Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

✨ Fortify: Support .fpr format #9590

Merged
merged 21 commits into from
Feb 28, 2024
Merged

✨ Fortify: Support .fpr format #9590

Show file tree
Hide file tree
Changes from 10 commits
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
e36c559
:sparkles: fpr format for fortify
manuel-sommer Feb 20, 2024
6cb3390
:construction: extract content of fdr
manuel-sommer Feb 20, 2024
f6c3723
extract audit.fvdl
manuel-sommer Feb 20, 2024
106001d
add unittests
manuel-sommer Feb 20, 2024
d9e7342
fix bug
manuel-sommer Feb 20, 2024
be94280
update fortify parser
manuel-sommer Feb 23, 2024
1cbc556
update fortify parser
manuel-sommer Feb 23, 2024
6b0c3dd
update fortify parser
manuel-sommer Feb 23, 2024
26acab4
fix unittests
manuel-sommer Feb 23, 2024
f67f762
flake8
manuel-sommer Feb 23, 2024
864fa52
implement severity
manuel-sommer Feb 26, 2024
1b369a3
:bug: fix
manuel-sommer Feb 26, 2024
6cdfdf6
add unittest for new severity
manuel-sommer Feb 26, 2024
8703234
flake8
manuel-sommer Feb 26, 2024
83e81fd
commit according to review
manuel-sommer Feb 26, 2024
206cf59
commit according to review
manuel-sommer Feb 26, 2024
d0adc96
update according to review
manuel-sommer Feb 26, 2024
8b3c6ea
update
manuel-sommer Feb 26, 2024
2735be8
update documentation
manuel-sommer Feb 26, 2024
32b25a1
remove docs file as it was moved
manuel-sommer Feb 26, 2024
89be53e
flake8
manuel-sommer Feb 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 3 additions & 2 deletions docs/content/en/integrations/parsers/file/fortify.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,8 @@
title: "Fortify"
toc_hide: true
---
Import Findings from XML file format.
You can either import the findings in .xml or in .fdr file format. </br>
manuel-sommer marked this conversation as resolved.
Show resolved Hide resolved
If you import a .fdr file, the parser will look for the file 'audit.fvdl' and analyze it. An extracted example can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/fortify/audit.fvdl).
manuel-sommer marked this conversation as resolved.
Show resolved Hide resolved

### Sample Scan Data
Sample Fortify scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/fortify).
Sample Fortify scans can be found [here](https://github.com/DefectDojo/django-DefectDojo/tree/master/unittests/scans/fortify).
55 changes: 53 additions & 2 deletions dojo/tools/fortify/parser.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import re
import logging

import zipfile
from defusedxml import ElementTree

from dojo.models import Finding

logger = logging.getLogger(__name__)
Expand All @@ -18,6 +18,12 @@ def get_description_for_scan_types(self, scan_type):
return "Import Findings from XML file format."
manuel-sommer marked this conversation as resolved.
Show resolved Hide resolved

def get_findings(self, filename, test):
if str(filename.name).endswith('.xml'):
return self.parse_xml(filename, test)
elif str(filename.name).endswith('.fpr'):
return self.parse_fpr(filename, test)

def parse_xml(self, filename, test):
fortify_scan = ElementTree.parse(filename)
root = fortify_scan.getroot()

Expand Down Expand Up @@ -114,6 +120,51 @@ def get_findings(self, filename, test):
dupes.add(title)
return items

def parse_fpr(self, filename, test):
if str(filename.__class__) == "<class '_io.TextIOWrapper'>":
input_zip = zipfile.ZipFile(filename.name, 'r')
else:
input_zip = zipfile.ZipFile(filename, 'r')
zipdata = {name: input_zip.read(name) for name in input_zip.namelist()}
root = ElementTree.fromstring(zipdata["audit.fvdl"].decode('utf-8'))
regex = r"{.*}"
matches = re.match(regex, root.tag)
try:
namespace = matches.group(0)
except BaseException:
namespace = ""
items = list()
for child in root:
if "Vulnerabilities" in child.tag:
for vuln in child:
ClassID = vuln.find(f"{namespace}ClassInfo").find(f"{namespace}ClassID").text
Kingdom = vuln.find(f"{namespace}ClassInfo").find(f"{namespace}Kingdom").text
Type = vuln.find(f"{namespace}ClassInfo").find(f"{namespace}Type").text
AnalyzerName = vuln.find(f"{namespace}ClassInfo").find(f"{namespace}AnalyzerName").text
DefaultSeverity = vuln.find(f"{namespace}ClassInfo").find(f"{namespace}DefaultSeverity").text
InstanceID = vuln.find(f"{namespace}InstanceInfo").find(f"{namespace}InstanceID").text
InstanceSeverity = vuln.find(f"{namespace}InstanceInfo").find(f"{namespace}InstanceSeverity").text
Confidence = vuln.find(f"{namespace}InstanceInfo").find(f"{namespace}Confidence").text
description = Type + "\n"
description += "**ClassID:** " + ClassID + "\n"
description += "**Kingdom:** " + Kingdom + "\n"
description += "**AnalyzerName:** " + AnalyzerName + "\n"
description += "**DefaultSeverity:** " + DefaultSeverity + "\n"
description += "**InstanceID:** " + InstanceID + "\n"
description += "**InstanceSeverity:** " + InstanceSeverity + "\n"
description += "**Confidence:** " + Confidence + "\n"
items.append(
manuel-sommer marked this conversation as resolved.
Show resolved Hide resolved
Finding(
title=Type + " " + ClassID,
severity="High",
static_finding=True,
test=test,
description=description,
unique_id_from_tool=ClassID,
)
)
return items
manuel-sommer marked this conversation as resolved.
Show resolved Hide resolved

def format_title(self, category, filename, line_no):
"""
Builds the title much like it is represented in Fortify
Expand Down
Loading
Loading