Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support to critical severity vulnerabilities #126

Closed
wants to merge 3 commits into from
Closed

Support to critical severity vulnerabilities #126

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
1360a62
critical severity support
igorlombacx Nov 23, 2023
d02df07
updating icons
igorlombacx Nov 28, 2023
d206429
rebase with main
hmmachadocx Aug 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion checkmarx-ast-eclipse-plugin/.classpath
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@
</classpathentry>
<classpathentry kind="con" path="org.eclipse.pde.core.requiredPlugins"/>
<classpathentry exported="true" kind="lib" path="lib/slf4j-simple-1.7.5.jar"/>
<classpathentry exported="true" kind="lib" path="lib/slf4j-reload4j-1.7.36.jar"/>
<classpathentry exported="true" kind="lib" path="lib/slf4j-api-1.7.5.jar"/>
<classpathentry exported="true" kind="lib" path="lib/jackson-annotations-2.12.4.jar"/>
<classpathentry exported="true" kind="lib" path="lib/jackson-core-2.12.4.jar"/>
Expand All @@ -16,6 +17,6 @@
<classpathentry exported="true" kind="lib" path="lib/org.eclipse.mylyn.commons.ui_3.25.2.v20200813-0821.jar"/>
<classpathentry exported="true" kind="lib" path="lib/org.apache.commons.lang_2.6.0.v20220406-2305.jar"/>
<classpathentry exported="true" kind="lib" path="lib/org-eclipse-mylyn-commons-core.jar"/>
<classpathentry kind="src" path="src"/>
<classpathentry kind="src" path="src/"/>
<classpathentry kind="output" path="target/classes"/>
</classpath>
Binary file added checkmarx-ast-eclipse-plugin/icons/C-M.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added checkmarx-ast-eclipse-plugin/icons/H-M.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added checkmarx-ast-eclipse-plugin/icons/I-M.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added checkmarx-ast-eclipse-plugin/icons/L-M.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added checkmarx-ast-eclipse-plugin/icons/M-M.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added checkmarx-ast-eclipse-plugin/icons/critical.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added checkmarx-ast-eclipse-plugin/icons/high.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added checkmarx-ast-eclipse-plugin/icons/info.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added checkmarx-ast-eclipse-plugin/icons/low.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added checkmarx-ast-eclipse-plugin/icons/medium.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
5 changes: 3 additions & 2 deletions checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/enums/ActionName.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,8 @@
package com.checkmarx.eclipse.enums;

public enum ActionName {


CRITICAL,
HIGH,
MEDIUM,
LOW,
Expand All @@ -13,6 +14,6 @@ public enum ActionName {
GROUP_BY_SEVERITY,
GROUP_BY_QUERY_NAME,
GROUP_BY_STATE_NAME,

FILTER_CHANGED
}
608 changes: 321 additions & 287 deletions checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/CheckmarxView.java
View file
Open in desktop

Large diffs are not rendered by default.

55 changes: 32 additions & 23 deletions checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/DataProvider.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,9 @@
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashMap;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import java.util.Optional;
Expand Down Expand Up @@ -408,34 +410,41 @@ private Map<String, List<DisplayModel>> filterResultsByScannerType(List<DisplayM
}
return filteredMap;
}


private static final List<String> SEVERITY_ORDER = Arrays.asList("CRITICAL", "HIGH", "MEDIUM", "LOW", "INFO");

/**
* Group vulnerabilities by severity
*
* @param filteredResultsByScannerType
*/
private void groupResultsBySeverity(Map<String, List<DisplayModel>> filteredResultsByScannerType) {
filteredResultsByScannerType.entrySet().stream().forEach(entry -> {

Map<String, List<DisplayModel>> mapBySeverity = new HashMap<>();
String scanner = entry.getKey();
List<DisplayModel> vulnerabilities = entry.getValue();

for (DisplayModel result : vulnerabilities) {
String severityType = result.getSeverity();

if (mapBySeverity.containsKey(severityType)) {
mapBySeverity.get(severityType).add(result);
} else {
mapBySeverity.put(severityType, new ArrayList<>(Arrays.asList(result)));
}
}

