERROR","name":"Signed Unsigned Assignment Error","type":"BOTH","categoryName":"CRC","severityCode":"ETC","version":"0.9.2","description":"A Signed data type is transformed into a larger Unsigned data type. This can produce unexpected values.","isActive":true,"properties":{"RegExp":"[A-Z][0-9_A-Z]+"},"cwe":0},
-{"code":"CHECK_FREE_STMT","name":"Checking Free Statement for a return object","type":"BOTH","categoryName":"Tizen","severityCode":"CRI","version":"0.9.2","description":"You should have free statement for a returned object by calling ${methodName}","isActive":true,"properties": {"method-list": "vconf_get_str"},"cwe":0},
-{"code":"CHECK_FREE_STMT_PARAM",  "name": "Checking Free Statement for a parameter object",  "type": "BOTH",  "categoryName": "Tizen",  "severityCode": "CRI",  "version": "0.9.2",  "description": "You should have free statement for a parameter by calling ${methodName}",  "isActive": true,  "properties": {    "method-list": "system_info_get_value_string,system_settings_get_value_string"  },  "cwe": 0},
-{"code":"CHECK_THREAD_UNSAFE_FUNCTION_DBUS_GLIB",  "name": "Checking thread unsafe function: dbus-glib",  "type": "BOTH",  "categoryName": "Tizen",  "severityCode": "CRI",  "version": "0.9.2",  "description": "${methodName}: dbus-glib is thread unsafe function. so VD recommends NOT to use dbus-glib in the multi-thread environment",  "isActive": true,  "properties": {"method-list": "dbus_g_proxy_call,dbus_g_proxy_new_for_name,dbus_g_proxy_new_for_owner"  },  "cwe": 0},
-{"code":"CHECK_USAGE_DUID",  "name": "Checking usage of DUID",  "type": "BOTH",  "categoryName": "Tizen",  "severityCode": "CRI",  "version": "0.9.2",  "description": "${idName} is used. You need to check usage and the purpose of ID system. please refer to Samsung Smart TV Service Device Identifier Guideline",  "isActive": true,  "properties": {"id-list": "db/comss/hwduid,db/comss/duid,db/comss/psid"},  "cwe": 0},
-{"code":"CHECK_USAGE_ATOI_AS_ARRAY_INDEX","name": "Checking usage of returned value of atoi() as an index of array","type": "BOTH","categoryName": "Tizen","severityCode": "MAJ","version": "0.9.2","description": "atoi() couldreturned return negative value(return type is integer value). do Not use returned value of atoi() as array index without checking its range","isActive": true,"properties": { },"cwe": 0},
-{"code":"CHECK_FREE_STMT_THIRD_PARAM",  "name": "Checking Free Statement for a parameter object",  "type": "BOTH",  "categoryName": "Tizen",  "severityCode": "CRI",  "version": "0.9.2",  "description": "You should have free statement for a parameter by calling ${methodName}",  "isActive": true,  "properties": {"method-list": "app_control_get_extra_data,app_control_get_extra_data_array"},  "cwe": 0},
-{"code":"CHECK_ARRAY_INDEX_OUT_OF_BOUNDS",  "name": "Checking array index out of bounds",  "type": "BOTH",  "categoryName": "Tizen",  "severityCode": "CRI",  "version": "0.9.2",  "description": "Array index out of bounds",  "isActive": true,  "properties": { },  "cwe": 129},
-{"code": "CHECK_ARRAY_INDEX_OUT_OF_BOUNDS_TWO_DIMESIONAL",  "name": "Checking array index out of bounds",  "type": "BOTH",  "categoryName": "Tizen",  "severityCode": "CRI",  "version": "0.9.2",  "description": "Array index out of bounds",  "isActive": true,  "properties": { },  "cwe": 129},
-{"code": "DO_WHILE_BRACKET",  "name": "Do-While bracket check",  "type": "BOTH",  "categoryName": "CRC",  "severityCode": "CRC",  "version": "0.9.2",  "description": "In the do-while statement, {} shall be always used",  "isActive": true,  "properties": { },  "cwe": 0}
+{"code":"USLEEP","name":"USEEP for Critical Secure Coding","type":"BOTH","categoryName":"Market Issue","severityCode":"CRI","version":"0.9.4","description":"usleep(useconds_t usec) function can affect system performance, if usec parameter set too shortly. VD recommend that you use more than 10000 ms of usleep function.","isActive":true,"properties":{"value":"10000"},"cwe":0},
+{"code":"VECTOR_ERASE_FUNCTION_MISUSE","name":"Vector Erase Function Misuse","type":"BOTH","categoryName":"CRC","severityCode":"MAJ","version":"0.9.4","description":"Avoid vector erase function inside iterative block;","isActive":true,"properties":{"RegExp":"[A-Z][0-9_A-Z]+"},"cwe":3},
