wangwei
/
jwebssh
forked from markchen/ssh-web
Not watched
1
1
Fork 11
Code
Releases 3 Wiki evaluate Activity
Issues 10010 Pull Requests 1 Datasets Model Cloudbrain

Compare commits

merge into: wangwei:master
wangwei:a1
wangwei:ansible
wangwei:docker
wangwei:interface
wangwei:master
wangwei:parallel
wangwei:wangwei-patch-1
wangwei10061:a1
wangwei10061:ansible
wangwei10061:docker
wangwei10061:interface
wangwei10061:master
wangwei10061:parallel
wangwei10061:wangwei-patch-1
markchen:master
...
pull from: wangwei10061:interface
wangwei10061:a1
wangwei10061:ansible
wangwei10061:docker
wangwei10061:interface
wangwei10061:master
wangwei10061:parallel
wangwei10061:wangwei-patch-1
wangwei:a1
wangwei:ansible
wangwei:docker
wangwei:interface
wangwei:master
wangwei:parallel
wangwei:wangwei-patch-1
markchen:master

13 Commits
master ... interface

Author SHA1 Message Date
  wangwei10061 c0dfc02e2e Merge pull request '测试流水线' (#1) from a1 into interface 1 year ago
  wangwei10061 8878dcbec8 update pipeline for interface branch 1 year ago
  wangwei10061 a5b5dab205 更新 'test.txt' 1 year ago
  wangwei10061 51d024d700 345 1 year ago
  wangwei10061 aa4f94ecda update pipeline for interface branch 1 year ago
  wangwei10061 2410dcce02 234 1 year ago
  wangwei10061 ae0f030f6c 111 1 year ago
  kyxt a6169c4467 update pipeline for interface branch 1 year ago
  wangwei10061 cfae13470c 上传文件至 'src/main/go-mod' 1 year ago
  wangwei10061 089a2de736 delete code 1 year ago
  wangwei10061 28aa9fdbcd bbb 1 year ago
  高级云脑研发工程师 828ca9bdfb update pipeline for interface branch 2 years ago
  lusiyi 78abd11740 添加License 2 years ago
49 changed files with 3056 additions and 9140 deletions
Split View
Diff Options
Show Stats
  1. +4
    -18
      .drone.yml
  2. +371
    -0
      License.txt
  3. +3
    -0
      a.java
  4. +0
    -199
      pom.xml
  5. +134
    -0
      src/main/go-mod/CWE122_Heap_Based_Buffer_Overflow__CWE131_loop_02.c
  6. +134
    -0
      src/main/go-mod/CWE122_Heap_Based_Buffer_Overflow__CWE131_loop_03.c
  7. +274
    -0
      src/main/go-mod/CWE124_Buffer_Underwrite__CWE839_connect_socket_01.c
  8. +428
    -0
      src/main/go-mod/CWE124_Buffer_Underwrite__CWE839_connect_socket_02.c
  9. +256
    -0
      src/main/go-mod/CWE126_Buffer_Overread__CWE129_connect_socket_01.c
  10. +398
    -0
      src/main/go-mod/CWE126_Buffer_Overread__CWE129_connect_socket_02.c
  11. +398
    -0
      src/main/go-mod/CWE126_Buffer_Overread__CWE129_connect_socket_03.c
  12. +256
    -0
      src/main/go-mod/CWE127_Buffer_Underread__CWE839_connect_socket_01.c
  13. +398
    -0
      src/main/go-mod/CWE127_Buffer_Underread__CWE839_connect_socket_02.c
  14. +0
    -25
      src/main/java/com/educoder/bridge/controller/BaseController.java
  15. +0
    -49
      src/main/java/com/educoder/bridge/controller/MainController.java
  16. +0
    -38
      src/main/java/com/educoder/bridge/handler/WebsshHandler.java
  17. +0
    -41
      src/main/java/com/educoder/bridge/model/SSHInfo.java
  18. +0
    -45
      src/main/java/com/educoder/bridge/model/SSHSession.java
  19. +0
    -261
      src/main/java/com/educoder/bridge/service/JchService.java
  20. +0
    -52
      src/main/java/com/educoder/bridge/utils/Base64Util.java
  21. +0
    -42
      src/main/resources/applicationContext.xml
  22. +0
    -47
      src/main/resources/logback.xml
  23. +0
    -34
      src/main/webapp/WEB-INF/mvc-dispatcher-servlet.xml
  24. +0
    -61
      src/main/webapp/WEB-INF/pages/index.ftl
  25. +0
    -63
      src/main/webapp/WEB-INF/web.xml
  26. +0
    -2
      src/main/webapp/index.html
  27. +0
    -53
      src/main/webapp/static/css/main.css
  28. +0
    -11
      src/main/webapp/static/css/pure-min.css
  29. +0
    -44
      src/main/webapp/static/css/reset.css
  30. +0
    -187
      src/main/webapp/static/css/style.css
  31. +0
    -34
      src/main/webapp/static/css/supersized.css
  32. +0
    -25
      src/main/webapp/static/css/tooltip.css
  33. +0
    -2273
      src/main/webapp/static/css/xterm.css
  34. BIN
      src/main/webapp/static/image/backgrounds/1.jpg
  35. BIN
      src/main/webapp/static/image/backgrounds/2.jpg
  36. BIN
      src/main/webapp/static/image/backgrounds/3.jpg
  37. BIN
      src/main/webapp/static/image/facebook.png
  38. BIN
      src/main/webapp/static/image/favicon.ico
  39. BIN
      src/main/webapp/static/image/progress.gif
  40. BIN
      src/main/webapp/static/image/twitter.png
  41. +0
    -103
      src/main/webapp/static/js/base64.js
  42. +0
    -234
      src/main/webapp/static/js/formvalid.js
  43. +0
    -5
      src/main/webapp/static/js/jquerymin.js
  44. +0
    -124
      src/main/webapp/static/js/main.js
  45. +0
    -30
      src/main/webapp/static/js/supersized-init.js
  46. +0
    -13
      src/main/webapp/static/js/supersized.3.2.7.min.js
  47. +0
    -67
      src/main/webapp/static/js/ws.js
  48. +0
    -4959
      src/main/webapp/static/js/xterm.js
  49. +2
    -1
      test.txt

+ 4
- 18
.drone.yml View File

@@ -1,14 +1,9 @@
kind: pipeline
type: docker
name: masterpipe
name: 1
platform:
os: linux
arch: arm64

volumes:
- name: cache
host:
path: /var/lib/cache
steps:
- name: maven
image: maven:3-jdk-10
@@ -17,16 +12,8 @@ steps:
path: /root/.m2
commands:
- mvn compile
- name: test
image: maven:3-jdk-10
volumes:
- name: cache
path: /root/.m2
commands:
- mvn test

- name: 远程主机部署
image: appleboy/drone-ssh
image: appleboy/drone-ssh:linux-arm64
settings:
host:
from_secret: ip
@@ -36,11 +23,10 @@ steps:
from_secret: pwd
port: 22
script:
- chmod +x /home/deploy.sh
- ./home/deploy.sh
- echo '模拟部署'
trigger:
branch:
- master
- interface
event:
- push
- pull_request

