update

Author: electricalwind

.gitignore

@@ -1,12 +1,154 @@
+# Created by .ignore support plugin (hsz.mobi)
+### Java template
+# Compiled class file
 *.class
 
+*.iml
+.idea
+# Log file
+*.log
+
+# BlueJ files
+*.ctxt
+
 # Mobile Tools for Java (J2ME)
 .mtj.tmp/
 
 # Package Files #
 *.jar
 *.war
 *.ear
+*.zip
+*.tar.gz
+*.rar
 
 # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
 hs_err_pid*
+### Eclipse template
+
+.metadata
+bin/
+tmp/
+*.tmp
+*.bak
+*.swp
+*~.nib
+local.properties
+.settings/
+.loadpath
+.recommenders
+
+# External tool builders
+.externalToolBuilders/
+
+# Locally stored "Eclipse launch configurations"
+*.launch
+
+# PyDev specific (Python IDE for Eclipse)
+*.pydevproject
+
+# CDT-specific (C/C++ Development Tooling)
+.cproject
+
+# Java annotation processor (APT)
+.factorypath
+
+# PDT-specific (PHP Development Tools)
+.buildpath
+
+# sbteclipse plugin
+.target
+
+# Tern plugin
+.tern-project
+
+# TeXlipse plugin
+.texlipse
+
+# STS (Spring Tool Suite)
+.springBeans
+
+# Code Recommenders
+.recommenders/
+
+# Scala IDE specific (Scala & Java development for Eclipse)
+.cache-main
+.scala_dependencies
+.worksheet
+### JetBrains template
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm
+# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
+
+# User-specific stuff:
+.idea/**/workspace.xml
+.idea/**/tasks.xml
+.idea/dictionaries
+
+# Sensitive or high-churn files:
+.idea/**/dataSources/
+.idea/**/dataSources.ids
+.idea/**/dataSources.xml
+.idea/**/dataSources.local.xml
+.idea/**/sqlDataSources.xml
+.idea/**/dynamic.xml
+.idea/**/uiDesigner.xml
+
+# Gradle:
+.idea/**/gradle.xml
+.idea/**/libraries
+
+# CMake
+cmake-build-debug/
+
+# Mongo Explorer plugin:
+.idea/**/mongoSettings.xml
+
+## File-based project format:
+*.iws
+
+## Plugin-specific files:
+
+# IntelliJ
+out/
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# JIRA plugin
+atlassian-ide-plugin.xml
+
+# Cursive Clojure plugin
+.idea/replstate.xml
+
+# Crashlytics plugin (for Android Studio and IntelliJ)
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
+### Maven template
+target/
+pom.xml.tag
+pom.xml.releaseBackup
+pom.xml.versionsBackup
+pom.xml.next
+release.properties
+dependency-reduced-pom.xml
+buildNumber.properties
+.mvn/timing.properties
+
+# Avoid ignoring Maven wrapper jar file (.jar files are usually ignored)
+!/.mvn/wrapper/maven-wrapper.jar
+### Kotlin template
+# Compiled class file
+
+# Log file
+
+# BlueJ files
+
+# Mobile Tools for Java (J2ME)
+
+# Package Files #
+
+# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
+
+/cve/projects/projects.iml

src/main/java/framevpm/bugcollector/BugCollector.java

@@ -1,22 +1,27 @@
 package framevpm.bugcollector;
 
 import data7.model.Data7;
+import data7.model.change.Commit;
+import data7.model.vulnerability.Vulnerability;
 import data7.project.CProjects;
 import data7.project.Project;
 import framevpm.Utils;
 import framevpm.bugcollector.model.BugDataset;
 import framevpm.bugcollector.model.BugIdDataset;
 import framevpm.bugcollector.model.BugRegExpDataset;
+import framevpm.releasebalancer.project.CProjectsInfo;
 import gitUtilitaries.GitActions;
 
 import java.io.IOException;
 import java.text.ParseException;
-import java.util.Set;
+import java.util.*;
+import java.util.stream.Collectors;
 
 
 import static data7.Importer.updateOrCreateDatasetFor;
 import static data7.Resources.PATH_TO_GIT;
 import static framevpm.Utils.listOfCommitsFromData7;
+import static framevpm.Utils.loadBugDataset;
 