+{"code":"SIGNED_UNSIGNED_ASSIGNMENT_ERROR","name":"Signed Unsigned Assignment Error","type":"BOTH","categoryName":"CRC","severityCode":"ETC","version":"0.9.4","description":"A Signed data type is transformed into a larger Unsigned data type. This can produce unexpected values.","isActive":true,"properties":{"RegExp":"[A-Z][0-9_A-Z]+"},"cwe":0},
+{"code":"CHECK_FREE_STMT","name":"Checking Free Statement for a return object","type":"BOTH","categoryName":"Tizen","severityCode":"CRI","version":"0.9.4","description":"You should have free statement for a returned object by calling ${methodName}","isActive":true,"properties": {"method-list": "vconf_get_str"},"cwe":0},
+{"code":"CHECK_FREE_STMT_PARAM",  "name": "Checking Free Statement for a parameter object",  "type": "BOTH",  "categoryName": "Tizen",  "severityCode": "CRI",  "version": "0.9.4",  "description": "You should have free statement for a parameter by calling ${methodName}",  "isActive": true,  "properties": {    "method-list": "system_info_get_value_string,system_settings_get_value_string"  },  "cwe": 0},
+{"code":"CHECK_THREAD_UNSAFE_FUNCTION_DBUS_GLIB",  "name": "Checking thread unsafe function: dbus-glib",  "type": "BOTH",  "categoryName": "Tizen",  "severityCode": "CRI",  "version": "0.9.4",  "description": "${methodName}: dbus-glib is thread unsafe function. so VD recommends NOT to use dbus-glib in the multi-thread environment",  "isActive": true,  "properties": {"method-list": "dbus_g_proxy_call,dbus_g_proxy_new_for_name,dbus_g_proxy_new_for_owner"  },  "cwe": 0},
+{"code":"CHECK_USAGE_DUID",  "name": "Checking usage of DUID",  "type": "BOTH",  "categoryName": "Tizen",  "severityCode": "CRI",  "version": "0.9.4",  "description": "${idName} is used. You need to check usage and the purpose of ID system. please refer to Samsung Smart TV Service Device Identifier Guideline",  "isActive": true,  "properties": {"id-list": "db/comss/hwduid,db/comss/duid,db/comss/psid"},  "cwe": 0},
+{"code":"CHECK_USAGE_ATOI_AS_ARRAY_INDEX","name": "Checking usage of returned value of atoi() as an index of array","type": "BOTH","categoryName": "Tizen","severityCode": "MAJ","version": "0.9.4","description": "atoi() couldreturned return negative value(return type is integer value). do Not use returned value of atoi() as array index without checking its range","isActive": true,"properties": { },"cwe": 0},
+{"code":"CHECK_FREE_STMT_THIRD_PARAM",  "name": "Checking Free Statement for a parameter object",  "type": "BOTH",  "categoryName": "Tizen",  "severityCode": "CRI",  "version": "0.9.4",  "description": "You should have free statement for a parameter by calling ${methodName}",  "isActive": true,  "properties": {"method-list": "app_control_get_extra_data,app_control_get_extra_data_array"},  "cwe": 0},
+{"code":"CHECK_ARRAY_INDEX_OUT_OF_BOUNDS",  "name": "Checking array index out of bounds",  "type": "BOTH",  "categoryName": "Tizen",  "severityCode": "CRI",  "version": "0.9.4",  "description": "Array index out of bounds",  "isActive": true,  "properties": { },  "cwe": 129},
+{"code": "CHECK_ARRAY_INDEX_OUT_OF_BOUNDS_TWO_DIMESIONAL",  "name": "Checking array index out of bounds",  "type": "BOTH",  "categoryName": "Tizen",  "severityCode": "CRI",  "version": "0.9.4",  "description": "Array index out of bounds",  "isActive": true,  "properties": { },  "cwe": 129},
+{"code": "DO_WHILE_BRACKET",  "name": "Do-While bracket check",  "type": "BOTH",  "categoryName": "CRC",  "severityCode": "CRC",  "version": "0.9.4",  "description": "In the do-while statement, {} shall be always used",  "isActive": true,  "properties": { },  "cwe": 0}
 ],
 "toolName":"dexter-vd-cpp","language":"CPP"}

project/dexter.eclipse.update.64/site.xml

@@ -1,9 +1,9 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <site>
    <feature url="features/dexter.eclipse.feature.64_0.9.4.jar" id="dexter.eclipse.feature.64" version="0.9.4">
-      <category name="dexter-eclipse"/>
+      <category name="dexter-eclipse_64"/>
    </feature>
-   <category-def name="dexter-eclipse" label="Dexter Eclipse Feature 64bit">
+   <category-def name="dexter-eclipse_64" label="Dexter Eclipse Feature 64bit">
       <description>
          Samsung Electronics VD SE Lab
       </description>