Merge pull request #3 from joernio/andrei/securibench-downloader

[Dataset] Added downloader for `Securibench-Micro`
joernio · Jun 12, 2024 · b58e5cd · b58e5cd
2 parents 709139b + 64c9cf3
commit b58e5cd
Show file tree

Hide file tree

Showing 5 changed files with 102 additions and 17 deletions.
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -42,6 +42,8 @@ jobs:
       - name: Rename
         run: |
           mv workspace/ichnaea.zip ichnaea.zip
+          mv workspace/securibench-micro-JAVA_BYTECODE.zip securibench-micro-JAVA_BYTECODE.zip
+          mv workspace/securibench-micro-JAVA_SRC.zip securibench-micro-JAVA_SRC.zip
       - name: Set next release version
         id: taggerFinal
         uses: anothrNick/[email protected]
@@ -53,4 +55,6 @@ jobs:
         with:
           tag_name: ${{ steps.taggerDryRun.outputs.new_tag }}
           files: |
-            ichnaea.zip
+            ichnaea.zip
+            securibench-micro-JAVA_BYTECODE.zip
+            securibench-micro-JAVA_SRC.zip
diff --git a/src/main/scala/io/joern/benchmarks/datasets/BenchmarkDataset.scala b/src/main/scala/io/joern/benchmarks/datasets/BenchmarkDataset.scala
@@ -4,12 +4,11 @@ import io.joern.benchmarks.datasets.BenchmarkDataset.benchmarkConstructors
 import io.joern.benchmarks.datasets.AvailableBenchmarks
 import io.joern.benchmarks.datasets.runner.{
   DatasetDownloader,
-  IchnaeaDownloader
-
+  IchnaeaDownloader,
+  SecuribenchMicroDownloader
 // TODO: Add when implementing
 
 //  OWASPJavaDownloader,
-//  SecuribenchMicroDownloader
 }
 import org.slf4j.LoggerFactory
 import upickle.default.*
@@ -43,11 +42,14 @@ object BenchmarkDataset {
     // TODO: Add when implementing
 //    (AvailableBenchmarks.OWASP_JAVASRC, x => new OWASPJavaDownloader(x.datasetDir)),
 //    (AvailableBenchmarks.OWASP_JAVA, x => new OWASPJavaDownloader(x.datasetDir)),
-//    (
-//      AvailableBenchmarks.SECURIBENCH_MICRO_JAVASRC,
-//      x => new SecuribenchMicroDownloader(x.datasetDir, JavaCpgTypes.JAVA_SRC)
-//    ),
-//    (AvailableBenchmarks.SECURIBENCH_MICRO_JAVA, x => new SecuribenchMicroDownloader(x.datasetDir, JavaCpgTypes.JAVA_BYTECODE)),
+    (
+      AvailableBenchmarks.SECURIBENCH_MICRO_JAVASRC,
+      x => new SecuribenchMicroDownloader(x.datasetDir, JavaCpgTypes.JAVA_SRC)
+    ),
+    (
+      AvailableBenchmarks.SECURIBENCH_MICRO_JAVA,
+      x => new SecuribenchMicroDownloader(x.datasetDir, JavaCpgTypes.JAVA_BYTECODE)
+    ),
     (AvailableBenchmarks.ICHNAEA_JSSRC, x => new IchnaeaDownloader(x.datasetDir))
   )
 

diff --git a/src/main/scala/io/joern/benchmarks/datasets/runner/FileDownloader.scala b/src/main/scala/io/joern/benchmarks/datasets/runner/FileDownloader.scala
@@ -72,6 +72,20 @@ sealed trait FileDownloader { this: DatasetDownloader =>
         }
     }
   }
+
+  protected def compressBenchmark(benchmarkDir: File, destDir: Option[File] = None): File = {
+    val zippedDestDir = destDir match {
+      case Some(dir) =>
+        dir
+      case None =>
+        if benchmarkDir.isDirectory then File(s"${benchmarkDir.pathAsString}.zip")
+        else benchmarkDir.changeExtensionTo(".zip")
+    }
+
+    benchmarkDir.zipTo(zippedDestDir)
+    benchmarkDir.delete(swallowIOExceptions = true)
+    zippedDestDir
+  }
 }
 
 trait SingleFileDownloader extends FileDownloader { this: DatasetDownloader =>
@@ -151,12 +165,6 @@ trait MultiFileDownloader extends FileDownloader { this: DatasetDownloader =>
     }
     targetDir
   }
-
-  protected def zipBenchmarkDirectory(benchmarkDir: File = benchmarkBaseDir): Try[File] = Try {
-    val zippedDestDir = File(s"${benchmarkDir.pathAsString}.zip")
-    benchmarkDir.zipTo(zippedDestDir)
-    zippedDestDir
-  }
 }
 