 /**
  * Bug Collector Class
@@ -68,29 +73,47 @@ public BugDataset updateOrCreateBugDataset() throws IOException, ClassNotFoundEx
 
 
     public static void main(String[] args) throws ParseException, IOException, ClassNotFoundException {
-        long time = System.currentTimeMillis();
-        /**System.out.println("Start Linux");
-         Data7 dataset = updateOrCreateDatasetFor(CProjectsInfo.LINUX_KERNEL);
-         BugCollector collector = new BugCollector(dataset);
-         Utils.saveBugDataset(collector.updateOrCreateBugDataset());
-         System.out.println("End Linux : " + (System.currentTimeMillis() - time));
-         time = System.currentTimeMillis();
-         System.out.println("Start SystemD");
-         dataset = updateOrCreateDatasetFor(CProjectsInfo.SYSTEMD);
-         collector = new BugCollector(dataset);
-         Utils.saveBugDataset(collector.updateOrCreateBugDataset());
-         System.out.println("End SystemD : " + (System.currentTimeMillis() - time));*/
+        /**long time = System.currentTimeMillis();
+        System.out.println("Start Linux");
+        Data7 dataset = updateOrCreateDatasetFor(CProjects.LINUX_KERNEL);
+        BugCollector collector = new BugCollector(dataset);
+        Utils.saveBugDataset(collector.updateOrCreateBugDataset());
+        System.out.println("End Linux : " + (System.currentTimeMillis() - time));
+        time = System.currentTimeMillis();
+        System.out.println("Start SystemD");
+        dataset = updateOrCreateDatasetFor(CProjects.SYSTEMD);
+        collector = new BugCollector(dataset);
+        Utils.saveBugDataset(collector.updateOrCreateBugDataset());
+        System.out.println("End SystemD : " + (System.currentTimeMillis() - time));
         time = System.currentTimeMillis();
         System.out.println("Start Wireshark");
-        Data7 dataset = updateOrCreateDatasetFor(CProjects.WIRESHARK);
-        BugCollector collector = new BugCollector(dataset);
+        dataset = updateOrCreateDatasetFor(CProjects.WIRESHARK);
+        collector = new BugCollector(dataset);
         Utils.saveBugDataset(collector.updateOrCreateBugDataset());
         System.out.println("End Wireshark : " + (System.currentTimeMillis() - time));
         time = System.currentTimeMillis();
         System.out.println("Start SSL");
         dataset = updateOrCreateDatasetFor(CProjects.OPEN_SSL);
         collector = new BugCollector(dataset);
         Utils.saveBugDataset(collector.updateOrCreateBugDataset());
-        System.out.println("End SSL : " + (System.currentTimeMillis() - time));
+        System.out.println("End SSL : " + (System.currentTimeMillis() - time));*/
+        BugDataset bd = loadBugDataset(CProjects.OPEN_SSL.getName());
+        final int[] filefixes = {0};
+        Map<String, Integer> files = new HashMap<>();
+        for (Map.Entry<String, Commit> bug : bd.getDataset().entrySet()) {
+                        bug.getValue().getFixes().forEach(fileFix -> {
+                                    files.merge(fileFix.getFileAfter().getFilePath(), 1, Integer::sum);
+                                    filefixes[0]++;
+                                }
+                        );
+                    }
+
+        Map<String, Integer> topTenfiles =
+                files.entrySet().stream()
+                        .sorted(Map.Entry.comparingByValue(Comparator.reverseOrder()))
+                        .limit(12)
+                        .collect(Collectors.toMap(
+                                Map.Entry::getKey, Map.Entry::getValue, (e1, e2) -> e1, LinkedHashMap::new));
+        int i =0;
     }
 }

src/main/java/framevpm/bugcollector/Readme.md

@@ -88,30 +88,30 @@ Utils.loadBugDataset(CProjects.WIRESHARK.getName());
 
 As of 5th June 2018
 
-| Projects   | Time to create | Dataset size |Number of BugId | Number of Commit | Number of FileFix| Number of Unique Buggy Files |
-|:----------:|:--------------:|:------------:|:--------------:|:----------------:|:----------------:|:----------------------------:|
-|Linux Kernel|56 mn           |481.8 MB      |                |                  |5.41              |5.34                          | 
-|Wireshark   |166mn           |1.96 GB           |                |                  |4.99              |5.01                          | 
-|OpenSSL     |19   mn         |576 MB           |                |                  |5.34              |5.42                          |
-|SystemD     |11 mn           |393,7 MB      |                |                  |5.76              |5.60                          | 
-|Total       |  mn            |   GB         |                |                  |5.375             |5.34                          |
+| Projects   | Time to create | Dataset size | Number of Commit | Number of FileFix| Number of Unique Buggy Files |
+|:----------:|:--------------:|:------------:|:----------------:|:----------------:|:----------------------------:|
+|Linux Kernel|  56 mn         | 481.8  MB    |  3160            |  5193            | 2428                         | 
+|Wireshark   | 166 mn         |   1.96 GB    |  3871            |  8019            | 1907                         | 
+|OpenSSL     |  19 mn         | 576    MB    |  2442            |  7741            | 1733                         |
+|SystemD     |  11 mn         | 393.7  MB    |  1868            |  3538            |  925                         |
+|Total       | 252 mn         |   3.4  GB    | 11341            | 24491            | 6993                         |
 
