NathanJPhillips
diff --git a/‎benchmarks/GENUINE/Alfresco.sh
Lines changed: 48 additions & 30 deletions b/‎benchmarks/GENUINE/Alfresco.sh
Lines changed: 48 additions & 30 deletions
diff --git a/‎benchmarks/GENUINE/CiteSeerX.sh
Lines changed: 32 additions & 29 deletions b/‎benchmarks/GENUINE/CiteSeerX.sh
Lines changed: 32 additions & 29 deletions
diff --git a/‎benchmarks/GENUINE/DSpace.sh
Lines changed: 42 additions & 68 deletions b/‎benchmarks/GENUINE/DSpace.sh
Lines changed: 42 additions & 68 deletions
diff --git a/‎benchmarks/GENUINE/Ginco.sh
Lines changed: 42 additions & 23 deletions b/‎benchmarks/GENUINE/Ginco.sh
Lines changed: 42 additions & 23 deletions
@@ -1,22 +1,27 @@
 #!/usr/bin/env bash
 
-script_dir=$(pwd)
-
 if [ -z "$SECURITY_SCANNER_HOME" ]; then
-    SECURITY_SCANNER_HOME=../../dist
-    if [ ! -d "$SECURITY_SCANNER_HOME" ]; then
-        echo "Need to set SECURITY_SCANNER_HOME to cmake directory"
-        exit 1
-    fi
-    echo "SECURITY_SCANNER_HOME set to path: $SECURITY_SCANNER_HOME"
+    echo "Need to set SECURITY_SCANNER_HOME to cmake directory"
+    exit 1
+fi
+
+# Stop script if a command does not succeed
+set -e
+
+SCRIPT_DIR="$( cd "$(dirname "$0")" ; pwd -P )"
+REPO_DIR=$SCRIPT_DIR/Alfresco
+DEPLOY_DIR=$REPO_DIR/__dist__
+if [ -z "$OUTPUT_DIR" ]; then
+    OUTPUT_DIR=$SECURITY_SCANNER_HOME/GENUINE
 fi
 
-if [[ ! -d "Alfresco" ]]; then
+if [[ ! -d $REPO_DIR ]]; then
+    # First switch to Java 7
     java_version=$(java -version 2>&1 | awk -F '"' '/version/ {print $2}')
     if [[ ! "$java_version" < "1.8" ]]; then
         echo "WRONG JAVA VERSION: $java_version"
         jdk_7_presence=$(update-java-alternatives --list 2>&1 | grep "java-1.7.0-openjdk-amd64")
-        if [[ "$jdk_7_presence" == "" ]]; then
+        if [ -z "$jdk_7_presence" ]; then
             echo "In order to install JAVA 1.7 do the following:"
             echo "      sudo add-apt-repository ppa:openjdk-r/ppa"
             echo "      sudo apt update"
@@ -41,32 +46,45 @@ if [[ ! -d "Alfresco" ]]; then
         JAVA_HOME=/usr/lib/jvm/java-7-openjdk-amd64/bin
     fi
 
-    mkdir Alfresco
-    cd Alfresco
-
-    # The next two statements are commented, because it access the old repo 
-    # which was deleted. It was actually a mirror of the SVN repo used below.
-    #   git clone [email protected]:Alfresco/community-edition .
-    #   git checkout 5fcc93f009c6fb8578e87e79dc19a44309210602
-
-    # We are checking out the revision in which we know about the issue.
+    # Clone the repository and check out a commit which has the issue.
+    # Originally we looked at commit 5fcc93f009c6fb8578e87e79dc19a44309210602 in
+    # the git repository [email protected]:Alfresco/community-edition . It has
+    # since been deleted, but fortunately it was just a clone of the svn
+    # repository below.
+    mkdir -p $REPO_DIR
+    cd $REPO_DIR
     svn checkout -r 74720 https://svn.alfresco.com/repos/alfresco-open-mirror/alfresco/HEAD/root .
 
