Merge branch 'create_benchmark' into benchmark

thesp0nge · Nov 17, 2015 · f1a8faa · f1a8faa
2 parents b5091df + 91f1236
commit f1a8faa
Show file tree

Hide file tree

Showing 4 changed files with 69 additions and 12 deletions.
diff --git a/bin/dawn b/bin/dawn
@@ -52,6 +52,7 @@ opts    = GetoptLong.new(
   [ '--config-file',            '-c',   GetoptLong::REQUIRED_ARGUMENT],
 
   # service options
+  [ '--benchmarking',           '-B',   GetoptLong::OPTIONAL_ARGUMENT],
   [ '--verbose',                '-V',   GetoptLong::NO_ARGUMENT],
   [ '--debug',                  '-D',   GetoptLong::NO_ARGUMENT],
   [ '--version',                '-v',   GetoptLong::NO_ARGUMENT],
@@ -69,6 +70,12 @@ guess = {:name=>"", :version=>"", :connected_gems=>[]}
 begin
 opts.each do |opt, val|
   case opt
+  when '--benchmarking'
+    options[:benchmarking] = true
+    @benchmark_iterations = 10
+    @benchmark_iterations = val.to_i unless val.empty?
+
+
   when '--version'
     puts "#{Dawn::VERSION} [#{Dawn::CODENAME}]"
     Kernel.exit(0)
@@ -197,9 +204,30 @@ if options[:debug]
   engine.debug = true
 end
 
+if options[:benchmarking]
+  $logger.warn "putting engine in benchmarking mode"
+  engine.benchmarking = true
+  engine.load_knowledge_base(options[:enabled_checks])
+  rows = []
+  sum = 0
+  (1..@benchmark_iterations).each do|i|
+    ret = engine.apply_all
+    b = engine.benchmark
+    rows << [engine.target, engine.name, i, b[:checks], b[:elapsed], 1.0*b[:checks] / b[:elapsed]]
+    sum += 1.0*b[:checks] / b[:elapsed]
+    engine.reset
+  end
+
+  table = Terminal::Table.new :title=>"Engine benchmark", :headings=>['Application', 'Kind', 'Iteration', 'Checks applied', 'Time (seconds)', 'Speed (checks/s)'], :rows=>rows
+  puts table
+
+  $logger.info "Mean check per second: #{sum / @benchmark_iterations}"
+  $logger.bye
+  Kernel.exit(0)
+end
 $logger.die "missing target framework option" if engine.nil?
 $logger.warn "this is a development Dawn version" if Dawn::RELEASE == "(development)"
-$logger.die "nothing to do on #{target}" if ! options[:gemfile_scan] && ! engine.can_apply? 
+$logger.die "nothing to do on #{target}" if ! options[:gemfile_scan] && ! engine.can_apply?
 
 engine.load_knowledge_base(options[:enabled_checks])
 ret = engine.apply_all
@@ -210,5 +238,6 @@ if options[:output] == "count"
   Kernel.exit(0)
 end
 
-Dawn::Reporter.new({:engine=>engine, :apply_all_code=>ret, :format=>options[:output].to_sym, :filename=>options[:filename]}).report
+Dawn::Reporter.new({:engine=>engine, :apply_all_code=>ret, :format=>options[:output].to_sym, :filename=>options[:filename]}).report unless engine.benchmarking
+
 $logger.bye
diff --git a/lib/dawn/core.rb b/lib/dawn/core.rb
@@ -131,7 +131,7 @@ def self.find_conf(create_if_none = false)
 
       # If create_if_none flag is set to true, than I'll create a config file
       # on the current directory with the default configuration.
-      conf = {"config"=>{:verbose=>false, :output=>"console", :mvc=>"", :gemfile_scan=>false, :gemfile_name=>"", :filename=>nil, :debug=>false, :exit_on_warn => false, :enabled_checks=> Dawn::Kb::BasicCheck::ALLOWED_FAMILIES}}
+      conf = {"config"=>{:verbose=>false, :output=>"console", :mvc=>"", :gemfile_scan=>false, :gemfile_name=>"", :filename=>nil, :debug=>false, :exit_on_warn => false, :enabled_checks=> Dawn::Kb::BasicCheck::ALLOWED_FAMILIES, :benchmarking=>false}}
 