 /** The supported compression types.

diff --git a/src/main/scala/io/joern/benchmarks/datasets/runner/IchnaeaDownloader.scala b/src/main/scala/io/joern/benchmarks/datasets/runner/IchnaeaDownloader.scala
@@ -62,14 +62,14 @@ class IchnaeaDownloader(datasetDir: File) extends DatasetDownloader(datasetDir)
     }
   }
 
-  override def initialize(): Try[File] = {
+  override def initialize(): Try[File] = Try {
     val downloadedDir = downloadBenchmarkAndUnarchive(CompressionTypes.TGZ) match {
       case Success(dir) =>
         dir
       case Failure(e) => throw e
     }
 
-    zipBenchmarkDirectory(downloadedDir)
+    compressBenchmark(downloadedDir)
   }
 
   override def run(): Unit = {

diff --git a/src/main/scala/io/joern/benchmarks/datasets/runner/SecuribenchMicroDownloader.scala b/src/main/scala/io/joern/benchmarks/datasets/runner/SecuribenchMicroDownloader.scala
@@ -0,0 +1,71 @@
+package io.joern.benchmarks.datasets.runner
+
+import better.files.File
+import io.joern.benchmarks.*
+import io.joern.benchmarks.datasets.JavaCpgTypes
+import io.joern.x2cpg.utils.ExternalCommand
+import org.slf4j.LoggerFactory
+
+import java.net.{URI, URL}
+import scala.util.{Failure, Success, Try}
+
+class SecuribenchMicroDownloader(datasetDir: File, cpgCreatorType: JavaCpgTypes.Value)
+    extends DatasetDownloader(datasetDir)
+    with SingleFileDownloader {
+
+  private val logger = LoggerFactory.getLogger(getClass)
+
+  override val benchmarkName = s"Securibench Micro v1.08"
+
+  override protected val benchmarkUrl: URL = URI(
+    "https://github.com/too4words/securibench-micro/archive/6a5a724.zip"
+  ).toURL
+  override protected val benchmarkFileName: String = "securibench-micro-6a5a72488ea830d99f9464fc1f0562c4f864214b"
+  override protected val benchmarkBaseDir: File    = datasetDir / benchmarkFileName
+
+  private val apacheJdo = URI("https://repo1.maven.org/maven2/javax/jdo/jdo-api/3.1/jdo-api-3.1.jar").toURL
+
+  override def initialize(): Try[File] = Try {
+    downloadBenchmarkAndUnarchive(CompressionTypes.ZIP)
+    downloadFile(apacheJdo, benchmarkBaseDir / "lib" / "jdo-api-3.1.jar")
+    if (
+      cpgCreatorType == JavaCpgTypes.JAVA_BYTECODE && (benchmarkBaseDir / "classes")
+        .walk()
+        .count(_.`extension`.contains(".class")) < 1
+    ) {
+      val sourceFiles = (benchmarkBaseDir / "src")
+        .walk()
+        .filter(f => f.isRegularFile && f.`extension`.contains(".java"))
+        .map(f => f.pathAsString.stripPrefix(s"${benchmarkBaseDir.pathAsString}${java.io.File.separator}"))
+        .mkString(" ")
+      val command =
+        Seq(
+          "javac",
+          "-cp",
+          "'.:lib/cos.jar:lib/j2ee.jar:lib/java2html.jar:lib/jdo-api-3.1.jar;'",
+          "-d",
+          "classes",
+          sourceFiles
+        ).mkString(" ")
+      ExternalCommand.run(command, benchmarkBaseDir.pathAsString) match {
+        case Failure(exception) =>
+          logger.error(s"Exception encountered while compiling source code with: '$command'")
+          throw exception
+        case Success(_) => logger.info(s"Successfully compiled $benchmarkName")
+      }
+    }
+
+    compressBenchmark(
+      benchmarkBaseDir,
+      Option(File(s"${datasetDir.pathAsString}/securibench-micro-${cpgCreatorType.toString}.zip"))
+    )
+  }
+
+  override def run(): Unit = {
+    initialize() match {
+      case Failure(exception) =>
+        logger.error(s"Unable to initialize benchmark '$getClass'", exception)
+      case Success(benchmarkDir) =>
+    }
+  }
+}