+ 371
- 0
License.txt View File

@@ -0,0 +1,371 @@
****** gSOAP Public License ******
**** Version 1.3a ****
The gSOAP public license is derived from the Mozilla Public License (MPL1.1).
The sections that were deleted from the original MPL1.1 text are 1.0.1, 2.1.
(c),(d), 2.2.(c),(d), 8.2.(b), 10, and 11. Section 3.8 was added. The modified
sections are 2.1.(b), 2.2.(b), 3.2 (simplified), 3.5 (deleted the last
sentence), and 3.6 (simplified).
***** 1 DEFINITIONS. *****
1.0.1.
1.1. "Contributor"
means each entity that creates or contributes to the creation of
Modifications.
1.2. "Contributor Version"
means the combination of the Original Code, prior Modifications used by a
Contributor, and the Modifications made by that particular Contributor.
1.3. "Covered Code"
means the Original Code, or Modifications or the combination of the
Original Code, and Modifications, in each case including portions
thereof.
1.4. "Electronic Distribution Mechanism"
means a mechanism generally accepted in the software development
community for the electronic transfer of data.
1.5. "Executable"
means Covered Code in any form other than Source Code.
1.6. "Initial Developer"
means the individual or entity identified as the Initial Developer in the
Source Code notice required by Exhibit A.
1.7. "Larger Work"
means a work which combines Covered Code or portions thereof with code
not governed by the terms of this License.
1.8. "License"
means this document.
1.8.1. "Licensable"
means having the right to grant, to the maximum extent possible, whether
at the time of the initial grant or subsequently acquired, any and all of
the rights conveyed herein.
1.9. "Modifications"
means any addition to or deletion from the substance or structure of
either the Original Code or any previous Modifications. When Covered Code
is released as a series of files, a Modification is:
A.
Any addition to or deletion from the contents of a file containing
Original Code or previous Modifications.
B.
Any new file that contains any part of the Original Code, or
previous Modifications.
1.10. "Original Code"
means Source Code of computer software code which is described in the
Source Code notice required by Exhibit A as Original Code, and which, at
the time of its release under this License is not already Covered Code
governed by this License.
1.10.1. "Patent Claims"
means any patent claim(s), now owned or hereafter acquired, including
without limitation, method, process, and apparatus claims, in any patent
Licensable by grantor.
1.11. "Source Code"
means the preferred form of the Covered Code for making modifications to
it, including all modules it contains, plus any associated interface
definition files, scripts used to control compilation and installation of
an Executable, or source code differential comparisons against either the
Original Code or another well known, available Covered Code of the
Contributor's choice. The Source Code can be in a compressed or archival
form, provided the appropriate decompression or de-archiving software is
widely available for no charge.
1.12. "You" (or "Your")
means an individual or a legal entity exercising rights under, and
complying with all of the terms of, this License or a future version of
this License issued under Section 6.1. For legal entities, "You" includes
any entity which controls, is controlled by, or is under common control
with You. For purposes of this definition, "control" means (a) the power,
direct or indirect, to cause the direction or management of such entity,
whether by contract or otherwise, or (b) ownership of more than fifty
percent (50%) of the outstanding shares or beneficial ownership of such
entity.
***** 2 SOURCE CODE LICENSE. *****
2.1. The Initial Developer Grant.
The Initial Developer hereby grants You a world-wide, royalty-free, non-
exclusive license, subject to third party intellectual property claims:
(a)
under intellectual property rights (other than patent or trademark)
Licensable by Initial Developer to use, reproduce, modify, display,
perform, sublicense and distribute the Original Code (or portions
thereof) with or without Modifications, and/or as part of a Larger
Work; and
(b)
under patents now or hereafter owned or controlled by Initial
Developer, to make, have made, use and sell ("offer to sell and
import") the Original Code, Modifications, or portions thereof, but
solely to the extent that any such patent is reasonably necessary
to enable You to utilize, alone or in combination with other
software, the Original Code, Modifications, or any combination or
portions thereof.
(c)
(d)
2.2. Contributor Grant.
Subject to third party intellectual property claims, each Contributor
hereby grants You a world-wide, royalty-free, non-exclusive license
(a)
under intellectual property rights (other than patent or trademark)
Licensable by Contributor, to use, reproduce, modify, display,
perform, sublicense and distribute the Modifications created by
such Contributor (or portions thereof) either on an unmodified
basis, with other Modifications, as Covered Code and/or as part of
a Larger Work; and
(b)
under patents now or hereafter owned or controlled by Contributor,
to make, have made, use and sell ("offer to sell and import") the
Contributor Version (or portions thereof), but solely to the extent
that any such patent is reasonably necessary to enable You to
utilize, alone or in combination with other software, the
Contributor Version (or portions thereof).
(c)
(d)
***** 3 DISTRIBUTION OBLIGATIONS. *****
3.1. Application of License.
The Modifications which You create or to which You contribute are
governed by the terms of this License, including without limitation
Section 2.2. The Source Code version of Covered Code may be distributed
only under the terms of this License or a future version of this License
released under Section 6.1, and You must include a copy of this License
with every copy of the Source Code You distribute. You may not offer or
impose any terms on any Source Code version that alters or restricts the
applicable version of this License or the recipients' rights hereunder.
However, You may include an additional document offering the additional
rights described in Section 3.5.
3.2. Availability of Source Code.
Any Modification created by You will be provided to the Initial Developer
in Source Code form and are subject to the terms of the License.
3.3. Description of Modifications.
You must cause all Covered Code to which You contribute to contain a file
documenting the changes You made to create that Covered Code and the date
of any change. You must include a prominent statement that the
Modification is derived, directly or indirectly, from Original Code
provided by the Initial Developer and including the name of the Initial
Developer in (a) the Source Code, and (b) in any notice in an Executable
version or related documentation in which You describe the origin or
ownership of the Covered Code.
3.4. Intellectual Property Matters.
(a) Third Party Claims.
If Contributor has knowledge that a license under a third party's
intellectual property rights is required to exercise the rights
granted by such Contributor under Sections 2.1 or 2.2, Contributor
must include a text file with the Source Code distribution titled
"LEGAL" which describes the claim and the party making the claim in
sufficient detail that a recipient will know whom to contact. If
Contributor obtains such knowledge after the Modification is made
available as described in Section 3.2, Contributor shall promptly
modify the LEGAL file in all copies Contributor makes available
thereafter and shall take other steps (such as notifying
appropriate mailing lists or newsgroups) reasonably calculated to
inform those who received the Covered Code that new knowledge has
been obtained.
(b) Contributor APIs.
If Contributor's Modifications include an application programming
interface and Contributor has knowledge of patent licenses which
are reasonably necessary to implement that API, Contributor must
also include this information in the LEGAL file.
(c) Representations.
Contributor represents that, except as disclosed pursuant to
Section 3.4(a) above, Contributor believes that Contributor's
Modifications are Contributor's original creation(s) and/or
Contributor has sufficient rights to grant the rights conveyed by
this License.
3.5. Required Notices.
You must duplicate the notice in Exhibit A in each file of the Source
Code. If it is not possible to put such notice in a particular Source
Code file due to its structure, then You must include such notice in a
location (such as a relevant directory) where a user would be likely to
look for such a notice. If You created one or more Modification(s) You
may add your name as a Contributor to the notice described in Exhibit A.
You must also duplicate this License in any documentation for the Source
Code where You describe recipients' rights or ownership rights relating
to Covered Code. You may choose to offer, and to charge a fee for,
warranty, support, indemnity or liability obligations to one or more
recipients of Covered Code. However, You may do so only on Your own
behalf, and not on behalf of the Initial Developer or any Contributor.
3.6. Distribution of Executable Versions.
You may distribute Covered Code in Executable form only if the
requirements of Section 3.1-3.5 have been met for that Covered Code. You
may distribute the Executable version of Covered Code or ownership rights
under a license of Your choice, which may contain terms different from
this License, provided that You are in compliance with the terms of this
License and that the license for the Executable version does not attempt
to limit or alter the recipient's rights in the Source Code version from
the rights set forth in this License. If You distribute the Executable
version under a different license You must make it absolutely clear that
any terms which differ from this License are offered by You alone, not by
the Initial Developer or any Contributor. If you distribute executable
versions containing Covered Code as part of a product, you must reproduce
the notice in Exhibit B in the documentation and/or other materials
provided with the product.
3.7. Larger Works.
You may create a Larger Work by combining Covered Code with other code
not governed by the terms of this License and distribute the Larger Work
as a single product. In such a case, You must make sure the requirements
of this License are fulfilled for the Covered Code.
3.8. Restrictions.
You may not remove any product identification, copyright, proprietary
notices or labels from gSOAP.
***** 4 INABILITY TO COMPLY DUE TO STATUTE OR REGULATION. *****
If it is impossible for You to comply with any of the terms of this License
with respect to some or all of the Covered Code due to statute, judicial order,
or regulation then You must: (a) comply with the terms of this License to the
maximum extent possible; and (b) describe the limitations and the code they
affect. Such description must be included in the LEGAL file described in
Section 3.4 and must be included with all distributions of the Source Code.
Except to the extent prohibited by statute or regulation, such description must
be sufficiently detailed for a recipient of ordinary skill to be able to
understand it.
***** 5 APPLICATION OF THIS LICENSE. *****
This License applies to code to which the Initial Developer has attached the
notice in Exhibit A and to related Covered Code.
***** 6 VERSIONS OF THE LICENSE. *****
6.1. New Versions.
Grantor may publish revised and/or new versions of the License from time
to time. Each version will be given a distinguishing version number.
6.2. Effect of New Versions.
Once Covered Code has been published under a particular version of the
License, You may always continue to use it under the terms of that
version. You may also choose to use such Covered Code under the terms of
any subsequent version of the License.
6.3. Derivative Works.
If You create or use a modified version of this License (which you may
only do in order to apply it to code which is not already Covered Code
governed by this License), You must (a) rename Your license so that the
phrase "gSOAP" or any confusingly similar phrase do not appear in your
license (except to note that your license differs from this License) and
(b) otherwise make it clear that Your version of the license contains
terms which differ from the gSOAP Public License. (Filling in the name of
the Initial Developer, Original Code or Contributor in the notice
described in Exhibit A shall not of themselves be deemed to be
modifications of this License.)
***** 7 DISCLAIMER OF WARRANTY. *****
COVERED CODE IS PROVIDED UNDER THIS LICENSE ON AN "AS IS" BASIS, WITHOUT
WARRANTY OF ANY KIND, WHETHER EXPRESS, IMPLIED OR STATUTORY, INCLUDING, WITHOUT
LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY, OF FITNESS FOR A
PARTICULAR PURPOSE, NONINFRINGEMENT OF THIRD PARTY INTELLECTUAL PROPERTY
RIGHTS, AND ANY WARRANTY THAT MAY ARISE BY REASON OF TRADE USAGE, CUSTOM, OR
COURSE OF DEALING. WITHOUT LIMITING THE FOREGOING, YOU ACKNOWLEDGE THAT THE
SOFTWARE IS PROVIDED "AS IS" AND THAT THE AUTHORS DO NOT WARRANT THE SOFTWARE
WILL RUN UNINTERRUPTED OR ERROR FREE. LIMITED LIABILITY THE ENTIRE RISK AS TO
RESULTS AND PERFORMANCE OF THE SOFTWARE IS ASSUMED BY YOU. UNDER NO
CIRCUMSTANCES WILL THE AUTHORS BE LIABLE FOR ANY SPECIAL, INDIRECT, INCIDENTAL,
EXEMPLARY OR CONSEQUENTIAL DAMAGES OF ANY KIND OR NATURE WHATSOEVER, WHETHER
BASED ON CONTRACT, WARRANTY, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR
OTHERWISE, ARISING OUT OF OR IN ANY WAY RELATED TO THE SOFTWARE, EVEN IF THE
AUTHORS HAVE BEEN ADVISED ON THE POSSIBILITY OF SUCH DAMAGE OR IF SUCH DAMAGE
COULD HAVE BEEN REASONABLY FORESEEN, AND NOTWITHSTANDING ANY FAILURE OF
ESSENTIAL PURPOSE OF ANY EXCLUSIVE REMEDY PROVIDED. SUCH LIMITATION ON DAMAGES
INCLUDES, BUT IS NOT LIMITED TO, DAMAGES FOR LOSS OF GOODWILL, LOST PROFITS,
LOSS OF DATA OR SOFTWARE, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION OR
IMPAIRMENT OF OTHER GOODS. IN NO EVENT WILL THE AUTHORS BE LIABLE FOR THE COSTS
OF PROCUREMENT OF SUBSTITUTE SOFTWARE OR SERVICES. YOU ACKNOWLEDGE THAT THIS
SOFTWARE IS NOT DESIGNED FOR USE IN ON-LINE EQUIPMENT IN HAZARDOUS ENVIRONMENTS
SUCH AS OPERATION OF NUCLEAR FACILITIES, AIRCRAFT NAVIGATION OR CONTROL, OR
LIFE-CRITICAL APPLICATIONS. THE AUTHORS EXPRESSLY DISCLAIM ANY LIABILITY
RESULTING FROM USE OF THE SOFTWARE IN ANY SUCH ON-LINE EQUIPMENT IN HAZARDOUS
ENVIRONMENTS AND ACCEPTS NO LIABILITY IN RESPECT OF ANY ACTIONS OR CLAIMS BASED
ON THE USE OF THE SOFTWARE IN ANY SUCH ON-LINE EQUIPMENT IN HAZARDOUS
ENVIRONMENTS BY YOU. FOR PURPOSES OF THIS PARAGRAPH, THE TERM "LIFE-CRITICAL
APPLICATION" MEANS AN APPLICATION IN WHICH THE FUNCTIONING OR MALFUNCTIONING OF
THE SOFTWARE MAY RESULT DIRECTLY OR INDIRECTLY IN PHYSICAL INJURY OR LOSS OF
HUMAN LIFE. THIS DISCLAIMER OF WARRANTY CONSTITUTES AN ESSENTIAL PART OF THIS
LICENSE. NO USE OF ANY COVERED CODE IS AUTHORIZED HEREUNDER EXCEPT UNDER THIS
DISCLAIMER.
***** 8 TERMINATION. *****
8.1.
This License and the rights granted hereunder will terminate
automatically if You fail to comply with terms herein and fail to cure
such breach within 30 days of becoming aware of the breach. All
sublicenses to the Covered Code which are properly granted shall survive
any termination of this License. Provisions which, by their nature, must
remain in effect beyond the termination of this License shall survive.
8.2.
8.3.
If You assert a patent infringement claim against Participant alleging
that such Participant's Contributor Version directly or indirectly
infringes any patent where such claim is resolved (such as by license or
settlement) prior to the initiation of patent infringement litigation,
then the reasonable value of the licenses granted by such Participant
under Sections 2.1 or 2.2 shall be taken into account in determining the
amount or value of any payment or license.
8.4.
In the event of termination under Sections 8.1 or 8.2 above, all end user
license agreements (excluding distributors and resellers) which have been
validly granted by You or any distributor hereunder prior to termination
shall survive termination.
***** 9 LIMITATION OF LIABILITY. *****
UNDER NO CIRCUMSTANCES AND UNDER NO LEGAL THEORY, WHETHER TORT (INCLUDING
NEGLIGENCE), CONTRACT, OR OTHERWISE, SHALL YOU, THE INITIAL DEVELOPER, ANY
OTHER CONTRIBUTOR, OR ANY DISTRIBUTOR OF COVERED CODE, OR ANY SUPPLIER OF ANY
OF SUCH PARTIES, BE LIABLE TO ANY PERSON FOR ANY INDIRECT, SPECIAL, INCIDENTAL,
OR CONSEQUENTIAL DAMAGES OF ANY CHARACTER INCLUDING, WITHOUT LIMITATION,
DAMAGES FOR LOSS OF GOODWILL, WORK STOPPAGE, COMPUTER FAILURE OR MALFUNCTION,
OR ANY AND ALL OTHER COMMERCIAL DAMAGES OR LOSSES, EVEN IF SUCH PARTY SHALL
HAVE BEEN INFORMED OF THE POSSIBILITY OF SUCH DAMAGES. THIS LIMITATION OF
LIABILITY SHALL NOT APPLY TO LIABILITY FOR DEATH OR PERSONAL INJURY RESULTING
FROM SUCH PARTY'S NEGLIGENCE TO THE EXTENT APPLICABLE LAW PROHIBITS SUCH
LIMITATION. SOME JURISDICTIONS DO NOT ALLOW THE EXCLUSION OR LIMITATION OF
INCIDENTAL OR CONSEQUENTIAL DAMAGES, SO THIS EXCLUSION AND LIMITATION MAY NOT
APPLY TO YOU.
***** 10 U.S. GOVERNMENT END USERS. *****
***** 11 MISCELLANEOUS. *****
***** 12 RESPONSIBILITY FOR CLAIMS. *****
As between Initial Developer and the Contributors, each party is responsible
for claims and damages arising, directly or indirectly, out of its utilization
of rights under this License and You agree to work with Initial Developer and
Contributors to distribute such responsibility on an equitable basis. Nothing
herein is intended or shall be deemed to constitute any admission of liability.
***** EXHIBIT A. *****
"The contents of this file are subject to the gSOAP Public License Version 1.3
(the "License"); you may not use this file except in compliance with the
License. You may obtain a copy of the License at
http://genivia.com/Products/gsoap/license.pdf
More information on licensing options, support contracts, and consulting can be
found at
http://genivia.com/Products/gsoap/contract.html
Software distributed under the License is distributed on an "AS IS" basis,
WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License for
the specific language governing rights and limitations under the License.
The Original Code of the gSOAP Software is: stdsoap.h, stdsoap2.h, stdsoap.c,
stdsoap2.c, stdsoap.cpp, stdsoap2.cpp, soapcpp2.h, soapcpp2.c, soapcpp2_lex.l,
soapcpp2_yacc.y, error2.h, error2.c, symbol2.c, init2.c, soapdoc2.html, and
soapdoc2.pdf, httpget.h, httpget.c, stl.h, stldeque.h, stllist.h, stlvector.h,
stlset.h.
The Initial Developer of the Original Code is Robert A. van Engelen. Portions
created by Robert A. van Engelen are Copyright (C) 2001-2004 Robert A. van
Engelen, Genivia inc. All Rights Reserved.
Contributor(s):
" ."
[Note: The text of this Exhibit A may differ slightly form the text of the
notices in the Source Code files of the Original code. You should use the text
of this Exhibit A rather than the text found in the Original Code Source Code
for Your Modifications.]
***** EXHIBIT B. *****
"Part of the software embedded in this product is gSOAP software.
Portions created by gSOAP are Copyright (C) 2001-2004 Robert A. van Engelen,
Genivia inc. All Rights Reserved.
THE SOFTWARE IN THIS PRODUCT WAS IN PART PROVIDED BY GENIVIA INC AND ANY
EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
ADVISED OF THE POSSIBILITY OF SUCH DAMAGE."

+ 3
- 0
a.java View File

@@ -0,0 +1,3 @@
//123
//234
// 345

+ 0
- 199
pom.xml View File

@@ -9,161 +9,11 @@
<url>http://maven.apache.org</url>
<properties>
<swagger2.version>2.6.1</swagger2.version>
<spring.version>4.3.6.RELEASE</spring.version>
<freemarker.version>2.3.25-incubating</freemarker.version>
<jsch.version>0.1.54</jsch.version>
<javax.version>7.0</javax.version>
<commons-lang.version>2.6</commons-lang.version>
<commons-io.version>2.4</commons-io.version>
<slf4j.version>1.7.21</slf4j.version>
<fastjson.version>1.2.20</fastjson.version>
<jackson.version>2.8.6</jackson.version>
<codec.version>1.10</codec.version>

<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>

<dependencies>
<dependency>
<groupId>org.freemarker</groupId>
<artifactId>freemarker</artifactId>
<version>${freemarker.version}</version>
</dependency>

<dependency>
<groupId>com.jcraft</groupId>
<artifactId>jsch</artifactId>
<version>${jsch.version}</version>
</dependency>

<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger2</artifactId>
<version>${swagger2.version}</version>
</dependency>
<dependency>
<groupId>io.springfox</groupId>
<artifactId>springfox-swagger-ui</artifactId>
<version>${swagger2.version}</version>
</dependency>

<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
</dependency>

<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-websocket</artifactId>
<version>${spring.version}</version>
</dependency>

<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>${spring.version}</version>
</dependency>

<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${spring.version}</version>
</dependency>

<dependency>
<groupId>javax</groupId>
<artifactId>javaee-api</artifactId>
<version>${javax.version}</version>
<scope>provided</scope>
</dependency>

<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
<version>${commons-lang.version}</version>
</dependency>

<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>${commons-io.version}</version>
</dependency>

<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
<scope>test</scope>
</dependency>

<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aop</artifactId>
<version>4.3.6.RELEASE</version>
</dependency>

<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjrt</artifactId>
<version>1.8.10</version>
</dependency>

<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aspects</artifactId>
<version>${spring.version}</version>
</dependency>

<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${spring.version}</version>
</dependency>

<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-classic</artifactId>
<version>1.2.3</version>
</dependency>
<dependency>
<groupId>org.logback-extensions</groupId>
<artifactId>logback-ext-spring</artifactId>
<version>0.1.4</version>
</dependency>

<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>${fastjson.version}</version>
</dependency>

<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>${codec.version}</version>
</dependency>

<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>${jackson.version}</version>
</dependency>
</dependencies>

<build>
<plugins>
@@ -176,55 +26,6 @@
</configuration>
</plugin>

<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-shade-plugin</artifactId>
<version>3.0.0</version>
<executions>
<execution>
<phase>package</phase>
<goals>
<goal>shade</goal>
</goals>
<configuration>
<dependencyReducedPomLocation>${project.build.directory}/dependency-reduced-pom.xml</dependencyReducedPomLocation>
<transformers>
<transformer implementation="org.apache.maven.plugins.shade.resource.AppendingTransformer">
<resource>META-INF/spring.handlers</resource>
</transformer>
<transformer implementation="org.apache.maven.plugins.shade.resource.AppendingTransformer">
<resource>META-INF/spring.schemas</resource>
</transformer>
</transformers>
<filters>
<filter>
<artifact>*:*</artifact>
<excludes>
<exclude>META-INF/*.SF</exclude>
<exclude>META-INF/*.DSA</exclude>
<exclude>META-INF/*.RSA</exclude>
</excludes>
</filter>
</filters>
</configuration>
</execution>
</executions>
</plugin>