 
 
 ### Top 10 Buggy Files
 
-| Rank | Linux                     | Wireshark                              | OpenSSL                    | SystemD                                |
-|:----:|:--------------------------|:---------------------------------------|:---------------------------|:---------------------------------------|
-| 1    | arch/x86/kvm/x86.c (17)   | epan/proto.c (24)                      | ssl/s3_clnt.c (53)         | src/resolve/resolved-dns-packet.c (2)  |
-| 2    | fs/namei.c (14)           | epan/dissectors/packet-nbap.c (19)     | ssl/s3_srvr.c (41)         | src/resolve/resolved-dns-packet.h (1)  |
-| 3    | net/socket.c (14)         | epan/dissectors/packet-ncp2222.inc (19)| ssl/d1_both.c (35)         | src/util.c (1)                         |
-| 4    | kernel/signal.c (14)      | epan/dissectors/packet-wccp.c (18)     | ssl/t1_lib.c (34)          | src/nss-mymachines/nss-mymachines.c (1)|
-| 5    | fs/namespace.c (14)       | epan/crypt/airpdcap.c (18)             | ssl/d1_pkt.c (22)          | src/tmpfiles/tmpfiles.c (1)            |
-| 6    | kernel/bpf/verifier.c (13)| epan/dissectors/packet-ber.c (17)      | crypto/asn1/tasn_dec.c (20)|                                        |
-| 7    | net/sctp/socket.c (13)    | epan/dissectors/packet-umts_fp.c (16)  | ssl/ssl.h (20)             |                                        |
-| 8    | fs/exec.c (13)            | epan/dissectors/packet-wbxml.c (15)    | ssl/s3_pkt.c (20)          |                                        |
-| 9    | arch/x86/kvm/vmx.c (13)   | epan/dissectors/packet-wsp.c (14)      | ssl/ssl_err.c (17)         |                                        |
-| 10   | fs/open.c (12)            | epan/dissectors/packet-wcp.c (13)      | crypto/x509/x509_vfy.c (16)|                                        |
+| Rank | Linux                                     | Wireshark                                | OpenSSL              | SystemD                          |
+|:----:|:------------------------------------------|:-----------------------------------------|:---------------------|:---------------------------------|
+| 1    | drivers/acpi/ec.c (96)                    | epan/dissectors/packet-ssl-utils.c (116) | ssl/s3_srvr.c (96)   | src/systemctl/systemctl.c (62)   |
+| 2    | sound/pci/hda/patch_realtek.c(79)         | ui/qt/main_window_slots.cpp (103)        | ssl/s3_clnt.c (88)   | src/network/networkd-link.c (52) |
+| 3    | drivers/acpi/video.c (57)                 | ui/qt/main_window.cpp (94)               | ssl/ssl_lib.c (79)   | Makefile.am (46)                 |
+| 4    | drivers/acpi/osl.c (36)                   | epan/dissectors/packet-ieee80211.c (91)  | apps/s_server.c (78) | man/systemd.exec.xml (45)        |
+| 5    | drivers/gpu/drm/i915/intel_display.c (33) |"epan/dissectors/packet-ssl-utils.h (76)  | ssl/ssl.h (67)       | meson.build (44)                 |
+| 6    | drivers/acpi/scan.c (31)                  | epan/dissectors/packet-tcp.c (66)        | apps/s_client.c (66) | man/systemd.network.xml (43)     |
+| 7    | drivers/acpi/sleep.c (30)                 | ui/qt/packet_list.cpp (63)               | ssl/t1_lib.c (62)    | src/nspawn/nspawn.c (43)         |
+| 8    | drivers/acpi/processor_idle.c (28)        | epan/dissectors/packet-ssl.c (61)        | ssl/s3_lib.c (62)    | hwdb/60-evdev.hwdb (37)          |
+| 9    | drivers/pci/quirks.c (26)                 | epan/proto.c (55)                        | ssl/ssl_locl.h (61)  | hwdb/60-sensor.hwdb (35)         |
+| 10   | drivers/ata/libata-core.c (24)            | epan/dissectors/packet-bgp.c (54)        | ssl/s3_pkt.c (51)    | src/core/manager.c (34)          |
 