+    # Build and install
     mvn install -DskipTests
 
-    mkdir __dist__
-    mkdir __dist__/webapps
-    cp projects/web-client/target/alfresco-4.3.0-SNAPSHOT.war __dist__/webapps
-    cp projects/slingshot/target/share-4.3.0-SNAPSHOT.war  __dist__/webapps
-    mkdir __dist__/lib
-    cp projects/3rd-party/lib/devenv/mysql-connector-java-5.1.13-bin.jar __dist__/lib
-    cp projects/3rd-party/lib/devenv/postgresql-9.3-1101-jdbc41.jar __dist__/lib
-    cp projects/3rd-party/lib/j2ee/portlet_20.jar __dist__/lib
-    cp projects/3rd-party/lib/xalan-2.7.0/xalan.jar __dist__/lib
-    cp projects/3rd-party/lib/xalan-2.7.0/serializer.jar __dist__/lib
+    # Deploy web apps
+    mkdir -p $DEPLOY_DIR/webapps
+    cp projects/web-client/target/alfresco-4.3.0-SNAPSHOT.war $DEPLOY_DIR/webapps
+    cp projects/slingshot/target/share-4.3.0-SNAPSHOT.war  $DEPLOY_DIR/webapps
+
+    # Deploy libraries
+    mkdir $DEPLOY_DIR/lib
+    cp projects/3rd-party/lib/devenv/mysql-connector-java-5.1.13-bin.jar $DEPLOY_DIR/lib
+    cp projects/3rd-party/lib/devenv/postgresql-9.3-1101-jdbc41.jar $DEPLOY_DIR/lib
+    cp projects/3rd-party/lib/j2ee/portlet_20.jar $DEPLOY_DIR/lib
+    cp projects/3rd-party/lib/xalan-2.7.0/xalan.jar $DEPLOY_DIR/lib
+    cp projects/3rd-party/lib/xalan-2.7.0/serializer.jar $DEPLOY_DIR/lib
 
     cd ..
 fi
 
-(cd $SECURITY_SCANNER_HOME && python3 $script_dir/../../driver/run.py -C $script_dir/AlfrescoRules.json -I $script_dir/Alfresco/__dist__/webapps/alfresco-4.3.0-SNAPSHOT.war -L $script_dir/Alfresco/__dist__/lib -R $script_dir/../../dist/GENUINE/Alfresco/RESULTS -T $script_dir/../../dist/GENUINE/Alfresco/TEMP --name Alfresco --verbosity 9 --use-models-library --use-apache-tomcat --do-not-use-precise-access-paths --rebuild --timeout 10000000 --entry-point org.alfresco.web.bean.ajax.PickerBean.getCategoryNodes)
+# Run security-analyser
+cd $SECURITY_SCANNER_HOME
 
+python3 $SCRIPT_DIR/../../driver/run.py \
+-C $SCRIPT_DIR/AlfrescoRules.json \
+-I $DEPLOY_DIR/webapps/alfresco-4.3.0-SNAPSHOT.war \
+-L $DEPLOY_DIR/lib \
+-R $OUTPUT_DIR/Alfresco/results \
+-T $OUTPUT_DIR/Alfresco/temp \
+--name Alfresco \
+--use-models-library --use-apache-tomcat \
+--timeout 10000000 --verbosity 9 --rebuild \
+--do-not-use-precise-access-paths \
+--entry-point org.alfresco.web.bean.ajax.PickerBean.getCategoryNodes
@@ -1,46 +1,49 @@
 #!/usr/bin/env bash
 
-if [ $1 ]; then
-    SECURITY_SCANNER_HOME=$1
-fi
-
 if [ -z "$SECURITY_SCANNER_HOME" ]; then
     echo "Need to set SECURITY_SCANNER_HOME to cmake directory"
     exit 1
 fi
 
-SCRIPT_WORKING_DIR=$(pwd)
-REPO_DIR=$SCRIPT_WORKING_DIR/CiteSeerX
+# Stop script if a command does not succeed
+set -e
 
-# Clone repo and check out a commit which builds (head of master)
-cd $REPO_DIR
-git clone https://github.com/SeerLabs/CiteSeerX.git .
-git checkout 8a62545ffc904f2b41b4ecd30ce91900dc7790f4
+SCRIPT_DIR="$( cd "$(dirname "$0")" ; pwd -P )"
+REPO_DIR=$SCRIPT_DIR/CiteSeerX
+DEPLOY_DIR=$REPO_DIR
+FILES_DIR=$SCRIPT_DIR/CiteSeerX_files
+if [ -z "$OUTPUT_DIR" ]; then
+    OUTPUT_DIR=$SECURITY_SCANNER_HOME/GENUINE
+fi
 