<plugin>
<groupId>org.apache.tomcat.maven</groupId>
<artifactId>tomcat7-maven-plugin</artifactId>
<version>2.2</version>
<configuration>
<address>0.0.0.0</address>
<port>61020</port>
<path>/</path>
<uriEncoding>UTF-8</uriEncoding>
<finalName>webssh</finalName>
<server>tomcat7</server>
</configuration>
</plugin>

<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>


+ 134
- 0
src/main/go-mod/CWE122_Heap_Based_Buffer_Overflow__CWE131_loop_02.c View File

@@ -0,0 +1,134 @@
/* TEMPLATE GENERATED TESTCASE FILE
Filename: CWE122_Heap_Based_Buffer_Overflow__CWE131_loop_02.c
Label Definition File: CWE122_Heap_Based_Buffer_Overflow__CWE131.label.xml
Template File: sources-sink-02.tmpl.c
*/
/*
* @description
* CWE: 122 Heap Based Buffer Overflow
* BadSource: Allocate memory without using sizeof(int)
* GoodSource: Allocate memory using sizeof(int)
* Sink: loop
* BadSink : Copy array to data using a loop
* Flow Variant: 02 Control flow: if(1) and if(0)
*
* */
#include "std_testcase.h"
#ifndef OMITBAD
void CWE122_Heap_Based_Buffer_Overflow__CWE131_loop_02_bad()
{
int * data;
data = NULL;
if(1)
{
/* FLAW: Allocate memory without using sizeof(int) */
data = (int *)malloc(10);
if (data == NULL) {exit(-1);}
}
{
int source[10] = {0};
size_t i;
/* POTENTIAL FLAW: Possible buffer overflow if data was not allocated correctly in the source */
for (i = 0; i < 10; i++)
{
data[i] = source[i];
}
printIntLine(data[0]);
free(data);
}
}
#endif /* OMITBAD */
#ifndef OMITGOOD
/* goodG2B1() - use goodsource and badsink by changing the 1 to 0 */
static void goodG2B1()
{
int * data;
data = NULL;
if(0)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
/* FIX: Allocate memory using sizeof(int) */
data = (int *)malloc(10*sizeof(int));
if (data == NULL) {exit(-1);}
}
{
int source[10] = {0};
size_t i;
/* POTENTIAL FLAW: Possible buffer overflow if data was not allocated correctly in the source */
for (i = 0; i < 10; i++)
{
data[i] = source[i];
}
printIntLine(data[0]);
free(data);
}
}
/* goodG2B2() - use goodsource and badsink by reversing the blocks in the if statement */
static void goodG2B2()
{
int * data;
data = NULL;
if(1)
{
/* FIX: Allocate memory using sizeof(int) */
data = (int *)malloc(10*sizeof(int));
if (data == NULL) {exit(-1);}
}
{
int source[10] = {0};
size_t i;
/* POTENTIAL FLAW: Possible buffer overflow if data was not allocated correctly in the source */
for (i = 0; i < 10; i++)
{
data[i] = source[i];
}
printIntLine(data[0]);
free(data);
}
}
void CWE122_Heap_Based_Buffer_Overflow__CWE131_loop_02_good()
{
goodG2B1();
goodG2B2();
}
#endif /* OMITGOOD */
/* Below is the main(). It is only used when building this testcase on
* its own for testing or for building a binary to use in testing binary
* analysis tools. It is not used when compiling all the testcases as one
* application, which is how source code analysis tools are tested.
*/
#ifdef INCLUDEMAIN
int main(int argc, char * argv[])
{
/* seed randomness */
srand( (unsigned)time(NULL) );
#ifndef OMITGOOD
printLine("Calling good()...");
CWE122_Heap_Based_Buffer_Overflow__CWE131_loop_02_good();
printLine("Finished good()");
#endif /* OMITGOOD */
#ifndef OMITBAD
printLine("Calling bad()...");
CWE122_Heap_Based_Buffer_Overflow__CWE131_loop_02_bad();
printLine("Finished bad()");
#endif /* OMITBAD */
return 0;
}
#endif

+ 134
- 0
src/main/go-mod/CWE122_Heap_Based_Buffer_Overflow__CWE131_loop_03.c View File

@@ -0,0 +1,134 @@
/* TEMPLATE GENERATED TESTCASE FILE
Filename: CWE122_Heap_Based_Buffer_Overflow__CWE131_loop_03.c
Label Definition File: CWE122_Heap_Based_Buffer_Overflow__CWE131.label.xml
Template File: sources-sink-03.tmpl.c
*/
/*
* @description
* CWE: 122 Heap Based Buffer Overflow
* BadSource: Allocate memory without using sizeof(int)
* GoodSource: Allocate memory using sizeof(int)
* Sink: loop
* BadSink : Copy array to data using a loop
* Flow Variant: 03 Control flow: if(5==5) and if(5!=5)
*
* */
#include "std_testcase.h"
#ifndef OMITBAD
void CWE122_Heap_Based_Buffer_Overflow__CWE131_loop_03_bad()
{
int * data;
data = NULL;
if(5==5)
{
/* FLAW: Allocate memory without using sizeof(int) */
data = (int *)malloc(10);
if (data == NULL) {exit(-1);}
}
{
int source[10] = {0};
size_t i;
/* POTENTIAL FLAW: Possible buffer overflow if data was not allocated correctly in the source */
for (i = 0; i < 10; i++)
{
data[i] = source[i];
}
printIntLine(data[0]);
free(data);
}
}
#endif /* OMITBAD */
#ifndef OMITGOOD
/* goodG2B1() - use goodsource and badsink by changing the 5==5 to 5!=5 */
static void goodG2B1()
{
int * data;
data = NULL;
if(5!=5)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
/* FIX: Allocate memory using sizeof(int) */
data = (int *)malloc(10*sizeof(int));
if (data == NULL) {exit(-1);}
}
{
int source[10] = {0};
size_t i;
/* POTENTIAL FLAW: Possible buffer overflow if data was not allocated correctly in the source */
for (i = 0; i < 10; i++)
{
data[i] = source[i];
}
printIntLine(data[0]);
free(data);
}
}
/* goodG2B2() - use goodsource and badsink by reversing the blocks in the if statement */
static void goodG2B2()
{
int * data;
data = NULL;
if(5==5)
{
/* FIX: Allocate memory using sizeof(int) */
data = (int *)malloc(10*sizeof(int));
if (data == NULL) {exit(-1);}
}
{
int source[10] = {0};
size_t i;
/* POTENTIAL FLAW: Possible buffer overflow if data was not allocated correctly in the source */
for (i = 0; i < 10; i++)
{
data[i] = source[i];
}
printIntLine(data[0]);
free(data);
}
}
void CWE122_Heap_Based_Buffer_Overflow__CWE131_loop_03_good()
{
goodG2B1();
goodG2B2();
}
#endif /* OMITGOOD */
/* Below is the main(). It is only used when building this testcase on
* its own for testing or for building a binary to use in testing binary
* analysis tools. It is not used when compiling all the testcases as one
* application, which is how source code analysis tools are tested.
*/
#ifdef INCLUDEMAIN
int main(int argc, char * argv[])
{
/* seed randomness */
srand( (unsigned)time(NULL) );
#ifndef OMITGOOD
printLine("Calling good()...");
CWE122_Heap_Based_Buffer_Overflow__CWE131_loop_03_good();
printLine("Finished good()");
#endif /* OMITGOOD */
#ifndef OMITBAD
printLine("Calling bad()...");
CWE122_Heap_Based_Buffer_Overflow__CWE131_loop_03_bad();
printLine("Finished bad()");
#endif /* OMITBAD */
return 0;
}
#endif

+ 274
- 0
src/main/go-mod/CWE124_Buffer_Underwrite__CWE839_connect_socket_01.c View File

@@ -0,0 +1,274 @@
/* TEMPLATE GENERATED TESTCASE FILE
Filename: CWE124_Buffer_Underwrite__CWE839_connect_socket_01.c
Label Definition File: CWE124_Buffer_Underwrite__CWE839.label.xml
Template File: sources-sinks-01.tmpl.c
*/
/*
* @description
* CWE: 124 Buffer Underwrite
* BadSource: connect_socket Read data using a connect socket (client side)
* GoodSource: Non-negative but less than 10
* Sinks:
* GoodSink: Ensure the array index is valid
* BadSink : Improperly check the array index by not checking the lower bound
* Flow Variant: 01 Baseline
*
* */
#include "std_testcase.h"
#ifdef _WIN32
#include <winsock2.h>
#include <windows.h>
#include <direct.h>
#pragma comment(lib, "ws2_32") /* include ws2_32.lib when linking */
#define CLOSE_SOCKET closesocket
#else /* NOT _WIN32 */
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#define INVALID_SOCKET -1
#define SOCKET_ERROR -1
#define CLOSE_SOCKET close
#define SOCKET int
#endif
#define TCP_PORT 27015
#define IP_ADDRESS "127.0.0.1"
#define CHAR_ARRAY_SIZE (3 * sizeof(data) + 2)
#ifndef OMITBAD
void CWE124_Buffer_Underwrite__CWE839_connect_socket_01_bad()
{
int data;
/* Initialize data */
data = -1;
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
{
int i;
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access a negative index of the array
* This code does not check to see if the array index is negative */
if (data < 10)
{
buffer[data] = 1;
/* Print the array values */
for(i = 0; i < 10; i++)
{
printIntLine(buffer[i]);
}
}
else
{
printLine("ERROR: Array index is negative.");
}
}
}
#endif /* OMITBAD */
#ifndef OMITGOOD
/* goodG2B uses the GoodSource with the BadSink */
static void goodG2B()
{
int data;
/* Initialize data */
data = -1;
/* FIX: Use a value greater than 0, but less than 10 to avoid attempting to
* access an index of the array in the sink that is out-of-bounds */
data = 7;
{
int i;
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access a negative index of the array
* This code does not check to see if the array index is negative */
if (data < 10)
{
buffer[data] = 1;
/* Print the array values */
for(i = 0; i < 10; i++)
{
printIntLine(buffer[i]);
}
}
else
{
printLine("ERROR: Array index is negative.");
}
}
}
/* goodB2G uses the BadSource with the GoodSink */
static void goodB2G()
{
int data;
/* Initialize data */
data = -1;
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
{
int i;
int buffer[10] = { 0 };
/* FIX: Properly validate the array index and prevent a buffer underwrite */
if (data >= 0 && data < (10))
{
buffer[data] = 1;
/* Print the array values */
for(i = 0; i < 10; i++)
{
printIntLine(buffer[i]);
}
}
else
{
printLine("ERROR: Array index is out-of-bounds");
}
}
}
void CWE124_Buffer_Underwrite__CWE839_connect_socket_01_good()
{
goodG2B();
goodB2G();
}
#endif /* OMITGOOD */
/* Below is the main(). It is only used when building this testcase on
its own for testing or for building a binary to use in testing binary
analysis tools. It is not used when compiling all the testcases as one
application, which is how source code analysis tools are tested. */
#ifdef INCLUDEMAIN
int main(int argc, char * argv[])
{
/* seed randomness */
srand( (unsigned)time(NULL) );
#ifndef OMITGOOD
printLine("Calling good()...");
CWE124_Buffer_Underwrite__CWE839_connect_socket_01_good();
printLine("Finished good()");
#endif /* OMITGOOD */
#ifndef OMITBAD
printLine("Calling bad()...");
CWE124_Buffer_Underwrite__CWE839_connect_socket_01_bad();
printLine("Finished bad()");
#endif /* OMITBAD */
return 0;
}
#endif

+ 428
- 0
src/main/go-mod/CWE124_Buffer_Underwrite__CWE839_connect_socket_02.c View File

@@ -0,0 +1,428 @@
/* TEMPLATE GENERATED TESTCASE FILE
Filename: CWE124_Buffer_Underwrite__CWE839_connect_socket_02.c
Label Definition File: CWE124_Buffer_Underwrite__CWE839.label.xml
Template File: sources-sinks-02.tmpl.c
*/
/*
* @description
* CWE: 124 Buffer Underwrite
* BadSource: connect_socket Read data using a connect socket (client side)
* GoodSource: Non-negative but less than 10
* Sinks:
* GoodSink: Ensure the array index is valid
* BadSink : Improperly check the array index by not checking the lower bound
* Flow Variant: 02 Control flow: if(1) and if(0)
*
* */
#include "std_testcase.h"
#ifdef _WIN32
#include <winsock2.h>
#include <windows.h>
#include <direct.h>
#pragma comment(lib, "ws2_32") /* include ws2_32.lib when linking */
#define CLOSE_SOCKET closesocket
#else /* NOT _WIN32 */
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#define INVALID_SOCKET -1
#define SOCKET_ERROR -1
#define CLOSE_SOCKET close
#define SOCKET int
#endif
#define TCP_PORT 27015
#define IP_ADDRESS "127.0.0.1"
#define CHAR_ARRAY_SIZE (3 * sizeof(data) + 2)
#ifndef OMITBAD
void CWE124_Buffer_Underwrite__CWE839_connect_socket_02_bad()
{
int data;
/* Initialize data */
data = -1;
if(1)
{
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
}
if(1)
{
{
int i;
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access a negative index of the array
* This code does not check to see if the array index is negative */
if (data < 10)
{
buffer[data] = 1;
/* Print the array values */
for(i = 0; i < 10; i++)
{
printIntLine(buffer[i]);
}
}
else
{
printLine("ERROR: Array index is negative.");
}
}
}
}
#endif /* OMITBAD */
#ifndef OMITGOOD
/* goodB2G1() - use badsource and goodsink by changing the second 1 to 0 */
static void goodB2G1()
{
int data;
/* Initialize data */
data = -1;
if(1)
{
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
}
if(0)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
{
int i;
int buffer[10] = { 0 };
/* FIX: Properly validate the array index and prevent a buffer underwrite */
if (data >= 0 && data < (10))
{
buffer[data] = 1;
/* Print the array values */
for(i = 0; i < 10; i++)
{
printIntLine(buffer[i]);
}
}
else
{
printLine("ERROR: Array index is out-of-bounds");
}
}
}
}
/* goodB2G2() - use badsource and goodsink by reversing the blocks in the second if */
static void goodB2G2()
{
int data;
/* Initialize data */
data = -1;
if(1)
{
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
}
if(1)
{
{
int i;
int buffer[10] = { 0 };
/* FIX: Properly validate the array index and prevent a buffer underwrite */
if (data >= 0 && data < (10))
{
buffer[data] = 1;
/* Print the array values */
for(i = 0; i < 10; i++)
{
printIntLine(buffer[i]);
}
}
else
{
printLine("ERROR: Array index is out-of-bounds");
}
}
}
}
/* goodG2B1() - use goodsource and badsink by changing the first 1 to 0 */
static void goodG2B1()
{
int data;
/* Initialize data */
data = -1;
if(0)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
/* FIX: Use a value greater than 0, but less than 10 to avoid attempting to
* access an index of the array in the sink that is out-of-bounds */
data = 7;
}
if(1)
{
{
int i;
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access a negative index of the array
* This code does not check to see if the array index is negative */
if (data < 10)
{
buffer[data] = 1;
/* Print the array values */
for(i = 0; i < 10; i++)
{
printIntLine(buffer[i]);
}
}
else
{
printLine("ERROR: Array index is negative.");
}
}
}
}
/* goodG2B2() - use goodsource and badsink by reversing the blocks in the first if */
static void goodG2B2()
{
int data;
/* Initialize data */
data = -1;
if(1)
{
/* FIX: Use a value greater than 0, but less than 10 to avoid attempting to
* access an index of the array in the sink that is out-of-bounds */
data = 7;
}
if(1)
{
{
int i;
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access a negative index of the array
* This code does not check to see if the array index is negative */
if (data < 10)
{
buffer[data] = 1;
/* Print the array values */
for(i = 0; i < 10; i++)
{
printIntLine(buffer[i]);
}
}
else
{
printLine("ERROR: Array index is negative.");
}
}
}
}
void CWE124_Buffer_Underwrite__CWE839_connect_socket_02_good()
{
goodB2G1();
goodB2G2();
goodG2B1();
goodG2B2();
}
#endif /* OMITGOOD */
/* Below is the main(). It is only used when building this testcase on
its own for testing or for building a binary to use in testing binary
analysis tools. It is not used when compiling all the testcases as one
application, which is how source code analysis tools are tested. */
#ifdef INCLUDEMAIN
int main(int argc, char * argv[])
{
/* seed randomness */
srand( (unsigned)time(NULL) );
#ifndef OMITGOOD
printLine("Calling good()...");
CWE124_Buffer_Underwrite__CWE839_connect_socket_02_good();
printLine("Finished good()");
#endif /* OMITGOOD */
#ifndef OMITBAD
printLine("Calling bad()...");
CWE124_Buffer_Underwrite__CWE839_connect_socket_02_bad();
printLine("Finished bad()");
#endif /* OMITBAD */
return 0;
}
#endif

