update cases0066

alipaydeshui · alipaydeshui · commit b8d56c1ec79e · 2023-02-07T14:05:24.000+08:00
update cases0066
diff --git a/src/main/java/com/iast/astbenchmark/analyser/cache/CasetargeCache.java b/src/main/java/com/iast/astbenchmark/analyser/cache/CasetargeCache.java
@@ -1,38 +1,46 @@
 package com.iast.astbenchmark.analyser.cache;
 
 import cn.hutool.core.io.FileUtil;
+import cn.hutool.core.io.IoUtil;
+import cn.hutool.core.io.resource.ClassPathResource;
 import cn.hutool.json.JSONArray;
 import cn.hutool.json.JSONUtil;
 import com.iast.astbenchmark.analyser.bean.CaseTargetBean;
 import com.google.common.collect.Maps;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Component;
 
 import javax.annotation.PostConstruct;
 import java.nio.charset.Charset;
 import java.util.Map;
 
 @Component
+@Slf4j
 public class CasetargeCache {
     private static Map<String, CaseTargetBean> targetMap = Maps.newLinkedHashMap();
 
     @PostConstruct
     void init() {
         this.goinit();
     }
-  public static void initNow(){
+
+    public static void initNow() {
         new CasetargeCache().goinit();
-  }
+    }
+
     private void goinit() {
-        if(targetMap.isEmpty()){
+        if (targetMap.isEmpty()) {
             try {
-                JSONArray array = JSONUtil.readJSONArray(FileUtil.file("case_target_list.json"), Charset.forName("utf-8"));
+                String target = IoUtil.read(new ClassPathResource("case_target_list.json").getStream(),Charset.forName("utf-8"));
+                //JSONArray array = JSONUtil.readJSONArray(FileUtil.file("case_target_list.json"), Charset.forName("utf-8"));
+                JSONArray array =JSONUtil.parseArray(target);
                 array.stream().forEach(e -> {
                     CaseTargetBean bean = JSONUtil.toBean(JSONUtil.toJsonStr(e), CaseTargetBean.class);
                     targetMap.put(bean.getCaseNo(), bean);
                 });
-                String aa;
+
             } catch (Exception e) {
-                System.out.println("ERROR : Case加载失败，请检查您的case_target_list.json");
+                log.error("ERROR : Case加载失败，请检查您的case_target_list.json:{}", e);
             }
         }
     }
diff --git a/src/main/java/com/iast/astbenchmark/analyser/factory/stategy/IastCaseDataTransfer.java b/src/main/java/com/iast/astbenchmark/analyser/factory/stategy/IastCaseDataTransfer.java
@@ -91,10 +91,15 @@ public  List<IastSlsBaseMessageBean> getReportLog(String reportId,String filePat
         List<IastSlsBaseMessageBean> iastMbList = new ArrayList<>();
         for (String log: logList) {
             String logSplit = "LogUtil - ";
+            String slsSplit = "SlsUtil - ";
             if(log.contains(logSplit)){
                 String mbStr = log.split(logSplit)[1];
                 IastSlsBaseMessageBean mb = JSONUtil.toBean(mbStr,IastSlsBaseMessageBean.class);
                 iastMbList.add(mb);
+            }else if (log.contains(slsSplit)){
+                String mbStr = log.split(slsSplit)[1];
+                IastSlsBaseMessageBean mb = JSONUtil.toBean(mbStr,IastSlsBaseMessageBean.class);
+                iastMbList.add(mb);
             }
         }
         return iastMbList;
diff --git a/src/main/java/com/iast/astbenchmark/analyser/factory/stategy/SeekerCaseDataTransfer.java b/src/main/java/com/iast/astbenchmark/analyser/factory/stategy/SeekerCaseDataTransfer.java
@@ -51,6 +51,7 @@ public CaseDataCollectResultBean doOperation() {
          */
         Map<String, BaseOriginalDataBean> tagMap = convertToTagMap(logsBeans);
         resultBean.setCaseDetectionItems(CaseResultutils.caseAnalyse(tagMap));
+
         return resultBean;
     }
 
diff --git a/src/main/java/com/iast/astbenchmark/cases/AstTaintCase002.java b/src/main/java/com/iast/astbenchmark/cases/AstTaintCase002.java
@@ -1062,7 +1062,7 @@ public Map<String, Object> aTaintCase0066(@RequestParam String cmd ) {
         Map<String, Object> modelMap = new HashMap<>();
         try {
             byte[] bytes = cmd.getBytes();
-            Runtime.getRuntime().exec(String.valueOf(bytes));
+            Runtime.getRuntime().exec(new String(bytes));
             modelMap.put("status", CommonConsts.SUCCESS_STR);
         } catch (IOException e) {
             modelMap.put("status", CommonConsts.ERROR_STR);
@@ -1079,7 +1079,7 @@ public Map<String, Object> aTaintCase0067(@RequestParam String cmd ) {
         try {
             char[] chars= new char[]{0,0};
             cmd.getChars(0,2,chars,0);
-            Runtime.getRuntime().exec(String.valueOf(chars));
+            Runtime.getRuntime().exec(new String(chars));
             modelMap.put("status", CommonConsts.SUCCESS_STR);
         } catch (IOException e) {
             modelMap.put("status", CommonConsts.ERROR_STR);

Original file line number	Diff line number	Diff line change
`@@ -51,6 +51,7 @@ public CaseDataCollectResultBean doOperation() {`
`51`	`51`	`*/`
`52`	`52`	`Map<String, BaseOriginalDataBean> tagMap = convertToTagMap(logsBeans);`
`53`	`53`	`resultBean.setCaseDetectionItems(CaseResultutils.caseAnalyse(tagMap));`
	`54`	`+`
`54`	`55`	`return resultBean;`
`55`	`56`	`}`
`56`	`57`