-# There are some example 'template' files that we need to rename to build correctly
-rename 's/\.template//' conf/*.template
+if [[ ! -d $REPO_DIR ]]; then
+    # Clone repo and check out a commit which builds (head of master)
+    mkdir -p $REPO_DIR
+    cd $REPO_DIR
+    git clone https://github.com/SeerLabs/CiteSeerX.git .
+    git checkout 8a62545ffc904f2b41b4ecd30ce91900dc7790f4
 
-# Apply the git patch to remove sanitization of query
-patch -p1 -f < $SCRIPT_WORKING_DIR/CiteSeerX_files/introduce_XXS_vulnerability.patch
+    # Apply the git patch to remove sanitization of query
+    patch -p1 -f < $FILES_DIR/introduce_XXS_vulnerability.patch
 
-# Build
-ant
+    # There are some example 'template' files that we need to rename to build correctly
+    rename 's/\.template//' conf/*.template
+
+    # Build
+    ant
+fi
 
 # Run security-analyser
 cd $SECURITY_SCANNER_HOME
 
-python3 $SCRIPT_WORKING_DIR/../../driver/run.py \
--C $SCRIPT_WORKING_DIR/CiteSeerXRules.json \
--I $REPO_DIR \
--L $REPO_DIR \
--R $SCRIPT_WORKING_DIR/CiteSeerX.results \
--T $SCRIPT_WORKING_DIR/CiteSeerX.tmp \
---name CiteSeerX --verbosity 9 \
+python3 $SCRIPT_DIR/../../driver/run.py \
+-C $SCRIPT_DIR/CiteSeerXRules.json \
+-I $DEPLOY_DIR \
+-L $DEPLOY_DIR \
+-R $OUTPUT_DIR/CiteSeerX/results \
+-T $OUTPUT_DIR/CiteSeerX/temp \
+--name CiteSeerX \
 --use-models-library \
---timeout 10000000 \
---entry-point edu.psu.citeseerx.web.SearchController.handleRequest \
+--timeout 10000000 --verbosity 9 --rebuild \
 --do-not-use-precise-access-paths \
---dump-html-program \
---dump-html-summaries \
---dump-html-statistics \
---rebuild \
+--entry-point edu.psu.citeseerx.web.SearchController.handleRequest
@@ -5,80 +5,54 @@ if [ -z "$SECURITY_SCANNER_HOME" ]; then
     exit 1
 fi
 
-set -u
-set -x
-
-SCRIPT_WORKING_DIR=$(pwd)
-REPO_DIR=$SCRIPT_WORKING_DIR/DSpace
-
-# 1. Open a terminal in the directory of this readme file and clone DSpace:
-
-git clone https://github.com/DSpace/DSpace
-cd DSpace
-
-# 2. (Optional) Checkout commit:
-
-git checkout ed7d2980e264901bb60c63da183d620d49772f3e
-
-#   and in the file:
-#        <this-dir>/DSpace/build.properties
-#   update the variable 'dspace.install.dir' as follows:
-#        dspace.install.dir=<this-dir>/DSpace/__dist__
-
-echo dspace.install.dir=$REPO_DIR/__dist__ >> build.properties
-
-#   The checkout will give you a version with a fixed XSS issue. In order to
-#   return the XSS issue back comment out lines 94-108 in file:
-#        <this-dir>/DSpace/dspace-jspui/src/main/java/org/dspace/app/webui/servlet/AbstractBrowserServlet.java
-#   (NOTE: you can also check out the previous commit; but was not tested)
-
-patch -p1 < $SCRIPT_WORKING_DIR/DSpace_files/introduce-xss-vulnerability.patch
-
-#  3. Enter the directory '<this-dir>/DSpace' and type the following command:
+# Stop script if a command does not succeed
+set -e
+
+SCRIPT_DIR="$( cd "$(dirname "$0")" ; pwd -P )"
+REPO_DIR=$SCRIPT_DIR/DSpace
+DEPLOY_DIR=$REPO_DIR
+FILES_DIR=$SCRIPT_DIR/DSpace_files
+if [ -z "$OUTPUT_DIR" ]; then
+    OUTPUT_DIR=$SECURITY_SCANNER_HOME/GENUINE
+fi
 