+ 256
- 0
src/main/go-mod/CWE126_Buffer_Overread__CWE129_connect_socket_01.c View File

@@ -0,0 +1,256 @@
/* TEMPLATE GENERATED TESTCASE FILE
Filename: CWE126_Buffer_Overread__CWE129_connect_socket_01.c
Label Definition File: CWE126_Buffer_Overread__CWE129.label.xml
Template File: sources-sinks-01.tmpl.c
*/
/*
* @description
* CWE: 126 Buffer Overread
* BadSource: connect_socket Read data using a connect socket (client side)
* GoodSource: Larger than zero but less than 10
* Sinks:
* GoodSink: Ensure the array index is valid
* BadSink : Improperly check the array index by not checking the upper bound
* Flow Variant: 01 Baseline
*
* */
#include "std_testcase.h"
#ifdef _WIN32
#include <winsock2.h>
#include <windows.h>
#include <direct.h>
#pragma comment(lib, "ws2_32") /* include ws2_32.lib when linking */
#define CLOSE_SOCKET closesocket
#else /* NOT _WIN32 */
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#define INVALID_SOCKET -1
#define SOCKET_ERROR -1
#define CLOSE_SOCKET close
#define SOCKET int
#endif
#define TCP_PORT 27015
#define IP_ADDRESS "127.0.0.1"
#define CHAR_ARRAY_SIZE (3 * sizeof(data) + 2)
#ifndef OMITBAD
void CWE126_Buffer_Overread__CWE129_connect_socket_01_bad()
{
int data;
/* Initialize data */
data = -1;
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
{
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access an index of the array that is above the upper bound
* This check does not check the upper bounds of the array index */
if (data >= 0)
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is negative");
}
}
}
#endif /* OMITBAD */
#ifndef OMITGOOD
/* goodG2B uses the GoodSource with the BadSink */
static void goodG2B()
{
int data;
/* Initialize data */
data = -1;
/* FIX: Use a value greater than 0, but less than 10 to avoid attempting to
* access an index of the array in the sink that is out-of-bounds */
data = 7;
{
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access an index of the array that is above the upper bound
* This check does not check the upper bounds of the array index */
if (data >= 0)
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is negative");
}
}
}
/* goodB2G uses the BadSource with the GoodSink */
static void goodB2G()
{
int data;
/* Initialize data */
data = -1;
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
{
int buffer[10] = { 0 };
/* FIX: Properly validate the array index and prevent a buffer overread */
if (data >= 0 && data < (10))
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is out-of-bounds");
}
}
}
void CWE126_Buffer_Overread__CWE129_connect_socket_01_good()
{
goodG2B();
goodB2G();
}
#endif /* OMITGOOD */
/* Below is the main(). It is only used when building this testcase on
its own for testing or for building a binary to use in testing binary
analysis tools. It is not used when compiling all the testcases as one
application, which is how source code analysis tools are tested. */
#ifdef INCLUDEMAIN
int main(int argc, char * argv[])
{
/* seed randomness */
srand( (unsigned)time(NULL) );
#ifndef OMITGOOD
printLine("Calling good()...");
CWE126_Buffer_Overread__CWE129_connect_socket_01_good();
printLine("Finished good()");
#endif /* OMITGOOD */
#ifndef OMITBAD
printLine("Calling bad()...");
CWE126_Buffer_Overread__CWE129_connect_socket_01_bad();
printLine("Finished bad()");
#endif /* OMITBAD */
return 0;
}
#endif

+ 398
- 0
src/main/go-mod/CWE126_Buffer_Overread__CWE129_connect_socket_02.c View File

@@ -0,0 +1,398 @@
/* TEMPLATE GENERATED TESTCASE FILE
Filename: CWE126_Buffer_Overread__CWE129_connect_socket_02.c
Label Definition File: CWE126_Buffer_Overread__CWE129.label.xml
Template File: sources-sinks-02.tmpl.c
*/
/*
* @description
* CWE: 126 Buffer Overread
* BadSource: connect_socket Read data using a connect socket (client side)
* GoodSource: Larger than zero but less than 10
* Sinks:
* GoodSink: Ensure the array index is valid
* BadSink : Improperly check the array index by not checking the upper bound
* Flow Variant: 02 Control flow: if(1) and if(0)
*
* */
#include "std_testcase.h"
#ifdef _WIN32
#include <winsock2.h>
#include <windows.h>
#include <direct.h>
#pragma comment(lib, "ws2_32") /* include ws2_32.lib when linking */
#define CLOSE_SOCKET closesocket
#else /* NOT _WIN32 */
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#define INVALID_SOCKET -1
#define SOCKET_ERROR -1
#define CLOSE_SOCKET close
#define SOCKET int
#endif
#define TCP_PORT 27015
#define IP_ADDRESS "127.0.0.1"
#define CHAR_ARRAY_SIZE (3 * sizeof(data) + 2)
#ifndef OMITBAD
void CWE126_Buffer_Overread__CWE129_connect_socket_02_bad()
{
int data;
/* Initialize data */
data = -1;
if(1)
{
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
}
if(1)
{
{
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access an index of the array that is above the upper bound
* This check does not check the upper bounds of the array index */
if (data >= 0)
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is negative");
}
}
}
}
#endif /* OMITBAD */
#ifndef OMITGOOD
/* goodB2G1() - use badsource and goodsink by changing the second 1 to 0 */
static void goodB2G1()
{
int data;
/* Initialize data */
data = -1;
if(1)
{
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
}
if(0)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
{
int buffer[10] = { 0 };
/* FIX: Properly validate the array index and prevent a buffer overread */
if (data >= 0 && data < (10))
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is out-of-bounds");
}
}
}
}
/* goodB2G2() - use badsource and goodsink by reversing the blocks in the second if */
static void goodB2G2()
{
int data;
/* Initialize data */
data = -1;
if(1)
{
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
}
if(1)
{
{
int buffer[10] = { 0 };
/* FIX: Properly validate the array index and prevent a buffer overread */
if (data >= 0 && data < (10))
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is out-of-bounds");
}
}
}
}
/* goodG2B1() - use goodsource and badsink by changing the first 1 to 0 */
static void goodG2B1()
{
int data;
/* Initialize data */
data = -1;
if(0)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
/* FIX: Use a value greater than 0, but less than 10 to avoid attempting to
* access an index of the array in the sink that is out-of-bounds */
data = 7;
}
if(1)
{
{
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access an index of the array that is above the upper bound
* This check does not check the upper bounds of the array index */
if (data >= 0)
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is negative");
}
}
}
}
/* goodG2B2() - use goodsource and badsink by reversing the blocks in the first if */
static void goodG2B2()
{
int data;
/* Initialize data */
data = -1;
if(1)
{
/* FIX: Use a value greater than 0, but less than 10 to avoid attempting to
* access an index of the array in the sink that is out-of-bounds */
data = 7;
}
if(1)
{
{
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access an index of the array that is above the upper bound
* This check does not check the upper bounds of the array index */
if (data >= 0)
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is negative");
}
}
}
}
void CWE126_Buffer_Overread__CWE129_connect_socket_02_good()
{
goodB2G1();
goodB2G2();
goodG2B1();
goodG2B2();
}
#endif /* OMITGOOD */
/* Below is the main(). It is only used when building this testcase on
its own for testing or for building a binary to use in testing binary
analysis tools. It is not used when compiling all the testcases as one
application, which is how source code analysis tools are tested. */
#ifdef INCLUDEMAIN
int main(int argc, char * argv[])
{
/* seed randomness */
srand( (unsigned)time(NULL) );
#ifndef OMITGOOD
printLine("Calling good()...");
CWE126_Buffer_Overread__CWE129_connect_socket_02_good();
printLine("Finished good()");
#endif /* OMITGOOD */
#ifndef OMITBAD
printLine("Calling bad()...");
CWE126_Buffer_Overread__CWE129_connect_socket_02_bad();
printLine("Finished bad()");
#endif /* OMITBAD */
return 0;
}
#endif

+ 398
- 0
src/main/go-mod/CWE126_Buffer_Overread__CWE129_connect_socket_03.c View File

@@ -0,0 +1,398 @@
/* TEMPLATE GENERATED TESTCASE FILE
Filename: CWE126_Buffer_Overread__CWE129_connect_socket_03.c
Label Definition File: CWE126_Buffer_Overread__CWE129.label.xml
Template File: sources-sinks-03.tmpl.c
*/
/*
* @description
* CWE: 126 Buffer Overread
* BadSource: connect_socket Read data using a connect socket (client side)
* GoodSource: Larger than zero but less than 10
* Sinks:
* GoodSink: Ensure the array index is valid
* BadSink : Improperly check the array index by not checking the upper bound
* Flow Variant: 03 Control flow: if(5==5) and if(5!=5)
*
* */
#include "std_testcase.h"
#ifdef _WIN32
#include <winsock2.h>
#include <windows.h>
#include <direct.h>
#pragma comment(lib, "ws2_32") /* include ws2_32.lib when linking */
#define CLOSE_SOCKET closesocket
#else /* NOT _WIN32 */
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#define INVALID_SOCKET -1
#define SOCKET_ERROR -1
#define CLOSE_SOCKET close
#define SOCKET int
#endif
#define TCP_PORT 27015
#define IP_ADDRESS "127.0.0.1"
#define CHAR_ARRAY_SIZE (3 * sizeof(data) + 2)
#ifndef OMITBAD
void CWE126_Buffer_Overread__CWE129_connect_socket_03_bad()
{
int data;
/* Initialize data */
data = -1;
if(5==5)
{
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
}
if(5==5)
{
{
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access an index of the array that is above the upper bound
* This check does not check the upper bounds of the array index */
if (data >= 0)
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is negative");
}
}
}
}
#endif /* OMITBAD */
#ifndef OMITGOOD
/* goodB2G1() - use badsource and goodsink by changing the second 5==5 to 5!=5 */
static void goodB2G1()
{
int data;
/* Initialize data */
data = -1;
if(5==5)
{
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
}
if(5!=5)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
{
int buffer[10] = { 0 };
/* FIX: Properly validate the array index and prevent a buffer overread */
if (data >= 0 && data < (10))
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is out-of-bounds");
}
}
}
}
/* goodB2G2() - use badsource and goodsink by reversing the blocks in the second if */
static void goodB2G2()
{
int data;
/* Initialize data */
data = -1;
if(5==5)
{
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
}
if(5==5)
{
{
int buffer[10] = { 0 };
/* FIX: Properly validate the array index and prevent a buffer overread */
if (data >= 0 && data < (10))
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is out-of-bounds");
}
}
}
}
/* goodG2B1() - use goodsource and badsink by changing the first 5==5 to 5!=5 */
static void goodG2B1()
{
int data;
/* Initialize data */
data = -1;
if(5!=5)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
/* FIX: Use a value greater than 0, but less than 10 to avoid attempting to
* access an index of the array in the sink that is out-of-bounds */
data = 7;
}
if(5==5)
{
{
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access an index of the array that is above the upper bound
* This check does not check the upper bounds of the array index */
if (data >= 0)
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is negative");
}
}
}
}
/* goodG2B2() - use goodsource and badsink by reversing the blocks in the first if */
static void goodG2B2()
{
int data;
/* Initialize data */
data = -1;
if(5==5)
{
/* FIX: Use a value greater than 0, but less than 10 to avoid attempting to
* access an index of the array in the sink that is out-of-bounds */
data = 7;
}
if(5==5)
{
{
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access an index of the array that is above the upper bound
* This check does not check the upper bounds of the array index */
if (data >= 0)
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is negative");
}
}
}
}
void CWE126_Buffer_Overread__CWE129_connect_socket_03_good()
{
goodB2G1();
goodB2G2();
goodG2B1();
goodG2B2();
}
#endif /* OMITGOOD */
/* Below is the main(). It is only used when building this testcase on
its own for testing or for building a binary to use in testing binary
analysis tools. It is not used when compiling all the testcases as one
application, which is how source code analysis tools are tested. */
#ifdef INCLUDEMAIN
int main(int argc, char * argv[])
{
/* seed randomness */
srand( (unsigned)time(NULL) );
#ifndef OMITGOOD
printLine("Calling good()...");
CWE126_Buffer_Overread__CWE129_connect_socket_03_good();
printLine("Finished good()");
#endif /* OMITGOOD */
#ifndef OMITBAD
printLine("Calling bad()...");
CWE126_Buffer_Overread__CWE129_connect_socket_03_bad();
printLine("Finished bad()");
#endif /* OMITBAD */
return 0;
}
#endif

+ 256
- 0
src/main/go-mod/CWE127_Buffer_Underread__CWE839_connect_socket_01.c View File

