virtual HRESULT ScanLeakEx(IVulCollection **pVulCollection, DWORD dwFlags)
{
TIME_CHECK( _T("ScanLeakEx ") );
ATLASSERT(pVulCollection);
if(pVulCollection==NULL)
return E_POINTER;
HRESULT hr = S_OK;
CVulCollection *pCollection = new CImplIUnkownT<CVulCollection>;
IVulfix *pscan = new CImplVulfix;
if( (dwFlags&VULSCAN_EXPRESS_SCAN) && RequireUsingInterface())
{
// 对于需要使用接口的快速扫描, 只对比时间
pCollection->m_nStatus = pscan->ExpressScanSystem();
pCollection->m_statusValid = TRUE;
}
else
{
pCollection->m_statusValid = FALSE;
if( SUCCEEDED( hr=pscan->Scan(0) ))
{
pCollection->m_statusValid = FALSE;
_FillCollection(pscan, pCollection);
}
}
delete pscan;
*pVulCollection = pCollection;
return hr;
}
struct timespec time_now(void)
{
struct timeval now;
struct timespec ret;
gettimeofday(&now, NULL);
ret.tv_sec = now.tv_sec;
ret.tv_nsec = now.tv_usec * 1000;
return TIME_CHECK(ret);
}
WEAK void halide_dev_run(
const char* entry_name,
int blocksX, int blocksY, int blocksZ,
int threadsX, int threadsY, int threadsZ,
int shared_mem_bytes,
size_t arg_sizes[],
void* args[])
{
cl_kernel f = __get_kernel(entry_name);
#ifndef DEBUG
char msg[1];
#else
char msg[256];
snprintf(
msg, 256,
"dev_run %s with (%dx%dx%d) blks, (%dx%dx%d) threads, %d shmem (t=%lld)",
entry_name, blocksX, blocksY, blocksZ, threadsX, threadsY, threadsZ, shared_mem_bytes,
(long long)halide_current_time_ns()
);
#endif
// Pack dims
size_t global_dim[3] = {blocksX*threadsX, blocksY*threadsY, blocksZ*threadsZ};
size_t local_dim[3] = {threadsX, threadsY, threadsZ};
// Set args
int i = 0;
while (arg_sizes[i] != 0) {
CHECK_CALL( clSetKernelArg(f, i, arg_sizes[i], args[i]), "clSetKernelArg" );
i++;
}
// Set the shared mem buffer last
// Always set at least 1 byte of shmem, to keep the launch happy
CHECK_CALL( clSetKernelArg(f, i, (shared_mem_bytes > 0) ? shared_mem_bytes : 1, NULL), "clSetKernelArg" );
// Launch kernel
TIME_START();
int err =
clEnqueueNDRangeKernel(
cl_q,
f,
3,
NULL,
global_dim,
local_dim,
0, NULL, NULL
);
CHECK_ERR(err, "clEnqueueNDRangeKernel");
TIME_CHECK(msg);
}
WEAK void halide_copy_to_dev(buffer_t* buf) {
if (buf->host_dirty) {
halide_assert(buf->host && buf->dev);
size_t size = __buf_size(buf);
#ifdef DEBUG
char msg[256];
snprintf(msg, 256, "copy_to_dev (%lld bytes) %p -> %p (t=%lld)",
(long long)size, buf->host, (void*)buf->dev, (long long)halide_current_time_ns() );
#endif
halide_assert(halide_validate_dev_pointer(buf));
TIME_START();
int err = clEnqueueWriteBuffer( cl_q, (cl_mem)((void*)buf->dev), CL_TRUE, 0, size, buf->host, 0, NULL, NULL );
CHECK_ERR( err, msg );
TIME_CHECK(msg);
}
buf->host_dirty = false;
}
static cl_kernel __get_kernel(const char* entry_name) {