-mvn clean package
+if [[ ! -d $REPO_DIR ]]; then
+    # Clone the repository and checkout a commit which builds
+    mkdir -p $REPO_DIR
+    cd $REPO_DIR
+    git clone https://github.com/DSpace/DSpace .
+    git checkout ed7d2980e264901bb60c63da183d620d49772f3e
 
-#  4. Set the install directory (variable dspace.dir) in dspace/target/dspace-installer/config/dspace.cfg to
-#     <this-dir>/DSpace/build.properties as above
+    # Reintroduce the XSS issue
+    patch -p1 < $FILES_DIR/introduce-xss-vulnerability.patch
 
-sed -i "[email protected] = /[email protected] = $REPO_DIR/__dist__@" dspace/target/dspace-installer/config/dspace.cfg
+    # Update 'dspace.install.dir'
+    echo dspace.install.dir=$DEPLOY_DIR >> build.properties
 
-#  5. Enter the directory '<this-dir>/DSpace/dspace/target/dspace-installer'
-#     and type the following commands:
-#        ant init_installation
-#        ant init_configs
-#        ant install_code
-#        ant copy_webapps
+    # Build and package
+    mvn clean package
 
-cd dspace/target/dspace-installer
-ant init_installation
-ant init_configs
-ant install_code
-ant copy_webapps
+    # Set the install directory (variable 'dspace.dir')
+    sed -i "[email protected] = /[email protected] = $DEPLOY_DIR@" dspace/target/dspace-installer/config/dspace.cfg
 
-### Finally, analyse it:
+    # install
+    cd dspace/target/dspace-installer
+    ant init_installation
+    ant init_configs
+    ant install_code
+    ant copy_webapps
+fi
 
+# Run security-analyser
 cd $SECURITY_SCANNER_HOME
 
-python3 $SCRIPT_WORKING_DIR/../../driver/run.py \
--C \
-$SCRIPT_WORKING_DIR/DSpace_rules.json \
--I \
-$REPO_DIR/__dist__/webapps/jspui \
--R \
-$SCRIPT_WORKING_DIR/DSpace-results \
--T \
-$SCRIPT_WORKING_DIR/DSpace-tmp \
---name \
-DSpace-jspui-BrowseServlet \
---verbosity \
-10 \
---use-models-library \
---use-apache-tomcat \
---use-spring-framework \
---dump-html-statistics \
---timeout \
-10000000 \
---entry-point \
-org.dspace.app.webui.servlet.BrowserServlet.doDSGet \
---do-not-use-precise-access-paths
+python3 $SCRIPT_DIR/../../driver/run.py \
+-C $SCRIPT_DIR/DSpace_rules.json \
+-I $DEPLOY_DIR/webapps/jspui \
+-R $OUTPUT_DIR/DSpace/results \
+-T $OUTPUT_DIR/DSpace/temp \
+--name DSpace-jspui-BrowseServlet \
+--use-models-library --use-apache-tomcat --use-spring-framework \
+--timeout 10000000 --verbosity 9 --rebuild \
+--do-not-use-precise-access-paths \
+--entry-point org.dspace.app.webui.servlet.BrowserServlet.doDSGet
@@ -1,46 +1,65 @@
 #!/usr/bin/env bash
 
 if [ -z "$SECURITY_SCANNER_HOME" ]; then
-    SECURITY_SCANNER_HOME=../../dist
-    if [ ! -d "$SECURITY_SCANNER_HOME" ]; then
-        echo "Need to set SECURITY_SCANNER_HOME to cmake directory"
-        exit 1
-    fi
-    echo "SECURITY_SCANNER_HOME set to path: $SECURITY_SCANNER_HOME"
+    echo "Need to set SECURITY_SCANNER_HOME to cmake directory"
+    exit 1
 fi
 
-if [[ ! -d "Ginco" ]]; then
-    mkdir Ginco
-    cd Ginco
+# Stop script if a command does not succeed
+set -e
 