@@ -0,0 +1,256 @@
/* TEMPLATE GENERATED TESTCASE FILE
Filename: CWE127_Buffer_Underread__CWE839_connect_socket_01.c
Label Definition File: CWE127_Buffer_Underread__CWE839.label.xml
Template File: sources-sinks-01.tmpl.c
*/
/*
* @description
* CWE: 127 Buffer Underread
* BadSource: connect_socket Read data using a connect socket (client side)
* GoodSource: Non-negative but less than 10
* Sinks:
* GoodSink: Ensure the array index is valid
* BadSink : Improperly check the array index by not checking to see if the value is negative
* Flow Variant: 01 Baseline
*
* */
#include "std_testcase.h"
#ifdef _WIN32
#include <winsock2.h>
#include <windows.h>
#include <direct.h>
#pragma comment(lib, "ws2_32") /* include ws2_32.lib when linking */
#define CLOSE_SOCKET closesocket
#else /* NOT _WIN32 */
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#define INVALID_SOCKET -1
#define SOCKET_ERROR -1
#define CLOSE_SOCKET close
#define SOCKET int
#endif
#define TCP_PORT 27015
#define IP_ADDRESS "127.0.0.1"
#define CHAR_ARRAY_SIZE (3 * sizeof(data) + 2)
#ifndef OMITBAD
void CWE127_Buffer_Underread__CWE839_connect_socket_01_bad()
{
int data;
/* Initialize data */
data = -1;
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
{
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access a negative index of the array
* This check does not check to see if the array index is negative */
if (data < 10)
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is too big.");
}
}
}
#endif /* OMITBAD */
#ifndef OMITGOOD
/* goodG2B uses the GoodSource with the BadSink */
static void goodG2B()
{
int data;
/* Initialize data */
data = -1;
/* FIX: Use a value greater than 0, but less than 10 to avoid attempting to
* access an index of the array in the sink that is out-of-bounds */
data = 7;
{
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access a negative index of the array
* This check does not check to see if the array index is negative */
if (data < 10)
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is too big.");
}
}
}
/* goodB2G uses the BadSource with the GoodSink */
static void goodB2G()
{
int data;
/* Initialize data */
data = -1;
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
{
int buffer[10] = { 0 };
/* FIX: Properly validate the array index and prevent a buffer underread */
if (data >= 0 && data < (10))
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is out-of-bounds");
}
}
}
void CWE127_Buffer_Underread__CWE839_connect_socket_01_good()
{
goodG2B();
goodB2G();
}
#endif /* OMITGOOD */
/* Below is the main(). It is only used when building this testcase on
its own for testing or for building a binary to use in testing binary
analysis tools. It is not used when compiling all the testcases as one
application, which is how source code analysis tools are tested. */
#ifdef INCLUDEMAIN
int main(int argc, char * argv[])
{
/* seed randomness */
srand( (unsigned)time(NULL) );
#ifndef OMITGOOD
printLine("Calling good()...");
CWE127_Buffer_Underread__CWE839_connect_socket_01_good();
printLine("Finished good()");
#endif /* OMITGOOD */
#ifndef OMITBAD
printLine("Calling bad()...");
CWE127_Buffer_Underread__CWE839_connect_socket_01_bad();
printLine("Finished bad()");
#endif /* OMITBAD */
return 0;
}
#endif

+ 398
- 0
src/main/go-mod/CWE127_Buffer_Underread__CWE839_connect_socket_02.c View File

@@ -0,0 +1,398 @@
/* TEMPLATE GENERATED TESTCASE FILE
Filename: CWE127_Buffer_Underread__CWE839_connect_socket_02.c
Label Definition File: CWE127_Buffer_Underread__CWE839.label.xml
Template File: sources-sinks-02.tmpl.c
*/
/*
* @description
* CWE: 127 Buffer Underread
* BadSource: connect_socket Read data using a connect socket (client side)
* GoodSource: Non-negative but less than 10
* Sinks:
* GoodSink: Ensure the array index is valid
* BadSink : Improperly check the array index by not checking to see if the value is negative
* Flow Variant: 02 Control flow: if(1) and if(0)
*
* */
#include "std_testcase.h"
#ifdef _WIN32
#include <winsock2.h>
#include <windows.h>
#include <direct.h>
#pragma comment(lib, "ws2_32") /* include ws2_32.lib when linking */
#define CLOSE_SOCKET closesocket
#else /* NOT _WIN32 */
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <unistd.h>
#define INVALID_SOCKET -1
#define SOCKET_ERROR -1
#define CLOSE_SOCKET close
#define SOCKET int
#endif
#define TCP_PORT 27015
#define IP_ADDRESS "127.0.0.1"
#define CHAR_ARRAY_SIZE (3 * sizeof(data) + 2)
#ifndef OMITBAD
void CWE127_Buffer_Underread__CWE839_connect_socket_02_bad()
{
int data;
/* Initialize data */
data = -1;
if(1)
{
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
}
if(1)
{
{
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access a negative index of the array
* This check does not check to see if the array index is negative */
if (data < 10)
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is too big.");
}
}
}
}
#endif /* OMITBAD */
#ifndef OMITGOOD
/* goodB2G1() - use badsource and goodsink by changing the second 1 to 0 */
static void goodB2G1()
{
int data;
/* Initialize data */
data = -1;
if(1)
{
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
}
if(0)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
{
int buffer[10] = { 0 };
/* FIX: Properly validate the array index and prevent a buffer underread */
if (data >= 0 && data < (10))
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is out-of-bounds");
}
}
}
}
/* goodB2G2() - use badsource and goodsink by reversing the blocks in the second if */
static void goodB2G2()
{
int data;
/* Initialize data */
data = -1;
if(1)
{
{
#ifdef _WIN32
WSADATA wsaData;
int wsaDataInit = 0;
#endif
int recvResult;
struct sockaddr_in service;
SOCKET connectSocket = INVALID_SOCKET;
char inputBuffer[CHAR_ARRAY_SIZE];
do
{
#ifdef _WIN32
if (WSAStartup(MAKEWORD(2,2), &wsaData) != NO_ERROR)
{
break;
}
wsaDataInit = 1;
#endif
/* POTENTIAL FLAW: Read data using a connect socket */
connectSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (connectSocket == INVALID_SOCKET)
{
break;
}
memset(&service, 0, sizeof(service));
service.sin_family = AF_INET;
service.sin_addr.s_addr = inet_addr(IP_ADDRESS);
service.sin_port = htons(TCP_PORT);
if (connect(connectSocket, (struct sockaddr*)&service, sizeof(service)) == SOCKET_ERROR)
{
break;
}
/* Abort on error or the connection was closed, make sure to recv one
* less char than is in the recv_buf in order to append a terminator */
recvResult = recv(connectSocket, inputBuffer, CHAR_ARRAY_SIZE - 1, 0);
if (recvResult == SOCKET_ERROR || recvResult == 0)
{
break;
}
/* NUL-terminate the string */
inputBuffer[recvResult] = '\0';
/* Convert to int */
data = atoi(inputBuffer);
}
while (0);
if (connectSocket != INVALID_SOCKET)
{
CLOSE_SOCKET(connectSocket);
}
#ifdef _WIN32
if (wsaDataInit)
{
WSACleanup();
}
#endif
}
}
if(1)
{
{
int buffer[10] = { 0 };
/* FIX: Properly validate the array index and prevent a buffer underread */
if (data >= 0 && data < (10))
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is out-of-bounds");
}
}
}
}
/* goodG2B1() - use goodsource and badsink by changing the first 1 to 0 */
static void goodG2B1()
{
int data;
/* Initialize data */
data = -1;
if(0)
{
/* INCIDENTAL: CWE 561 Dead Code, the code below will never run */
printLine("Benign, fixed string");
}
else
{
/* FIX: Use a value greater than 0, but less than 10 to avoid attempting to
* access an index of the array in the sink that is out-of-bounds */
data = 7;
}
if(1)
{
{
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access a negative index of the array
* This check does not check to see if the array index is negative */
if (data < 10)
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is too big.");
}
}
}
}
/* goodG2B2() - use goodsource and badsink by reversing the blocks in the first if */
static void goodG2B2()
{
int data;
/* Initialize data */
data = -1;
if(1)
{
/* FIX: Use a value greater than 0, but less than 10 to avoid attempting to
* access an index of the array in the sink that is out-of-bounds */
data = 7;
}
if(1)
{
{
int buffer[10] = { 0 };
/* POTENTIAL FLAW: Attempt to access a negative index of the array
* This check does not check to see if the array index is negative */
if (data < 10)
{
printIntLine(buffer[data]);
}
else
{
printLine("ERROR: Array index is too big.");
}
}
}
}
void CWE127_Buffer_Underread__CWE839_connect_socket_02_good()
{
goodB2G1();
goodB2G2();
goodG2B1();
goodG2B2();
}
#endif /* OMITGOOD */
/* Below is the main(). It is only used when building this testcase on
its own for testing or for building a binary to use in testing binary
analysis tools. It is not used when compiling all the testcases as one
application, which is how source code analysis tools are tested. */
#ifdef INCLUDEMAIN
int main(int argc, char * argv[])
{
/* seed randomness */
srand( (unsigned)time(NULL) );
#ifndef OMITGOOD
printLine("Calling good()...");
CWE127_Buffer_Underread__CWE839_connect_socket_02_good();
printLine("Finished good()");
#endif /* OMITGOOD */
#ifndef OMITBAD
printLine("Calling bad()...");
CWE127_Buffer_Underread__CWE839_connect_socket_02_bad();
printLine("Finished bad()");
#endif /* OMITBAD */
return 0;
}
#endif

+ 0
- 25
src/main/java/com/educoder/bridge/controller/BaseController.java View File

@@ -1,25 +0,0 @@
package com.educoder.bridge.controller;

import org.springframework.web.bind.annotation.ModelAttribute;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;


/**
* @author lqk
* @version 0.1
*/
public class BaseController {
protected HttpServletRequest request;
protected HttpServletResponse response;
protected HttpSession session;

@ModelAttribute
public void setReqAndRes(HttpServletRequest request, HttpServletResponse response) {
this.request = request;
this.response = response;
this.session = request.getSession();
}
}

+ 0
- 49
src/main/java/com/educoder/bridge/controller/MainController.java View File

@@ -1,49 +0,0 @@
package com.educoder.bridge.controller;

import io.swagger.annotations.Api;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.servlet.ModelAndView;

/**
* @author guange
*
* @date 2017/08/02
*/

@Api(value = "提供webssh连接", hidden = true)
@RestController
public class MainController extends BaseController {
private final static Logger logger = LoggerFactory.getLogger(MainController.class);
//
// @RequestMapping(value={"/"}, method= RequestMethod.GET)
// public ModelAndView index(@RequestParam("host")String host,
// @RequestParam("port")int port,
// @RequestParam("username")String username,
// @RequestParam("password")String password,
// @RequestParam("rows")int rows) {
// logger.debug("/ssh: 接收到连接请求, host: {}, port: {}", host, port);
// ModelAndView mv = new ModelAndView();
// mv.setViewName("index");
// mv.addObject("host", host);
// mv.addObject("port", port);
// mv.addObject("username", username);
// mv.addObject("password", password);
// mv.addObject("rows", rows);
// mv.addObject("digest", System.currentTimeMillis());
// return mv;
// }

@RequestMapping(value={"/"}, method= RequestMethod.GET)
public ModelAndView index() {
ModelAndView mv = new ModelAndView();
mv.setViewName("index");
mv.addObject("digest", System.currentTimeMillis());
return mv;
}

}

+ 0
- 38
src/main/java/com/educoder/bridge/handler/WebsshHandler.java View File

@@ -1,38 +0,0 @@
package com.educoder.bridge.handler;

import com.educoder.bridge.service.JchService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.socket.CloseStatus;
import org.springframework.web.socket.TextMessage;
import org.springframework.web.socket.WebSocketSession;
import org.springframework.web.socket.handler.TextWebSocketHandler;

public class WebsshHandler extends TextWebSocketHandler {

@Autowired
JchService jchService;

@Override
public void afterConnectionEstablished(WebSocketSession wsSession) throws Exception {
super.afterConnectionEstablished(wsSession);
jchService.add(wsSession);
}

/**
* 重写handleTextMessage方法,用于处理从websocket接收到的信息
*/
@Override
protected void handleTextMessage(WebSocketSession wsSession, TextMessage message) throws Exception {
jchService.recv(message.getPayload(), wsSession);
super.handleTextMessage(wsSession, message);
}


@Override
public void afterConnectionClosed(WebSocketSession wsSession, CloseStatus status) throws Exception {
super.afterConnectionClosed(wsSession, status);
jchService.closeByWebSocket(wsSession);
}
}

+ 0
- 41
src/main/java/com/educoder/bridge/model/SSHInfo.java View File

@@ -1,41 +0,0 @@
package com.educoder.bridge.model;

public class SSHInfo {
private String host;
private String port;
private String username;
private String password;

public void setHost(String host) {
this.host = host;
}

public void setPort(String port) {
this.port = port;
}

public void setUsername(String username) {
this.username = username;
}

public void setPassword(String password) {
this.password = password;
}

public String getHost() {
return host;
}

public int getPort() {
return Integer.parseInt(port);
}

public String getUsername() {
return username;
}

public String getPassword() {
return password;
}

}

+ 0
- 45
src/main/java/com/educoder/bridge/model/SSHSession.java View File

@@ -1,45 +0,0 @@
package com.educoder.bridge.model;

import com.jcraft.jsch.ChannelShell;
import org.springframework.web.socket.WebSocketSession;

import java.io.OutputStream;

public class SSHSession {
private WebSocketSession webSocketSession;
private OutputStream outputStream;
private ChannelShell channel;
private SSHInfo SSHInfo;

public SSHInfo getSSHInfo() {
return SSHInfo;
}

public void setSSHInfo(SSHInfo SSHInfo) {
this.SSHInfo = SSHInfo;
}

public ChannelShell getChannel() {
return channel;
}

public void setChannel(ChannelShell channel) {
this.channel = channel;
}

public WebSocketSession getWebSocketSession() {
return webSocketSession;
}

public void setWebSocketSession(WebSocketSession webSocketSession) {
this.webSocketSession = webSocketSession;
}

public OutputStream getOutputStream() {
return outputStream;
}

public void setOutputStream(OutputStream outputStream) {
this.outputStream = outputStream;
}
}

+ 0
- 261
src/main/java/com/educoder/bridge/service/JchService.java View File

@@ -1,261 +0,0 @@
package com.educoder.bridge.service;

import com.alibaba.fastjson.JSONObject;
import com.educoder.bridge.model.SSHInfo;
import com.educoder.bridge.model.SSHSession;
import com.educoder.bridge.utils.Base64Util;
import com.jcraft.jsch.ChannelShell;
import com.jcraft.jsch.JSch;
import com.jcraft.jsch.Session;
import com.jcraft.jsch.UserInfo;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import org.springframework.web.socket.TextMessage;
import org.springframework.web.socket.WebSocketSession;

import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.util.Arrays;
import java.util.List;
import java.util.Optional;
import java.util.concurrent.CopyOnWriteArrayList;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;

