@Override public String toString() { return "[" + getId() + ", " + genericVulnerability + " " + surfaceLocation.getPath() + " " + surfaceLocation.getParameter() + "]"; }
@Transient @JsonView({ AllViews.TableRow.class, AllViews.VulnSearch.class, AllViews.VulnerabilityDetail.class, AllViews.RestVulnSearch.class }) public String getParameter() { return getSurfaceLocation() == null ? null : getSurfaceLocation().getParameter(); }
private static Vulnerabilities.Vulnerability.Finding.SurfaceLocation convertTFSurfaceLocationToSSVL(SurfaceLocation tfSurfaceLocation) { if (tfSurfaceLocation == null) return null; Vulnerabilities.Vulnerability.Finding.SurfaceLocation ssvlSurfaceLocation = factory.createVulnerabilitiesVulnerabilityFindingSurfaceLocation(); ssvlSurfaceLocation.setParameter(tfSurfaceLocation.getParameter()); ssvlSurfaceLocation.setUrl(tfSurfaceLocation.getUrl().toString()); return ssvlSurfaceLocation; }
public static EndpointQuery toEndpointQuery(Finding finding) { EndpointQueryBuilder builder = EndpointQueryBuilder.start(); SurfaceLocation location = finding.getSurfaceLocation(); if (location != null) { if (location.getHttpMethod() != null) { builder.setHttpMethod(location.getHttpMethod()); } if (location.getPath() != null) { builder.setDynamicPath(location.getPath()); } if (location.getParameter() != null) { builder.setParameter(location.getParameter()); } } if (finding.getIsStatic()) { builder.setInformationSourceType(InformationSourceType.STATIC); } else { builder.setInformationSourceType(InformationSourceType.DYNAMIC); } if (finding.getSourceFileLocation() != null) { builder.setStaticPath(finding.getSourceFileLocation()); } if (finding.getDataFlowElements() != null && !finding.getDataFlowElements().isEmpty()) { builder.setCodePoints(toCodePoints(finding.getDataFlowElements())); } return builder.generateQuery(); }
@Transient @JsonIgnore public VulnerabilityMarker toVulnerabilityMarker() { VulnerabilityMarker marker = new VulnerabilityMarker(); marker.setFilePath(getFindingCalculatedFilePath()) .setLineNumber(getEntryPointLineNumber()) .setGenericVulnId(genericVulnerability.getId()) .setGenericVulnName(genericVulnerability.getName()) .setParameter(surfaceLocation.getParameter()); if (getDefect() != null) { marker.setDefectId(getDefect().getNativeId()) .setDefectUrl(getDefect().getDefectURL()); } Set<String> scanners = set(); marker.setSeverity(getSeverityName()); for (Finding finding : getFindings()) { scanners.add(finding.getChannelNameOrNull()); } marker.setScanners(listFrom(scanners)); return marker; }
public DeletedSurfaceLocation(SurfaceLocation surfaceLocation) { if (surfaceLocation != null) { if (surfaceLocation.getFinding() != null){ setDeletedFindingId(surfaceLocation.getFinding().getId()); } setHost(surfaceLocation.getHost()); setParameter(surfaceLocation.getParameter()); setPath(surfaceLocation.getPath()); setPort(surfaceLocation.getPort()); setProtocol(surfaceLocation.getProtocol()); setQuery(surfaceLocation.getQuery()); setId(surfaceLocation.getId()); } }