       # Calculate the conf file path
       conf_path = File.expand_path('~') +'/.'+conf_name
@@ -145,7 +145,7 @@ def self.find_conf(create_if_none = false)
     end
 
     def self.read_conf(file=nil)
-      conf = {:verbose=>false, :output=>"console", :mvc=>"", :gemfile_scan=>false, :gemfile_name=>"", :filename=>nil, :debug=>false, :exit_on_warn => false, :enabled_checks=> Dawn::Kb::BasicCheck::ALLOWED_FAMILIES}
+      conf = {:verbose=>false, :output=>"console", :mvc=>"", :gemfile_scan=>false, :gemfile_name=>"", :filename=>nil, :debug=>false, :exit_on_warn => false, :enabled_checks=> Dawn::Kb::BasicCheck::ALLOWED_FAMILIES, :benchmarking=>false}
       begin
         return conf if file.nil?
         file = file.chop if (not file.nil? and file.end_with? '/')

diff --git a/lib/dawn/engine.rb b/lib/dawn/engine.rb
@@ -43,6 +43,10 @@ module Engine
     attr_reader   :applied_checks
     attr_reader   :skipped_checks
 
+    # We introduce benchmarking for apply* methods
+    attr_accessor :benchmarking
+    attr_reader   :benchmark
+
     def initialize(dir=nil, name="", options={})
       @name = name
       @scan_start = Time.now
@@ -63,6 +67,10 @@ def initialize(dir=nil, name="", options={})
       @skipped_checks = 0
       @gemfile_lock_sudo = false
 
+      @benchmark = {:checks=>0, :elapsed=>0}
+      @benchmarking = false
+      @benchmarking = options[:benchmarking] unless options[:benchmarking].nil?
+
       set_target(dir) unless dir.nil?
       @ruby_version = get_ruby_version if dir.nil?
       @gemfile_lock = options[:gemfile_name] unless options[:gemfile_name].nil? 
@@ -74,7 +82,6 @@ def initialize(dir=nil, name="", options={})
       if $logger.nil?
         $logger  = Codesake::Commons::Logging.instance
         $logger.helo "dawn-engine", Dawn::VERSION
-
       end
       $logger.warn "pattern matching security checks are disabled for Gemfile.lock scan" if @name == "Gemfile.lock"
       $logger.warn "combo security checks are disabled for Gemfile.lock scan" if @name == "Gemfile.lock"
@@ -205,7 +212,20 @@ def can_apply?
     end
 
     def get_mvc_version
-      "#{@mvc_version}" if is_good_mvc? 
+      "#{@mvc_version}" if is_good_mvc?
+    end
+
+    def reset_benchmark
+      @benchmark = {:checks=> 0, :elapsed=>0}
+      @benchmark
+    end
+    def reset
+      reset_benchmark
+      @applied = []
+      @applied_checks = 0
+      @skipped_checks = 0
+      @vulnerabilities = []
+      @mitigated_issues = []
     end
 
     ## Security stuff applies here
@@ -215,8 +235,8 @@ def get_mvc_version
     # name - the security check to be applied
     #
     # Examples
-    #   
-    #   engine.apply("CVE-2013-1800") 
+    #
+    #   engine.apply("CVE-2013-1800")
     #   # => boolean
     #
     # Returns a true value if the security check was successfully applied or false
@@ -237,6 +257,9 @@ def apply(name)
 
       return false if @checks.empty?
 
+      debug_me "engine enters benchmarking #{@benchmark}" if @benchmarking
+      start = Time.now if @benchmarking
+
       @checks.each do |check|
         if check.name == name
           unless ((check.kind == Dawn::KnowledgeBase::PATTERN_MATCH_CHECK || check.kind == Dawn::KnowledgeBase::COMBO_CHECK ) && @name == "Gemfile.lock")
@@ -262,6 +285,7 @@ def apply(name)
             @skipped_checks += 1
           end
         end
+        @benchmark = {:checks=> @applied_checks - @skipped_checks, :elapsed=>Time.now-start} if @benchmarking
       end
 
       false
@@ -289,6 +313,9 @@ def apply_all
         return false
       end
 
+      debug_me "engine enters benchmarking #{@benchmark}" if @benchmarking
+      start = Time.now if @benchmarking
+
       @checks.each do |check|
         unless ((check.kind == Dawn::KnowledgeBase::PATTERN_MATCH_CHECK || check.kind == Dawn::KnowledgeBase::COMBO_CHECK ) && @gemfile_lock_sudo)
 
@@ -312,6 +339,7 @@ def apply_all
           debug_me "skipping check #{check.name}"
           @skipped_checks += 1
         end
+        @benchmark = {:checks=> @applied_checks - @skipped_checks, :elapsed=>Time.now-start} if @benchmarking
       end
       @scan_stop = Time.now
       debug_me("SCAN STOPPED: #{@scan_stop}")

diff --git a/lib/dawn/version.rb b/lib/dawn/version.rb
@@ -1,7 +1,7 @@
 module Dawn
-    VERSION = "1.4.2"
+    VERSION = "1.4.g95692df"
     CODENAME = "Tow Mater"
-    RELEASE = "20151013"
-    BUILD = "5"
-    COMMIT = "g1f95333"
+    RELEASE = "(development)"
+    BUILD = "9"
+    COMMIT = "g95692df"
 end