@Service
public class JchService {

private static List<SSHSession> sshSessionQueue = new CopyOnWriteArrayList<>();
private ExecutorService executorService = Executors.newCachedThreadPool();
private Logger logger = LoggerFactory.getLogger(getClass());

com.jcraft.jsch.Logger jschLogger = new com.jcraft.jsch.Logger() {

@Override
public boolean isEnabled(int arg0) {
return true;
}

@Override
public void log(int arg0, String arg1) {
if (logger.isTraceEnabled()) {
logger.trace("JSch Log [Level " + arg0 + "]: " + arg1);
}
}
};


/**
* 在webSocket连接时,初始化一个ssh连接
*
* @param webSocketSession webSocket连接
*/
public void add(WebSocketSession webSocketSession) {

SSHSession sshSession = new SSHSession();
sshSession.setWebSocketSession(webSocketSession);

sshSessionQueue.add(sshSession);
}

/**
* 处理客户端发过来的数据
* @param buffer 数据
* @param webSocketSession webSocket连接
*/
public void recv(String buffer, WebSocketSession webSocketSession) {

SSHSession sshSession = null;
try {
logger.debug("webSocketSessionID: {}, 信息: {}", webSocketSession.getId(), buffer);
JSONObject info = JSONObject.parseObject(buffer);
String tp = info.getString("tp");
sshSession = findByWebSocketSession(webSocketSession);

//初始化连接
if ("init".equals(tp)) {
// {"tp":"init","data":{"host":"127.0.0.1","port":"41080","username":"root","password":"123123"}}
SSHInfo sshInfo = info.getObject("data", SSHInfo.class);
sshSession.setSSHInfo(sshInfo);

if (sshSession != null) {
SSHSession finalSSHSession = sshSession;

// 新开一个线程建立连接,连接开启之后以一直监听来自客户端的输入
executorService.execute(() -> {
connectTossh(finalSSHSession);
});
}
} else if ("client".equals(tp)) {
String data = info.getString("data");

// 将网页输入的数据传送给后端服务器
if (sshSession != null) {
transTossh(sshSession.getOutputStream(), data);
}
}
} catch (Exception e) {
logger.error("转发命令到ssh出错: {}", e);

close(sshSession);
}

}

/**
* 将数据传送给服务端作为SSH的输入
*
* @param outputStream
* @param data
* @throws IOException
*/
private void transTossh(OutputStream outputStream, String data) throws IOException {
if (outputStream != null) {
outputStream.write(data.getBytes());
outputStream.flush();
}
}

/**
* 连接ssh
*
* @param sshSession ssh连接需要的信息
*/
private void connectTossh(SSHSession sshSession){
Session jschSession = null;
SSHInfo SSHInfo = sshSession.getSSHInfo();
try {
JSch jsch = new JSch();
JSch.setLogger(jschLogger);

//启动线程
java.util.Properties config = new java.util.Properties();
config.put("StrictHostKeyChecking", "no");
jschSession = jsch.getSession(SSHInfo.getUsername(), SSHInfo.getHost(), SSHInfo.getPort());

jschSession.setConfig(config);
jschSession.setPassword(SSHInfo.getPassword());
jschSession.setUserInfo(new UserInfo() {
@Override
public String getPassphrase() {
return null;
}

@Override
public String getPassword() {
return null;
}

@Override
public boolean promptPassword(String s) {
return false;
}

@Override
public boolean promptPassphrase(String s) {
return false;
}

@Override
public boolean promptYesNo(String s) {
return true;
} // Accept all server keys

@Override
public void showMessage(String s) {
}
});

jschSession.connect();
ChannelShell channel = (ChannelShell) jschSession.openChannel("shell");
channel.setPtyType("xterm");

channel.connect();

sshSession.setChannel(channel);
InputStream inputStream = channel.getInputStream();
sshSession.setOutputStream(channel.getOutputStream());

sshSession.setSSHInfo(SSHInfo);
logger.debug("主机: {} 连接成功!", SSHInfo.getHost());

// 循环读取,jsch的输入为服务器执行命令之后的返回数据
byte[] buf = new byte[1024];
while (true) {
int length = inputStream.read(buf);
if (length < 0) {
close(sshSession);
throw new Exception("读取出错,数据长度:" + length);
}
sendMsg(sshSession.getWebSocketSession(), Arrays.copyOfRange(buf, 0, length));
}

} catch (Exception e) {
logger.error("ssh连接出错, e: {}", e);
} finally {
logger.info("连接关闭, {}", SSHInfo.getHost());
if (jschSession != null) {
jschSession.disconnect();
}

close(sshSession);
}
}


/**
* 发送数据回websocket
*
* @param webSocketSession webSocket连接
* @param buffer 数据
* @throws IOException
*/
public void sendMsg(WebSocketSession webSocketSession, byte[] buffer) throws IOException {
logger.debug("服务端返回的数据: {}", new String(buffer, "UTF-8"));

webSocketSession.sendMessage(new TextMessage(Base64Util.encodeBytes(buffer)));
}

/**
* 通过webSocket连接在队列中找到对应的SSH连接
*
* @param webSocketSession webSocket连接
*/
public SSHSession findByWebSocketSession(WebSocketSession webSocketSession) {
Optional<SSHSession> optional = sshSessionQueue.stream().filter(webscoketObj -> webscoketObj.getWebSocketSession() == webSocketSession).findFirst();
if (optional.isPresent()) {
return optional.get();
}
return null;
}

/**
* 关闭ssh和websocket连接
*
* @param sshSession ssh连接
*/
private void close(SSHSession sshSession) {
if (sshSession != null) {
sshSession.getChannel().disconnect();
try {
sshSession.getWebSocketSession().close();
sshSession.getOutputStream().close();
} catch (IOException e) {
logger.error("连接关闭失败!e: {}", e);
}

sshSessionQueue.remove(sshSession);
}
}

/**
* 通过webSocketSession关闭ssh与webSocket连接
*
* @param webSocketSession
*/
public void closeByWebSocket(WebSocketSession webSocketSession) {
close(findByWebSocketSession(webSocketSession));
}
}

+ 0
- 52
src/main/java/com/educoder/bridge/utils/Base64Util.java View File

@@ -1,52 +0,0 @@
package com.educoder.bridge.utils;


import org.apache.commons.codec.binary.Base64;

import java.nio.charset.StandardCharsets;

/**
* Created by guange on 23/02/2017.
*/
public class Base64Util {

/**
* base64编码
*
* @param code
* @return
*/
public static String encode(String code) {
byte[] encode = Base64.encodeBase64URLSafe(code.getBytes(StandardCharsets.UTF_8));
return new String(encode, StandardCharsets.UTF_8);
}

public static byte[] encodeBytes(byte[] codes) {
return Base64.encodeBase64(codes);
}


/**
* base64解码
*
* @param code
* @return
*/
public static String decode(String code) {
byte[] decode = Base64.decodeBase64(code);
return new String(decode, StandardCharsets.UTF_8);
}

/**
* base64再解码,把原本的非URL safe编码转换为URL safe编码
*
* @param code
* @return
*/
public static String reencode(String code) {
String str = decode(code);
str = str.replace("\n", "\r\n");
return encode(str);
}

}

+ 0
- 42
src/main/resources/applicationContext.xml View File

@@ -1,42 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:websocket="http://www.springframework.org/schema/websocket"
xmlns:aop="http://www.springframework.org/schema/aop"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/websocket
http://www.springframework.org/schema/websocket/spring-websocket.xsd">

<aop:aspectj-autoproxy/>
<context:component-scan base-package="com.educoder.bridge.controller"/>
<context:component-scan base-package="com.educoder.bridge.service"/>
<context:component-scan base-package="com.educoder.bridge.handler"/>

<!-- freemaker配置 -->
<bean id="freemarkerConfig"
class="org.springframework.web.servlet.view.freemarker.FreeMarkerConfigurer">
<property name="templateLoaderPath" value="/WEB-INF/pages/" />
<property name="freemarkerSettings">
<props>
<prop key="template_update_delay">0</prop>
<prop key="default_encoding">UTF-8</prop>
<prop key="number_format">0.##########</prop>
<prop key="datetime_format">yyyy-MM-dd HH:mm:ss</prop>
<prop key="classic_compatible">true</prop>
<prop key="template_exception_handler">ignore</prop>
</props>
</property>
</bean>

<!--注册消息处理器,指定WebsshHandler处理消息,并将/ws映射到其中-->
<websocket:handlers allowed-origins="*">
<websocket:mapping path="/ws" handler="websshHandler"/>
</websocket:handlers>

<bean id="websshHandler" class="com.educoder.bridge.handler.WebsshHandler"/>

</beans>

+ 0
- 47
src/main/resources/logback.xml View File

@@ -1,47 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<property name="log_path" value="/home/ww/test/tomcat-test/logs/"/>

<!-- 打印在标准控制台 -->
<appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
<!--格式化输出:%d:时间,%thread:线程名,%-5level:级别从左显示5个字符宽度,
%logger{50}:输出日志的类, 50代表包名加类名的总长度限制, %M 方法名 %L 行号 %msg:日志消息,%n是换行符-->
<pattern>%d{MM-dd HH:mm:ss} [%thread] %-5level %logger{30} %M %L - %msg%n</pattern>
</encoder>

<filter class="ch.qos.logback.classic.filter.ThresholdFilter">
<level>DEBUG</level>
</filter>
</appender>

<!-- 错误信息 -->
<appender name="ERROR" class="ch.qos.logback.core.rolling.RollingFileAppender">
<Encoding>UTF-8</Encoding>
<encoder>
<pattern>%d{MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{30} %M - %msg%n%L</pattern>
</encoder>
<filter class="ch.qos.logback.classic.filter.ThresholdFilter">
<level>ERROR</level>
</filter>
<rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
<fileNamePattern>${log_path}error.%d{MM-dd}.log</fileNamePattern>
</rollingPolicy>
</appender>

<!-- 屏蔽框架输出 -->
<logger name="org.slf4j" level="ERROR"/>
<logger name="org.springframework" level="ERROR"/>
<logger name="io.swagger" level="ERROR"/>
<logger name="ch.qos.logback" level="OFF"/>
<logger name="springfox.documentation" level="ERROR"/>

<!-- 所有的日志同时应用“STDOUT”和“EROOR”的策略 -->
<root>
<level value="DEBUG"/>
<!--<appender-ref ref="TPM"/>-->
<appender-ref ref="ERROR"/>
<appender-ref ref="STDOUT"/>
</root>

</configuration>

+ 0
- 34
src/main/webapp/WEB-INF/mvc-dispatcher-servlet.xml View File

@@ -1,34 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">


<!--指明 controller 所在包,并扫描其中的注解-->
<context:component-scan base-package="com.educoder.bridge.controller"/>

<!-- 静态资源(js、image等)的访问 -->
<mvc:default-servlet-handler/>

<!--ViewResolver 视图解析器-->
<!--用于支持freemarker视图解析-->
<!--视图解释器 -->
<bean id="viewResolver"
class="org.springframework.web.servlet.view.freemarker.FreeMarkerViewResolver">
<property name="suffix">
<value>.ftl</value>
</property>
<property name="contentType" value="text/html;charset=UTF-8"></property>
</bean>


<!-- 开启注解 -->
<mvc:annotation-driven/>

<bean class="springfox.documentation.swagger2.configuration.Swagger2DocumentationConfiguration" id="swagger2Config"/>
<mvc:resources location="classpath:/META-INF/resources/" mapping="swagger-ui.html"/>
<mvc:resources location="classpath:/META-INF/resources/webjars/" mapping="/webjars/**"/>

</beans>

+ 0
- 61
src/main/webapp/WEB-INF/pages/index.ftl View File

@@ -1,61 +0,0 @@
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">

<title>JWebssh</title>
<link rel='shortcut icon' type='image/x-icon' href='/static/image/favicon.ico'/>
<link rel="stylesheet" href="/static/css/pure-min.css">
<link href="/static/css/xterm.css" rel="stylesheet" type="text/css"/>
<link rel='stylesheet' href='http://fonts.googleapis.com/css?family=PT+Sans:400,700'>
<link rel="stylesheet" href="/static/css/reset.css">
<link rel="stylesheet" href="/static/css/supersized.css">
<link rel="stylesheet" href="/static/css/style.css">

<!-- HTML5 shim, for IE6-8 support of HTML5 elements -->
<!--[if lt IE 9]>
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
</head>

<body>

<div class="page-container" id="form" name="form" >
<h1>JWebssh</h1>
<form action="" method="post">
<fieldset>
<input id="terminalRow" name="terminalRow" type="hidden" value=100>
<div class="pure-item">
<input id="host" name="host" type="text" placeholder="Host" value=${host}>
</div>
<div class="pure-item">
<input id="port" name="port" type="text" placeholder="Port" value=${port}>
</div>
<div class="pure-item">
<input id="username" name="username" type="text" placeholder="Username" value=${username}>
</div>
<div class="pure-item">
<input id="password" name="password" type="password" placeholder="Password" value=${password}>
</div>
<button type="button" onclick="connect()">Connect</button>
</fieldset>
</form>
</div>

<div id="term" align="center"></div>

<!-- Javascript -->
<script src="/static/js/jquerymin.js"></script>
<script src="/static/js/supersized.3.2.7.min.js"></script>
<script src="/static/js/supersized-init.js"></script>
<script src="/static/js/base64.js"></script>
<script src="/static/js/jquerymin.js"></script>
<script src="/static/js/xterm.js"></script>
<script src="/static/js/ws.js"></script>
<script src="/static/js/formvalid.js"></script>
<script src="/static/js/main.js?${digest}"></script>

</body>

</html>

+ 0
- 63
src/main/webapp/WEB-INF/web.xml View File

@@ -1,63 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"
version="3.1">

<display-name>educoder bridge</display-name>

<!-- Spring 上下文参数 -->
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:applicationContext.xml</param-value>
</context-param>

<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>

<!-- logback -->
<context-param>
<param-name>logbackConfigLocation</param-name>
<param-value>classpath:logback.xml</param-value>
</context-param>

<listener>
<listener-class>ch.qos.logback.ext.spring.web.LogbackConfigListener</listener-class>
</listener>

<servlet>
<servlet-name>mvc-dispatcher</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>

<servlet-mapping>
<servlet-name>mvc-dispatcher</servlet-name>
<url-pattern>/</url-pattern>
</servlet-mapping>

<filter>
<filter-name>encodingFilter</filter-name>
<filter-class>org.springframework.web.filter.CharacterEncodingFilter</filter-class>
<init-param>
<param-name>encoding</param-name>
<param-value>UTF-8</param-value>
</init-param>
<init-param>
<param-name>forceEncoding</param-name>
<param-value>true</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>encodingFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>

<welcome-file-list>
<welcome-file></welcome-file>
</welcome-file-list>

</web-app>

+ 0
- 2
src/main/webapp/index.html View File

@@ -1,2 +0,0 @@
<!--保留以防后续看swagger UI界面需要-->
<!--<meta http-equiv="refresh" content="0; url=/swagger-ui.html" />-->