cl_kernel f;
#ifndef DEBUG
// char msg[1];
#else
char msg[256];
snprintf(msg, 256, "get_kernel %s (t=%lld)",
entry_name, (long long)halide_current_time_ns() );
#endif
// Get kernel function ptr
TIME_START();
int err;
f = clCreateKernel(__mod, entry_name, &err);
CHECK_ERR(err, "clCreateKernel");
TIME_CHECK(msg);
return f;
}
struct timespec time_divide(struct timespec t, unsigned long div)
{
struct timespec res;
uint64_t rem, ns;
/* Dividing seconds is simple. */
res.tv_sec = TIME_CHECK(t).tv_sec / div;
rem = t.tv_sec % div;
/* If we can't fit remainder * 1,000,000,000 in 64 bits? */
#if 0 /* ilog is great, but we use fp for multiply anyway. */
bits = ilog64(rem);
if (bits + 30 >= 64) {
/* Reduce accuracy slightly */
rem >>= (bits - (64 - 30));
div >>= (bits - (64 - 30));
}
static cl_mem __dev_malloc(size_t bytes) {
cl_mem p;
#ifndef DEBUG
// char msg[1];
#else
char msg[256];
snprintf(msg, 256, "dev_malloc (%lld bytes) (t=%lld)",
(long long)bytes, (long long)halide_current_time_ns() );
#endif
TIME_START();
int err;
p = clCreateBuffer(cl_ctx, CL_MEM_READ_WRITE, bytes, NULL, &err );
TIME_CHECK(msg);
#ifdef DEBUG
halide_printf(" returned: %p (err: %d)\n", (void*)p, err);
#endif
halide_assert(p);
return p;
}
WEAK void halide_copy_to_host(buffer_t* buf) {
if (buf->dev_dirty) {
clFinish(cl_q); // block on completion before read back
halide_assert(buf->host && buf->dev);
size_t size = __buf_size(buf);
#ifndef DEBUG
char msg[1] = { 0 };
#else
char msg[256];
snprintf(msg, 256, "copy_to_host (%lld bytes) %p -> %p", (long long)size, (void*)buf->dev, buf->host );
#endif
halide_assert(halide_validate_dev_pointer(buf, size));
TIME_START();
#ifdef DEBUG
halide_printf("%s\n", msg);
#endif
int err = clEnqueueReadBuffer( cl_q, (cl_mem)((void*)buf->dev), CL_TRUE, 0, size, buf->host, 0, NULL, NULL );
CHECK_ERR( err, msg );
TIME_CHECK(msg);
}
buf->dev_dirty = false;
}
HRESULT WINAPI ExpressScanLeak(IVulCollection **pVulCollection, DWORD dwFlags, BOOL bQuickScan)
{
TIME_CHECK( _T("ExpressScanLeak ") );
ATLASSERT(pVulCollection);
CVulCollection *pCollection = new CImplIUnkownT<CVulCollection>;
BOOL bFoundSysVuls = FALSE;
IVulfix *pscan = new CImplVulfix;
dwFlags |= VULSCAN_EXPRESS_SCAN;
if( bQuickScan && RequireUsingInterface() )
// Vista 进行快速扫描
{
pCollection->m_nStatus = pscan->ExpressScanSystem();
pCollection->m_statusValid = TRUE;
bFoundSysVuls = pCollection->m_nStatus>0;
}
else
{
pCollection->m_statusValid = FALSE;
if( SUCCEEDED( pscan->Scan(dwFlags) ))
{
const CSimpleArray<LPTUpdateItem> &arr = pscan->GetResults();
for(int i=0; i<arr.GetSize(); ++i)
{
LPTUpdateItem pLeak = arr[i];
#ifdef _DEBUG