 
 

src/main/java/framevpm/releasebalancer/Balancer.java

@@ -1,19 +1,25 @@
 package framevpm.releasebalancer;
 
+import data7.Exporter;
 import data7.Importer;
 import data7.model.Data7;
 import data7.model.change.Commit;
 import data7.model.vulnerability.Vulnerability;
+import data7.project.CProjects;
 import data7.project.ProjectFactory;
+import framevpm.Utils;
 import framevpm.bugcollector.BugCollector;
 import framevpm.bugcollector.model.BugDataset;
 import framevpm.releasebalancer.model.*;
+import framevpm.releasebalancer.project.CProjectsInfo;
 import framevpm.releasebalancer.project.ProjectInfoFactory;
 
 import java.io.IOException;
 import java.text.ParseException;
 import java.util.*;
 
+import static data7.Importer.updateOrCreateDatasetFor;
+
 /**
  *
  */
@@ -41,7 +47,7 @@ public Balancer(String project) {
 
     public ProjectData balance(boolean bugs) throws IOException, ClassNotFoundException, ParseException {
         System.out.println("Starting processing: " + project);
-        Data7 data7 = Importer.updateOrCreateDatasetFor(ProjectFactory.retrieveProjectInfo(project));
+        Data7 data7 = Exporter.loadDataset(project);
         prepareVuln(data7);
         if (bugs) {
             prepareBug(data7);
@@ -70,13 +76,13 @@ private void prepareVuln(Data7 data7) {
 
     private void prepareBug(Data7 data7) throws IOException, ClassNotFoundException {
         final int[] count = {0};
-        BugDataset bugDataset = new BugCollector(data7).updateOrCreateBugDataset();
+        BugDataset bugDataset = Utils.loadBugDataset(data7.getProject().getName());
         Set<Map.Entry<String, Commit>> bugds = bugDataset.getDataset().entrySet();
 
         for (Map.Entry<String, Commit> bug : bugds) {
             if (!vulnerabilityHash.contains(bug.getKey()) && commitMessageFiltering.add(bug.getValue().getMessage().toLowerCase())) {
                 Map.Entry<Long, String> release = releases.floorEntry(bug.getValue().getTimestamp());
-                if (release != null) {
+                if (releases.size() > 0) {
                     String rel = release.getValue();
                     ReleaseData releaseData = projectData.getOrCreateRelease(rel);
                     bug.getValue().getFixes().forEach(fileFix -> {
@@ -260,4 +266,27 @@ private List<String> lookForCorrespondingRelease(long timestamp, Set<String> ver
     }
 
 
+    public static void main(String[] args) throws ParseException, IOException, ClassNotFoundException {
+        long time = System.currentTimeMillis();
+        System.out.println("Start Linux");
+        Balancer balancer = new Balancer(CProjects.LINUX_KERNEL.getName());
+        Utils.saveProjectData(balancer.balance(true));
+        System.out.println("End Linux : " + (System.currentTimeMillis() - time));
+        time = System.currentTimeMillis();
+        System.out.println("Start SystemD");
+        balancer = new Balancer(CProjects.SYSTEMD.getName());
+        Utils.saveProjectData(balancer.balance(true));
+        System.out.println("End SystemD : " + (System.currentTimeMillis() - time));
+        time = System.currentTimeMillis();
+        System.out.println("Start Wireshark");
+        balancer = new Balancer(CProjects.WIRESHARK.getName());
+        Utils.saveProjectData(balancer.balance(true));
+        System.out.println("End Wireshark : " + (System.currentTimeMillis() - time));
+        time = System.currentTimeMillis();
+        System.out.println("Start SSL");
+        balancer = new Balancer(CProjects.OPEN_SSL.getName());
+        Utils.saveProjectData(balancer.balance(true));
+        System.out.println("End SSL : " + (System.currentTimeMillis() - time));
+    }
+
 }

src/main/java/framevpm/releasebalancer/Readme.md

@@ -4,7 +4,8 @@
 
 ## What is it?
 
-The balancer package is the first mandatory package that have to be use in the frameVPM framework. It splits the differents vulnerability fixes (and bugs if chosen so) according to the release of the software they affected.
+The balancer package is the first mandatory package in the frameVPM framework.
+Its role is to splits the different vulnerability fixes according to the release they affected and is as well use to prune the fixes to only keep the relevant ones.
 
 ## Why? 
 
@@ -17,7 +18,7 @@ Maven will handle the dependancy.
 
 ## How does it work ?
 
-
+### heuristics
 
 ## Dataset Structure