+ 0
- 53
src/main/webapp/static/css/main.css View File

@@ -1,53 +0,0 @@
.aside {
text-align: center;
background: #1f8dd6;
height: 100px;
color: #fff;
vertical-align: middle;
line-height: 100px;
font-size: 30px
}

#main {
margin-top: 20px;
}

#ratio-group {
float: right;
}

.pure-item {
margin: 0 auto 10px;
width: 300px;
position: relative;
}

.pure-radio {
margin-left: 10px;
}

.pure-item:after {
content: "";
display: table;
clear: both;
}

.pure-item label {
float: left;
line-height: 34px;
}

.pure-item input {
float: right;
}

.terminal {
float: none;
border: #000 solid 5px;
font-family: "Monaco", "DejaVu Sans Mono", "Liberation Mono", monospace;
font-size: 11px;
color: #f0f0f0;
width: 600px;
background: #000;
box-shadow: rgba(0, 0, 0, 0.8) 2px 2px 20px;
}

+ 0
- 11
src/main/webapp/static/css/pure-min.css
File diff suppressed because it is too large
View File


+ 0
- 44
src/main/webapp/static/css/reset.css View File

@@ -1,44 +0,0 @@

/* ------- This is the CSS Reset ------- */

html, body, div, span, applet, object, iframe,
h1, h2, h3, h4, h5, h6, p, blockquote, pre, a,
abbr, acronym, address, big, cite, code, del,
dfn, em, img, ins, kbd, q, s, samp, small,
strike, strong, sub, sup, tt, var, u, i, center,
dl, dt, dd, ol, ul, li, fieldset, form, label,
legend, table, caption, tbody, tfoot, thead, tr,
th, td, article, aside, canvas, details, embed,
figure, figcaption, footer, header, hgroup, menu,
nav, output, ruby, section, summary, time, mark, audio, video {
margin: 0;
padding: 0;
border: 0;
font-size: 100%;
font: inherit;
vertical-align: baseline;
}

/* ------- HTML5 display-role reset for older browsers ------- */

article, aside, details, figcaption, figure, footer, header, hgroup, menu, nav, section {
display: block;
}
body {
line-height: 1;
}
ol, ul {
list-style: none;
}
blockquote, q {
quotes: none;
}
blockquote:before, blockquote:after, q:before, q:after {
content: '';
content: none;
}
table {
border-collapse: collapse;
border-spacing: 0;
}


+ 0
- 187
src/main/webapp/static/css/style.css View File

@@ -1,187 +0,0 @@
/*
*
* Template Name: Fullscreen Login
* Description: Login Template with Fullscreen Background Slideshow
* Author: Anli Zaimi
* Author URI: http://azmind.com
*
*/


body {
background: #f8f8f8;
font-family: 'PT Sans', Helvetica, Arial, sans-serif;
text-align: center;
color: #fff;
}

.page-container {
margin: 120px auto 0 auto;
}

h1 {
font-size: 30px;
font-weight: 700;
text-shadow: 0 1px 4px rgba(0,0,0,.2);
}

form {
position: relative;
width: 305px;
margin: 15px auto 0 auto;
text-align: center;
}

input {
width: 270px;
height: 42px;
margin-top: 25px;
padding: 0 15px;
background: #2d2d2d; /* browsers that don't support rgba */
background: rgba(45,45,45,.15);
-moz-border-radius: 6px;
-webkit-border-radius: 6px;
border-radius: 6px;
border: 1px solid #3d3d3d; /* browsers that don't support rgba */
border: 1px solid rgba(255,255,255,.15);
-moz-box-shadow: 0 2px 3px 0 rgba(0,0,0,.1) inset;
-webkit-box-shadow: 0 2px 3px 0 rgba(0,0,0,.1) inset;
box-shadow: 0 2px 3px 0 rgba(0,0,0,.1) inset;
font-family: 'PT Sans', Helvetica, Arial, sans-serif;
font-size: 14px;
color: #fff;
text-shadow: 0 1px 2px rgba(0,0,0,.1);
-o-transition: all .2s;
-moz-transition: all .2s;
-webkit-transition: all .2s;
-ms-transition: all .2s;
}

input:-moz-placeholder { color: #fff; }
input:-ms-input-placeholder { color: #fff; }
input::-webkit-input-placeholder { color: #fff; }

input:focus {
outline: none;
-moz-box-shadow:
0 2px 3px 0 rgba(0,0,0,.1) inset,
0 2px 7px 0 rgba(0,0,0,.2);
-webkit-box-shadow:
0 2px 3px 0 rgba(0,0,0,.1) inset,
0 2px 7px 0 rgba(0,0,0,.2);
box-shadow:
0 2px 3px 0 rgba(0,0,0,.1) inset,
0 2px 7px 0 rgba(0,0,0,.2);
}

button {
cursor: pointer;
width: 300px;
height: 44px;
margin-top: 25px;
padding: 0;
background: #ef4300;
-moz-border-radius: 6px;
-webkit-border-radius: 6px;
border-radius: 6px;
border: 1px solid #ff730e;
-moz-box-shadow:
0 15px 30px 0 rgba(255,255,255,.25) inset,
0 2px 7px 0 rgba(0,0,0,.2);
-webkit-box-shadow:
0 15px 30px 0 rgba(255,255,255,.25) inset,
0 2px 7px 0 rgba(0,0,0,.2);
box-shadow:
0 15px 30px 0 rgba(255,255,255,.25) inset,
0 2px 7px 0 rgba(0,0,0,.2);
font-family: 'PT Sans', Helvetica, Arial, sans-serif;
font-size: 14px;
font-weight: 700;
color: #fff;
text-shadow: 0 1px 2px rgba(0,0,0,.1);
-o-transition: all .2s;
-moz-transition: all .2s;
-webkit-transition: all .2s;
-ms-transition: all .2s;
}

button:hover {
-moz-box-shadow:
0 15px 30px 0 rgba(255,255,255,.15) inset,
0 2px 7px 0 rgba(0,0,0,.2);
-webkit-box-shadow:
0 15px 30px 0 rgba(255,255,255,.15) inset,
0 2px 7px 0 rgba(0,0,0,.2);
box-shadow:
0 15px 30px 0 rgba(255,255,255,.15) inset,
0 2px 7px 0 rgba(0,0,0,.2);
}

button:active {
-moz-box-shadow:
0 15px 30px 0 rgba(255,255,255,.15) inset,
0 2px 7px 0 rgba(0,0,0,.2);
-webkit-box-shadow:
0 15px 30px 0 rgba(255,255,255,.15) inset,
0 2px 7px 0 rgba(0,0,0,.2);
box-shadow:
0 5px 8px 0 rgba(0,0,0,.1) inset,
0 1px 4px 0 rgba(0,0,0,.1);

border: 0px solid #ef4300;
}

.error {
display: none;
position: absolute;
top: 27px;
right: -55px;
width: 40px;
height: 40px;
background: #2d2d2d; /* browsers that don't support rgba */
background: rgba(45,45,45,.25);
-moz-border-radius: 8px;
-webkit-border-radius: 8px;
border-radius: 8px;
}

.error span {
display: inline-block;
margin-left: 2px;
font-size: 40px;
font-weight: 700;
line-height: 40px;
text-shadow: 0 1px 2px rgba(0,0,0,.1);
-o-transform: rotate(45deg);
-moz-transform: rotate(45deg);
-webkit-transform: rotate(45deg);
-ms-transform: rotate(45deg);

}

.connect {
width: 305px;
margin: 35px auto 0 auto;
font-size: 18px;
font-weight: 700;
text-shadow: 0 1px 3px rgba(0,0,0,.2);
}

.connect a {
display: inline-block;
width: 32px;
height: 35px;
margin-top: 15px;
-o-transition: all .2s;
-moz-transition: all .2s;
-webkit-transition: all .2s;
-ms-transition: all .2s;
}

.connect a.facebook { background: url(../image/facebook.png) center center no-repeat; }
.connect a.twitter { background: url(../image/twitter.png) center center no-repeat; }

.connect a:hover { background-position: center bottom; }




+ 0
- 34
src/main/webapp/static/css/supersized.css View File

@@ -1,34 +0,0 @@
/*

Supersized - Fullscreen Slideshow jQuery Plugin
Version : 3.2.7
Site : www.buildinternet.com/project/supersized
Author : Sam Dunn
Company : One Mighty Roar (www.onemightyroar.com)
License : MIT License / GPL License
*/

* { margin:0; padding:0; }
body { background:#111; height:100%; }
img { border:none; }
#supersized-loader { position:absolute; top:50%; left:50%; z-index:0; width:60px; height:60px; margin:-30px 0 0 -30px; text-indent:-999em; background:url(../image/progress.gif) no-repeat center center;}
#supersized { display:block; position:fixed; left:0; top:0; overflow:hidden; z-index:-999; height:100%; width:100%; }
#supersized img { width:auto; height:auto; position:relative; display:none; outline:none; border:none; }
#supersized.speed img { -ms-interpolation-mode:nearest-neighbor; image-rendering: -moz-crisp-edges; } /*Speed*/
#supersized.quality img { -ms-interpolation-mode:bicubic; image-rendering: optimizeQuality; } /*Quality*/
#supersized li { display:block; list-style:none; z-index:-30; position:fixed; overflow:hidden; top:0; left:0; width:100%; height:100%; background:#111; }
#supersized a { width:100%; height:100%; display:block; }
#supersized li.prevslide { z-index:-20; }
#supersized li.activeslide { z-index:-10; }
#supersized li.image-loading { background:#111 url(../image/progress.gif) no-repeat center center; width:100%; height:100%; }
#supersized li.image-loading img{ visibility:hidden; }
#supersized li.prevslide img, #supersized li.activeslide img{ display:inline; }


#supersized img { max-width: none !important }


+ 0
- 25
src/main/webapp/static/css/tooltip.css View File

@@ -1,25 +0,0 @@
.tooltip{
position: absolute;
max-width: 300px;
top: 3px;
left: 105%;
padding: 8px 10px;
border-radius: 5px;
color: #fff;
background: #000000;
box-shadow: 0 2px 2px 0 #7F7C7C;
white-space: nowrap;
}
.tooltip:after{
content: '';
position: absolute;
top: 35%;
right:100%;
margin-left: 10px;
width: 0;
height: 0;
border: 5px solid transparent;
border-right: 7px #000;
border-left-width: 7px;
}


+ 0
- 2273
src/main/webapp/static/css/xterm.css
File diff suppressed because it is too large
View File


BIN
src/main/webapp/static/image/backgrounds/1.jpg View File

Before After
Width: 800  |  Height: 561  |  Size: 72 kB

BIN
src/main/webapp/static/image/backgrounds/2.jpg View File

Before After
Width: 800  |  Height: 561  |  Size: 69 kB

BIN
src/main/webapp/static/image/backgrounds/3.jpg View File


BIN
src/main/webapp/static/image/facebook.png View File

Before After
Width: 18  |  Height: 30  |  Size: 623 B

BIN
src/main/webapp/static/image/favicon.ico View File

Before After

BIN
src/main/webapp/static/image/progress.gif View File

Before After
Width: 31  |  Height: 31  |  Size: 2.6 kB

BIN
src/main/webapp/static/image/twitter.png View File

Before After
Width: 32  |  Height: 30  |  Size: 933 B

+ 0
- 103
src/main/webapp/static/js/base64.js View File

@@ -1,103 +0,0 @@
function Base64() {
// private property
_keyStr = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=";
// public method for encoding
this.encode = function (input) {
var output = "";
var chr1, chr2, chr3, enc1, enc2, enc3, enc4;
var i = 0;
input = _utf8_encode(input);
while (i < input.length) {
chr1 = input.charCodeAt(i++);
chr2 = input.charCodeAt(i++);
chr3 = input.charCodeAt(i++);
enc1 = chr1 >> 2;
enc2 = ((chr1 & 3) << 4) | (chr2 >> 4);
enc3 = ((chr2 & 15) << 2) | (chr3 >> 6);
enc4 = chr3 & 63;
if (isNaN(chr2)) {
enc3 = enc4 = 64;
} else if (isNaN(chr3)) {
enc4 = 64;
}
output = output +
_keyStr.charAt(enc1) + _keyStr.charAt(enc2) +
_keyStr.charAt(enc3) + _keyStr.charAt(enc4);
}
return output;
}
// public method for decoding
this.decode = function (input) {
var output = "";
var chr1, chr2, chr3;
var enc1, enc2, enc3, enc4;
var i = 0;
input = input.replace(/[^A-Za-z0-9\+\/\=]/g, "");
while (i < input.length) {
enc1 = _keyStr.indexOf(input.charAt(i++));
enc2 = _keyStr.indexOf(input.charAt(i++));
enc3 = _keyStr.indexOf(input.charAt(i++));
enc4 = _keyStr.indexOf(input.charAt(i++));
chr1 = (enc1 << 2) | (enc2 >> 4);
chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
chr3 = ((enc3 & 3) << 6) | enc4;
output = output + String.fromCharCode(chr1);
if (enc3 != 64) {
output = output + String.fromCharCode(chr2);
}
if (enc4 != 64) {
output = output + String.fromCharCode(chr3);
}
}
output = _utf8_decode(output);
return output;
}
// private method for UTF-8 encoding
_utf8_encode = function (string) {
string = string.replace(/\r\n/g,"\n");
var utftext = "";
for (var n = 0; n < string.length; n++) {
var c = string.charCodeAt(n);
if (c < 128) {
utftext += String.fromCharCode(c);
} else if((c > 127) && (c < 2048)) {
utftext += String.fromCharCode((c >> 6) | 192);
utftext += String.fromCharCode((c & 63) | 128);
} else {
utftext += String.fromCharCode((c >> 12) | 224);
utftext += String.fromCharCode(((c >> 6) & 63) | 128);
utftext += String.fromCharCode((c & 63) | 128);
}
}
return utftext;
}
// private method for UTF-8 decoding
_utf8_decode = function (utftext) {
var string = "";
var i = 0;
var c = c1 = c2 = 0;
while ( i < utftext.length ) {
c = utftext.charCodeAt(i);
if (c < 128) {
string += String.fromCharCode(c);
i++;
} else if((c > 191) && (c < 224)) {
c2 = utftext.charCodeAt(i+1);
string += String.fromCharCode(((c & 31) << 6) | (c2 & 63));
i += 2;
} else {
c2 = utftext.charCodeAt(i+1);
c3 = utftext.charCodeAt(i+2);
string += String.fromCharCode(((c & 15) << 12) | ((c2 & 63) << 6) | (c3 & 63));
i += 3;
}
}
return string;
}
}

+ 0
- 234
src/main/webapp/static/js/formvalid.js View File

@@ -1,234 +0,0 @@
/*
Jquery
janchie 2010.1
1.02版
*/

var validResult = {};
var errorMsg = {};