List<DisplayModel> children = createParentNodeByScanner(mapBySeverity);

filteredResultsByScannerType.put(scanner, children);
});
}
private void groupResultsBySeverity(Map<String, List<DisplayModel>> filteredResultsByScannerType) {
filteredResultsByScannerType.entrySet().stream().forEach(entry -> {
Map<String, List<DisplayModel>> mapBySeverity = new LinkedHashMap<>();
String scanner = entry.getKey();
List<DisplayModel> vulnerabilities = entry.getValue();

for (DisplayModel result : vulnerabilities) {
String severityType = result.getSeverity();

if (mapBySeverity.containsKey(severityType)) {
mapBySeverity.get(severityType).add(result);
} else {
mapBySeverity.put(severityType, new ArrayList<>(Arrays.asList(result)));
}
}

Map<String, List<DisplayModel>> sortedMapBySeverity = new LinkedHashMap<>();
SEVERITY_ORDER.forEach(severity -> {
if (mapBySeverity.containsKey(severity)) {
sortedMapBySeverity.put(severity, mapBySeverity.get(severity));
}
});

List<DisplayModel> children = createParentNodeByScanner(sortedMapBySeverity);
filteredResultsByScannerType.put(scanner, children);
});
}

/**
* Group vulnerabilities by query name based on groupBySeverity state
Expand Down
12 changes: 8 additions & 4 deletions checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/filters/ActionFilters.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,10 @@
import com.google.common.eventbus.EventBus;

public class ActionFilters {


private static final String ACTION_FILTER_CRITICAL_TOOLTIP = "Critical";
private static final String ACTION_FILTER_CRITICAL_ICON_PATH = "/icons/critical_untoggle.png";

private static final String ACTION_FILTER_HIGH_TOOLTIP = "High";
private static final String ACTION_FILTER_HIGH_ICON_PATH = "/icons/high_untoggle.png";

Expand Down Expand Up @@ -41,13 +44,14 @@ public ActionFilters(EventBus pluginEventBus) {
*/
public List<Action> createFilterActions(){
List<Action> filters = new ArrayList<>();


Action filterCriticalAction = createFilterAction(ACTION_FILTER_CRITICAL_TOOLTIP, ACTION_FILTER_CRITICAL_ICON_PATH, Severity.CRITICAL, ActionName.CRITICAL);
Action filterHighAction = createFilterAction(ACTION_FILTER_HIGH_TOOLTIP, ACTION_FILTER_HIGH_ICON_PATH, Severity.HIGH, ActionName.HIGH);
Action filterMediumAction = createFilterAction(ACTION_FILTER_MEDIUM_TOOLTIP, ACTION_FILTER_MEDIUM_ICON_PATH, Severity.MEDIUM, ActionName.MEDIUM);
Action filterLowAction = createFilterAction(ACTION_FILTER_LOW_TOOLTIP, ACTION_FILTER_LOW_ICON_PATH, Severity.LOW, ActionName.LOW);
Action filterInfoAction = createFilterAction(ACTION_FILTER_INFO_TOOLTIP, ACTION_FILTER_INFO_ICON_PATH, Severity.INFO, ActionName.INFO);


filters.add(filterCriticalAction);
filters.add(filterHighAction);
filters.add(filterMediumAction);
filters.add(filterLowAction);
Expand Down
51 changes: 29 additions & 22 deletions checkmarx-ast-eclipse-plugin/src/com/checkmarx/eclipse/views/filters/FilterState.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,37 +7,39 @@

public class FilterState {

public static boolean critical = true;
public static boolean high = true;
public static boolean medium = true;
public static boolean low = false;
public static boolean info = false;
public static boolean groupBySeverity = true;
public static boolean groupByQueryName = false;
public static boolean groupByStateName = false;