_tcprintf(_T("-Quick.VUL %d %2d %s \n"), pLeak->nID, pLeak->nWarnLevel, pLeak->strName);
#endif
if( pLeak->isIgnored || pLeak->nWarnLevel<=0 || pLeak->isExclusive )
continue;
TOverviewItem item;
item.nLeakType = VTYPE_WINDOWS;
item.nID = pLeak->nID;
item.nLeakLevel = pLeak->nWarnLevel;
item.dwFlags = pLeak->dwVFlags;
item.strTitle = pLeak->strName;
item.strDescription = pLeak->strDescription;
item.strPubDate = pLeak->strPubdate;
pCollection->leaks.Add( item );
}
}
bFoundSysVuls = pCollection->leaks.GetSize()>0;
// 如果没有找到系统漏洞, 则搜索软件漏洞
if(!bFoundSysVuls)
{
const CSimpleArray<LPTVulSoft> &arr = pscan->GetSoftVuls();
for(int i=0; i<arr.GetSize(); ++i)
{
LPTVulSoft psoft = arr[i];
#ifdef _DEBUG
_tcprintf(_T("-Quick.SOFT %d %2d %s \n"), psoft->nID, psoft->nLevel, psoft->strName);
#endif
if(psoft->isIgnored || psoft->state.comState==COM_ALL_DISABLED)
continue;
TOverviewItem item;
item.nLeakType = VTYPE_SOFTLEAK;
item.nID = psoft->nID;
item.nLeakLevel = psoft->nLevel;
item.dwFlags = 0;
item.strTitle = psoft->strName;
item.strDescription = psoft->strDescription;
item.strPubDate = psoft->strPubdate;
pCollection->leaks.Add( item );
}
}
}
delete pscan;
*pVulCollection = pCollection;
return S_OK;
}
HRESULT CImplVulfix::Scan(DWORD dwFlags)
{
TIME_CHECK( _T("CImplVulfix::Scan ") );
m_Canceled = FALSE;
T_ComInit __init__com__;
HRESULT hr ;
do
{
Reset();
GetLangID();
CSysEnv& sysEnv = singleton<CSysEnv>::Instance();
sysEnv.Init();
if( FAILED( hr=sysEnv.IsSupported(FALSE) ) )
break;
Init();
m_objIgnore.LoadIgnoreDB();
CString filenameSystem, filenameOffice, filenameSoft;
GetXmlDBFileName(VTYPE_WINDOWS, filenameSystem, IsWin64());
GetXmlDBFileName(VTYPE_OFFICE, filenameOffice, FALSE);
GetXmlDBFileName(VTYPE_SOFTLEAK, filenameSoft, FALSE);
if( !PathFileExists(filenameSystem) && !PathFileExists(filenameOffice) && !PathFileExists(filenameSoft) )
{
hr = KERR_LOAD_FILE;
break;
}
m_pFilterOS = CreateOSFilter(sysEnv.m_WinVer, dwFlags);
InitOSFilter( m_pFilterOS, sysEnv.m_WinVer, dwFlags);
if( m_pFilterOS->WaitComplete() )
{
m_dbOS.SetObserver( m_Observer );
m_dbOffice.SetObserver( m_Observer );
m_dbSoft.SetObserver( m_Observer );
m_pFilterOS->SetIIgnore( &m_objIgnore );
CString filename;
try
{
FixLocale();
//BOOL bWin64 = IsWin64();
//PVOID OldValue = NULL;
//if(bWin64)
// Wow64DisableWow64FsRedirection(&OldValue);
!m_Canceled && m_dbOffice.Load( filenameOffice, m_pFilterOS, dwFlags );
!m_Canceled && sysEnv.IsLangSupported() && sysEnv.IsOsSupported() && m_dbOS.Load( filenameSystem, m_pFilterOS, dwFlags );
!m_Canceled && m_dbSoft.Load( filenameSoft, NULL, dwFlags);
//if(bWin64)
// Wow64RevertWow64FsRedirection(OldValue);
}
catch (...)