(function ($) {
$.fn.extend({
valid: function () {
if (!$(this).is("form")) return;

var items = $.isArray(arguments[0]) ? arguments[0] : [],
isBindSubmit = typeof arguments[1] === "boolean" ? arguments[1] : true,
isAlert = typeof arguments[2] === "boolean" ? arguments[2] : false,

rule = {
"eng": /^[A-Za-z]+$/,
"chn": /^[\u0391-\uFFE5]+$/,
"mail": /\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/,
"url": /^http[s]?:\/\/[A-Za-z0-9]+\.[A-Za-z0-9]+[\/=\?%\-&_~`@[\]\':+!]*([^<>\"\"])*$/,
"currency": /^\d+(\.\d+)?$/,
"number": /^\d+$/,
"int": /^[0-9]{1,30}$/,
"double": /^[-\+]?\d+(\.\d+)?$/,
"username": /^[a-zA-Z]{1}([a-zA-Z0-9]|[._]){3,19}$/,
"password": /^[\w\W]{6,20}$/,
"safe": />|<|,|\[|\]|\{|\}|\?|\/|\+|=|\||\'|\\|\"|:|;|\~|\!|\@|\#|\*|\$|\%|\^|\&|\(|\)|`/i,
"dbc": /[a-zA-Z0-9!@#¥%^&*()_+{}[]|:"';.,/?<>`~ ]/,
"qq": /[1-9][0-9]{4,}/,
"date": /^((((1[6-9]|[2-9]\d)\d{2})-(0?[13578]|1[02])-(0?[1-9]|[12]\d|3[01]))|(((1[6-9]|[2-9]\d)\d{2})-(0?[13456789]|1[012])-(0?[1-9]|[12]\d|30))|(((1[6-9]|[2-9]\d)\d{2})-0?2-(0?[1-9]|1\d|2[0-8]))|(((1[6-9]|[2-9]\d)(0[48]|[2468][048]|[13579][26])|((16|[2468][048]|[3579][26])00))-0?2-29-))$/,
"year": /^(19|20)[0-9]{2}$/,
"month": /^(0?[1-9]|1[0-2])$/,
"day": /^((0?[1-9])|((1|2)[0-9])|30|31)$/,
"hour": /^((0?[1-9])|((1|2)[0-3]))$/,
"minute": /^((0?[1-9])|((1|5)[0-9]))$/,
"second": /^((0?[1-9])|((1|5)[0-9]))$/,
"mobile": /^((\(\d{2,3}\))|(\d{3}\-))?13\d{9}$/,
"phone": /^[+]{0,1}(\d){1,3}[ ]?([-]?((\d)|[ ]){1,12})+$/,
"zipcode": /^[1-9]\d{5}$/,
"IDcard": /^((1[1-5])|(2[1-3])|(3[1-7])|(4[1-6])|(5[0-4])|(6[1-5])|71|(8[12])|91)\d{4}((19\d{2}(0[13-9]|1[012])(0[1-9]|[12]\d|30))|(19\d{2}(0[13578]|1[02])31)|(19\d{2}02(0[1-9]|1\d|2[0-8]))|(19([13579][26]|[2468][048]|0[48])0229))\d{3}(\d|X|x)?$/,
"ip": /^(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])\.(\d{1,2}|1\d\d|2[0-4]\d|25[0-5])$/,
"file": /^[A-Za-z0-9]+((\.|-)[A-Za-z0-9]+)*\.[A-Za-z0-9]+$/,
"image": /.+\.(jpg|gif|png|bmp)$/i,
"word": /.+\.(doc|rtf|pdf)$/i,

"port": function (port) {
return (!isNaN(port) && port > 0 && port < 65536) ? true : false;
},
"eq": function (arg1, arg2) {
return arg1 == arg2 ? true : false;
},
"gt": function (arg1, arg2) {
return arg1 > arg2 ? true : false;
},
"gte": function (arg1, arg2) {
return arg1 >= arg2 ? true : false;
},
"lt": function (arg1, arg2) {
return arg1 < arg2 ? true : false;
},
"lte": function (arg1, arg2) {
return arg1 <= arg2 ? true : false;
}

},

msgSuffix = {
"eng": "only english welcomed",
"chn": "only chinese welcomed",
"mail": "invalid email format",
"url": "invalid url format",
"currency": "invalid number format",
"number": "only number welcomed",
"int": "only integer welcomed",
"double": "only float welcomed",
"username": "invalid username format,4-20 characters",
"password": "warning, you'd better use 6-20 characters",
"safe": "forbidden special characters",
"dbc": "forbidden full width characters",
"qq": "invalid qq format",
"date": "invalid date format",
"year": "invalid year format",
"month": "invalid month format",
"day": "invalid day format",
"hour": "invalid hour format",
"minute": "invalid minute format",
"second": "invalid second format",
"mobile": "invalid mobile format",
"phone": "invalid phone format",
"zipcode": "invalid zipcode format",
"IDcard": "invalid identity format",
"ip": "invalid ip format",
"port": "invalid port format",
"file": "invalid file format",
"image": "invalid image format",
"word": "invalid word file format",
"eq": "not equal",
"gt": "no greater than",
"gte": "no greater than or equal",
"lt": "no smaller than",
"lte": "no smaller than or equal"
},

msg = "", formObj = $(this), checkRet = true, isAll,
tipname = function (namestr) {
return "tip_" + namestr.replace(/([a-zA-Z0-9])/g, "-$1");
},

typeTest = function () {
var result = true, args = arguments;
if (rule.hasOwnProperty(args[0])) {
var t = rule[args[0]], v = args[1];
result = args.length > 2 ? t.apply(arguments, [].slice.call(args, 1)) : ($.isFunction(t) ? t(v) : t.test(v));
}
return result;
},

showError = function (fieldObj, filedName, warnInfo) {
checkRet = false;
var tipObj = $("#" + tipname(filedName));
if (tipObj.length > 0) tipObj.remove();
var tipPosition = fieldObj.next().length > 0 ? fieldObj.nextAll().eq(this.length - 1) : fieldObj.eq(this.length - 1);
//tipPosition.after("<span class='tooltip' id='" + tipname(filedName) + "'> " + warnInfo + " </span>");
validResult[filedName] = false;
errorMsg[filedName] = warnInfo;
if (isAlert && isAll) msg = warnInfo;
},

showRight = function (fieldObj, filedName) {
var tipObj = $("#" + tipname(filedName));
if (tipObj.length > 0) tipObj.remove();
var tipPosition = fieldObj.next().length > 0 ? fieldObj.nextAll().eq(this.length - 1) : fieldObj.eq(this.length - 1);
//tipPosition.after("<span class='tooltip' id='" + tipname(filedName) + "'>correct</span>");
validResult[filedName] = true;
},

findTo = function (objName) {
var find;
$.each(items, function () {
if (this.name == objName && this.simple) {
find = this.simple;
return false;
}
});
if (!find) find = $("[name='" + objName + "']")[0].name;
return find;
},

fieldCheck = function (item) {
var i = item, field = $("[name='" + i.name + "']", formObj[0]);
if (!field[0]) return;

var warnMsg, fv = $.trim(field.val()), isRq = typeof i.require === "boolean" ? i.require : true;

if (isRq && ((field.is(":radio") || field.is(":checkbox")) && !field.is(":checked"))) {
warnMsg = i.message || "choice needed";
showError(field, i.name, warnMsg);

} else if (isRq && fv == "") {
warnMsg = i.message || ( field.is("select") ? "choice needed" : "not none" );
showError(field, i.name, warnMsg);

} else if (fv != "") {
if (i.min || i.max) {
var len = fv.length, min = i.min || 0, max = i.max;
warnMsg = i.message || (max ? "range" + min + "~" + max + "" : "min length" + min);

if ((max && (len > max || len < min)) || (!max && len < min)) {
showError(field, i.name, warnMsg);
return;
}
}
if (i.type) {
var matchVal = i.to ? $.trim($("[name='" + i.to + "']").val()) : i.value;
var matchRet = matchVal ? typeTest(i.type, fv, matchVal) : typeTest(i.type, fv);

warnMsg = i.message || msgSuffix[i.type];
if (matchVal) warnMsg += (i.to ? findTo(i.to) + "value" : i.value);

if (!matchRet) showError(field, i.name, warnMsg);
else showRight(field, i.name);

} else {
showRight(field, i.name);
}

} else if (isRq) {
showRight(field, i.name);
}

},

validate = function () {
$.each(items, function () {
isAll = true;
fieldCheck(this);
});

if (isAlert && msg != "") {
alert(msg);
msg = "";
}
return checkRet;
};

$.each(items, function () {
var field = $("[name='" + this.name + "']", formObj[0]);
if (field.is(":hidden")) return;

var obj = this, toCheck = function () {
isAll = false;
fieldCheck(obj);
};
if (field.is(":file") || field.is("select")) {
field.change(toCheck);
} else {
field.blur(toCheck);
}
});

if (isBindSubmit) {
$(this).submit(validate);
} else {
return validate();
}

}

});

})(jQuery);

+ 0
- 5
src/main/webapp/static/js/jquerymin.js
File diff suppressed because it is too large
View File


+ 0
- 124
src/main/webapp/static/js/main.js View File

@@ -1,124 +0,0 @@
function openTerminal(options) {
//var CONNECT_TIME = 0; // 请求连接次数
$("#form").hide();
Rows = parseInt(options.Rows);
var client = new WSSHClient();
var base64 = new Base64();
var term = new Terminal({cols: 80, rows: Rows, screenKeys: true, useStyle: true});

// 发送客户端数据
term.on('data', function (data) {
console.log("xterm data: ");
console.log(data);
client.sendClientData(data);
});
term.open();
$('.terminal').detach().appendTo('#term');
$("#term").show();
term.write("Connecting...");
console.debug(options);

//var interTime = setInterval(client_connect, 1000)
setTimeout(client_connect, 3000);

var intervalId = null;

function client_connect() {
// var TIMEINIT = 0; // 初始化时间
// var TIMEOUT = 60 * 15; // 超时时间
var CONNECTED = false; // 是否连接成功过
console.log("连接中....");
console.log(options);

client.connect({
onError: function (error) {
term.write('Error: ' + error + '\r\n');
console.log('error happened');
},
onConnect: function () {
console.log('connection established');
// 连接上之后发送初始化数据
client.sendInitData(options);
term.focus();
},
onClose: function () {
console.log("连接关闭");
term.write("\r\nconnection closed");
if (CONNECTED) {
console.log('connection reset by peer');
$('term').hide();
}
},
// 当收到服务端返回的数据
onData: function (data) {
if (!CONNECTED) {
console.log("first connected.");
term.write("\r"); //换行
term.focus(); //焦点移动到框上
}
/*if(interTime){
clearInterval(interTime);
}*/
CONNECTED = true;

data = base64.decode(data);
/* TIMEINIT = 0;*/
term.write(data);
console.log('get data:' + data);
}
})
}
}

var charWidth = 6.2;
var charHeight = 15.2;

/**
* for full screen
* @returns {{w: number, h: number}}
*/
function getTerminalSize() {
var width = window.innerWidth;
var height = window.innerHeight;
return {
w: Math.floor(width / charWidth),
h: Math.floor(height / charHeight)
};
}


function store(options) {
window.localStorage.host = options.host
window.localStorage.port = options.port
window.localStorage.username = options.username
window.localStorage.ispwd = options.ispwd
window.localStorage.password = options.password
}

function check() {
return validResult["host"] && validResult["port"] && validResult["username"];
}

function connect() {
var remember = $("#remember").is(":checked")
var options = {
host: $("#host").val(),
port: $("#port").val(),
username: $("#username").val(),
password: $("#password").val(),
Rows: $("#terminalRow").val(),
}
if (remember) {
store(options)
}
if (true) {
openTerminal(options)
} else {
for (var key in validResult) {
if (!validResult[key]) {
alert(errorMsg[key]);
break;
}
}
}
}

+ 0
- 30
src/main/webapp/static/js/supersized-init.js View File

@@ -1,30 +0,0 @@
jQuery(function($){

$.supersized({

// Functionality
slide_interval : 4000, // Length between transitions
transition : 1, // 0-None, 1-Fade, 2-Slide Top, 3-Slide Right, 4-Slide Bottom, 5-Slide Left, 6-Carousel Right, 7-Carousel Left
transition_speed : 1000, // Speed of transition
performance : 1, // 0-Normal, 1-Hybrid speed/quality, 2-Optimizes image quality, 3-Optimizes transition speed // (Only works for Firefox/IE, not Webkit)

// Size & Position
min_width : 0, // Min width allowed (in pixels)
min_height : 0, // Min height allowed (in pixels)
vertical_center : 1, // Vertically center background
horizontal_center : 1, // Horizontally center background
fit_always : 0, // Image will never exceed browser width or height (Ignores min. dimensions)
fit_portrait : 1, // Portrait images will not exceed browser height
fit_landscape : 0, // Landscape images will not exceed browser width

// Components
slide_links : 'blank', // Individual links for each slide (Options: false, 'num', 'name', 'blank')
slides : [ // Slideshow Images
{image : '/static/image/backgrounds/1.jpg'},
{image : '/static/image/backgrounds/2.jpg'},
{image : '/static/image/backgrounds/3.jpg'}
]

});

});

+ 0
- 13
src/main/webapp/static/js/supersized.3.2.7.min.js
File diff suppressed because it is too large
View File


+ 0
- 67
src/main/webapp/static/js/ws.js View File

@@ -1,67 +0,0 @@
function WSSHClient() {
};

WSSHClient.prototype._generateEndpoint = function () {
if (window.location.protocol == 'https:') {
var protocol = 'wss://';
} else {
var protocol = 'ws://';
}
var endpoint = protocol + window.location.host + '/ws';
return endpoint;
};

WSSHClient.prototype.connect = function (options) {
var endpoint = this._generateEndpoint();

if (window.WebSocket) {
this._connection = new WebSocket(endpoint);
}
else if (window.MozWebSocket) {
this._connection = MozWebSocket(endpoint);
}
else {
options.onError('WebSocket Not Supported');
return;
}

this._connection.onopen = function () {
options.onConnect();
};

this._connection.onmessage = function (evt) {
var data = evt.data.toString()
options.onData(data);
};


this._connection.onclose = function (evt) {
options.onClose();
};
};

WSSHClient.prototype.close = function () {
this._connection.close();
};

WSSHClient.prototype.send = function (data) {
this._connection.send(JSON.stringify(data));
};

WSSHClient.prototype.sendInitData = function (options) {
var data = {
hostname: options.host,
port: options.port,
username: options.username,
password: options.password
};
this._connection.send(JSON.stringify({"tp": "init", "data": options}))
console.log("发送初始化数据:" + options)
}

WSSHClient.prototype.sendClientData = function (data) {
this._connection.send(JSON.stringify({"tp": "client", "data": data}))
console.log("发送客户端数据:" + data)
}

var client = new WSSHClient();

+ 0
- 4959
src/main/webapp/static/js/xterm.js
File diff suppressed because it is too large
View File


+ 2
- 1
test.txt View File

@@ -1 +1,2 @@
测试push
测试push
455

Write Preview
Loading…
Cancel
Save