/*FILTER STATE FLAGS
* */

public static boolean notExploitable = true;
public static boolean confirmed = true;
public static boolean to_verify = true;
public static boolean ignored = true;
public static boolean not_ignored = true;
public static boolean urgent = true;
public static boolean proposedNotExploitable = true;







public static void loadFiltersFromSettings() {
high = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.HIGH.name(), "true"));
critical = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.CRITICAL.name(), "true"));
high = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.HIGH.name(), "true"));
medium = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.MEDIUM.name(), "true"));
low = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.LOW.name(), "false"));
info = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.INFO.name(), "false"));
groupBySeverity = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.GROUP_BY_SEVERITY.name(), "true"));
groupByQueryName = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.GROUP_BY_QUERY_NAME.name(), "false"));
groupByStateName = Boolean.parseBoolean(GlobalSettings.getFromPreferences(Severity.GROUP_BY_STATE_NAME.name(), "false"));

notExploitable = Boolean.parseBoolean(GlobalSettings.getFromPreferences(State.NOT_EXPLOITABLE.name(), "false"));
confirmed = Boolean.parseBoolean(GlobalSettings.getFromPreferences(State.CONFIRMED.name(), "true"));
to_verify = Boolean.parseBoolean(GlobalSettings.getFromPreferences(State.TO_VERIFY.name(), "true"));
Expand All @@ -46,14 +48,18 @@ public static void loadFiltersFromSettings() {
not_ignored = Boolean.parseBoolean(GlobalSettings.getFromPreferences(State.NOT_IGNORED.name(), "true"));
proposedNotExploitable = Boolean.parseBoolean(GlobalSettings.getFromPreferences(State.PROPOSED_NOT_EXPLOITABLE.name(), "false"));
}

/**
* Change severity state
*
*
* @param severity
*/
public static void setState(Severity severity) {
switch(severity) {
case CRITICAL:
critical = !critical;
GlobalSettings.storeInPreferences(Severity.CRITICAL.name(), String.valueOf(critical));
break;
case HIGH:
high = !high;
GlobalSettings.storeInPreferences(Severity.HIGH.name(), String.valueOf(high));
Expand All @@ -76,18 +82,18 @@ public static void setState(Severity severity) {
break;
case GROUP_BY_QUERY_NAME:
groupByQueryName = !groupByQueryName;
GlobalSettings.storeInPreferences(Severity.GROUP_BY_QUERY_NAME.name(), String.valueOf(groupByQueryName));
GlobalSettings.storeInPreferences(Severity.GROUP_BY_QUERY_NAME.name(), String.valueOf(groupByQueryName));
break;
case GROUP_BY_STATE_NAME:
groupByStateName = !groupByStateName;
GlobalSettings.storeInPreferences(Severity.GROUP_BY_STATE_NAME.name(), String.valueOf(groupByStateName));
break;
GlobalSettings.storeInPreferences(Severity.GROUP_BY_STATE_NAME.name(), String.valueOf(groupByStateName));
break;
default:
break;
}
}


public static void setFilterState(State state) {
switch(state) {
case NOT_EXPLOITABLE:
Expand Down Expand Up @@ -117,12 +123,12 @@ public static void setFilterState(State state) {
case TO_VERIFY:
to_verify = !to_verify;
GlobalSettings.storeInPreferences(State.TO_VERIFY.name(), String.valueOf(to_verify));
break;
break;
default:
break;
}
}

public static boolean isFilterStateEnabled(String state) {
switch(State.getState(state)) {
case NOT_EXPLOITABLE: return notExploitable;
Expand All @@ -135,18 +141,19 @@ public static boolean isFilterStateEnabled(String state) {
default:
break;
}

return false;
}

/**
* Checks whether a severity is enabled
*
*
* @param severity
* @return
*/
public static boolean isSeverityEnabled(String severity) {
switch(Severity.getSeverity(severity)) {
case CRITICAL: return critical;
case HIGH: return high;
case MEDIUM: return medium;
case LOW: return low;
Expand All @@ -157,14 +164,14 @@ public static boolean isSeverityEnabled(String severity) {
default:
break;
}

return false;
}

/**
* Reset filters state
*/
public static void resetFilters() {
critical = true;
high = true;
medium = true;
low = false;
Expand All @@ -173,5 +180,5 @@ public static void resetFilters() {
groupByQueryName = true;
groupByStateName = true;
}

}