{
hr = KERR_LOAD_FILE;
}
CSimpleArray<LPTUpdateItem> arrLeaks;
CSimpleArray<TReplacedUpdate*> arrReplaced;
m_dbOS.GetUnfixedLeakList( arrLeaks, m_arrFixedVuls, m_arrInvalid, arrReplaced );
m_dbOffice.GetUnfixedLeakList( arrLeaks, m_arrFixedVuls, m_arrInvalid, arrReplaced );
const CSimpleArray<int> &arrExpired = m_dbOS.GetExpiredIds();
CSimpleArray<int> arrReplacedId;
for(int i=0; i<arrReplaced.GetSize(); ++i)
{
arrReplacedId.Add( arrReplaced[i]->nKBID );
}
// select soft ignored vuls
CSimpleArray<LPTVulSoft> arrSoftLeaks;
m_dbSoft.GetUnfixedLeakList( arrSoftLeaks );
for(int i=0; i<arrSoftLeaks.GetSize(); ++i)
{
LPTVulSoft ps = arrSoftLeaks[i];
ps->isIgnored = m_objIgnore.IsIgnored( ps->nID );
if( ps->isIgnored )
{
LPTUpdateItem pu = new TUpdateItem;
pu->m_nType = VTYPE_SOFTLEAK;
pu->nID = ps->nID;
pu->strName = ps->matchedItem.strName;
pu->strDescription = ps->strDescription;
pu->strWebpage = ps->matchedItem.strWebpage;
pu->nWarnLevel = ps->nLevel;
pu->strPubdate = ps->strPubdate;
m_arrIgnoredVuls.Add( pu );
m_arrIgnoredVulsFromSoft.Add( pu );
}
else
m_arrSoftLeaks.Add( ps );
}
// select installable, ignored , expired
for(int i=0; i<arrLeaks.GetSize(); ++i )
{
LPTUpdateItem &pi = arrLeaks[i];
pi->isExpired = arrExpired.Find( pi->nID )!=-1;
if(pi->isExpired)
m_arrInvalid.Add( pi );
else if(pi->isIgnored)
m_arrIgnoredVuls.Add( pi );
else
{
bool bReplaced = arrReplacedId.Find( pi->nID )!=-1;
if(!bReplaced)
m_arrLeaks.Add( pi );
}
}
// find correct replace relationship
for(int i=0; i<arrReplaced.GetSize(); ++i)
{
TReplacedUpdate* pu = arrReplaced[i];
BOOL bInstalled = FindArrayIndex( m_arrFixedVuls, pu->nKBID )!=-1;
if( !bInstalled )
{
if( FindArrayIndex(m_arrFixedVuls, pu->nKBID2)!=-1
|| FindArrayIndex(m_arrLeaks, pu->nKBID2)!=-1
|| FindArrayIndex(m_arrIgnoredVuls, pu->nKBID2)!=-1 )
m_arrReplacedUpdates.Add( pu );
}
}
// - 保存最后无漏洞时间, 使得下次不再提示有风险
// -- 非快速扫描的结果才有效果
if( RequireUsingInterface() && !(dwFlags & VULSCAN_EXPRESS_SCAN) )
{
BOOL hasMustLeak = FALSE;
const CSimpleArray<LPTUpdateItem> &arrLeaks = GetResults();
for(int i=0; i<arrLeaks.GetSize(); ++i)
{
if(arrLeaks[i]->nWarnLevel>0)
{
hasMustLeak = TRUE;
break;
}
}
CString strVal;
if(!hasMustLeak)
{
T_Date date;
GetLatestPackgeDate(date.nYear, date.nMonth, date.nDay);
strVal.Format(_T("%04d-%02d-%02d"), date.nYear, date.nMonth, date.nDay);
}
WriteVulConfig(_T("VulScan"), _T("LastSafePkgDate"), strVal);
}
}
hr = KERR_NONE;
} while (FALSE);
return hr;
}
struct timespec time_now(void)
{
struct timespec ret;
clock_gettime(CLOCK_REALTIME, &ret);
return TIME_CHECK(ret);
}