-    git clone https://github.com/culturecommunication/ginco .
+SCRIPT_DIR="$( cd "$(dirname "$0")" ; pwd -P )"
+REPO_DIR=$SCRIPT_DIR/Ginco
+DEPLOY_DIR=$REPO_DIR/__dist__
+FILES_DIR=$SCRIPT_DIR/Ginco_files
+if [ -z "$OUTPUT_DIR" ]; then
+    OUTPUT_DIR=$SECURITY_SCANNER_HOME/GENUINE
+fi
 
-    # This is the commit where the XSS issue was fixed: 2fb5a070034deda25b2d50a98e9e6b42754e6425
-    # This is the subsequent commit mentioned in the README.txt file: fb937f67a78a1f01017cee3a12f4d79d325ec82f
-    # Nevertheless, we do not checkout any of them. We actually checkout
-    # latest 'master' branch on 2017-11-17 10:18:50.
+if [[ ! -d $REPO_DIR ]]; then
+    # Clone the repository and check out a commit which builds (master branch on
+    # 2017-11-17 10:18:50)
+    mkdir -p $REPO_DIR
+    cd $REPO_DIR
+    git clone https://github.com/culturecommunication/ginco .
     git checkout e5b62450f61f76feccd2c2d5bf8ed33d1e258d87
 
-    patch -p1 -f < ../Ginco_files/0001-Reverting-XSS-issue-and-adding-generation-of-jar.patch
+    # Reintroduce the XSS issue fixed in commit
+    # 2fb5a070034deda25b2d50a98e9e6b42754e6425
+    patch -p1 -f < $FILES_DIR/0001-Reverting-XSS-issue-and-adding-generation-of-jar.patch
 
+    # install
     mvn install -DskipTests
-    
-    # Now we create an artificial entry-point project and build it
-    cp -r ../Ginco_files/__MAIN__/ .
+
+    # Create an artificial entry-point project and build it
+    cp -r $FILES_DIR/__MAIN__/ .
     mkdir -p __MAIN__/src/main/java/org/cprover
     cp ../../LIBRARIES/models/model/src/main/java/org/cprover/* __MAIN__/src/main/java/org/cprover
     (cd __MAIN__ && mvn package)
 
-    # Finally, we deploy built binaries to the deplyment directory '__dist__'
-    mkdir -p __dist__/ginco-admin/{webapp,lib}
-    mkdir -p __dist__/ginco-webservices/webapp
-    cp __MAIN__/target/classes/Main.class __dist__/ginco-admin/webapp
+    # Finally, we deploy built binaries to the deployment directory
+    mkdir -p $DEPLOY_DIR/ginco-admin/webapp
+    mkdir -p $DEPLOY_DIR/ginco-admin/lib
+    mkdir -p $DEPLOY_DIR/ginco-webservices/webapp
+    cp __MAIN__/target/classes/Main.class $DEPLOY_DIR/ginco-admin/webapp
     cp __MAIN__/target/classes/SKOSImportService.class __dist__/ginco-admin/webapp
     cp ginco-admin/target/ginco-admin-classes.jar __dist__/ginco-admin/lib
     cp ginco-webservices/target/ginco-webservices.war __dist__/ginco-webservices/webapp
 
     cd ..
 fi
 
-(cd $SECURITY_SCANNER_HOME && python3 ../driver/run.py -C ../benchmarks/GENUINE/GincoRules.json -I ../benchmarks/GENUINE/Ginco/__dist__/ginco-admin/webapp -L ../benchmarks/GENUINE/Ginco/__dist__/ginco-admin/lib -R GENUINE/Ginco/RESULTS -T GENUINE/Ginco/TEMP --name Ginco --verbosity 9 --use-models-library --do-not-use-precise-access-paths --rebuild --timeout 10000000 --entry-point Main.main)
+# Run security-analyser
+cd $SECURITY_SCANNER_HOME
 
+python3 $SCRIPT_DIR/../../driver/run.py \
+-C $SCRIPT_DIR/GincoRules.json \
+-I $DEPLOY_DIR/ginco-admin/webapp \
+-L $DEPLOY_DIR/ginco-admin/lib \
+-R $OUTPUT_DIR/Ginco/results \
+-T $OUTPUT_DIR/Ginco/temp \
+--name Ginco \
+--use-models-library \
+--timeout 10000000 --verbosity 9 --rebuild \
+--do-not-use-precise-access-paths \
+--entry-point Main.main