{"id":5012,"date":"2021-11-23T16:58:17","date_gmt":"2021-11-23T07:58:17","guid":{"rendered":"\/blog\/?p=5012"},"modified":"2023-09-21T09:26:28","modified_gmt":"2023-09-21T00:26:28","slug":"fpr-fpr-%eb%82%b4-%ed%8c%8c%ec%9d%bc-%ec%88%98%ec%99%80-%ec%8b%a4-%ed%8c%8c%ec%9d%bc-%ec%88%98-%eb%b9%84%ea%b5%90-%ec%8a%a4%ed%81%ac%eb%a6%bd%ed%8a%b8","status":"publish","type":"post","link":"https:\/\/hasu0707.duckdns.org\/blog\/?p=5012","title":{"rendered":"[FPR] FPR \ub0b4 \ud30c\uc77c \uc218\uc640 \uc2e4 \ud30c\uc77c \uc218 \ube44\uad50 \uc2a4\ud06c\ub9bd\ud2b8"},"content":{"rendered":"\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"shell\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">#!\/bin\/bash\n#####################################################################\n#\n# Fortify SCA FPR\ud30c\uc77c \ub0b4 \ubd84\uc11d\ub41c \uc18c\uc2a4\ud30c\uc77c \uc218\uc640 \uc2e4 \ub514\ub809\ud1a0\ub9ac \ub0b4\uc5d0\n# \uc18c\uc2a4\ud30c\uc77c \uc218\ub97c \ube44\uad50\ud55c\ub2e4.\n#\n# \uc708\ub3c4\uc6b0\uc5d0\uc11c \uc2e4\ud589 \uc2dc:\n# bash -c \".\/comp_src_count.sh\"\n#\n# by \uc774\uc874\uc11d(hasu0707@esvali.com)\n#\n#####################################################################\nDEBUG_ON=0\nVERSION=0.1\nWIN_MINGW_DIR=\"\/cygdrive\/c\/PortableApps\/cmd_cygwin_x86_64\"\nFPR_TMP_DIR=\".\/fpr_tmp\"\nRESULT_FILE=\".\/comp_src_count.csv\"\nFPR_DIR=\"\/root\/fpr\"\nFPR_SRCCOUNT=0\nSRCFILE_COUNT=0\n\n#####################################################################\n#\n# \uc0ac\uc6a9\ubc29\ubc95 \ucd9c\ub825\n#\n#####################################################################\nfunc_usage() {\n  echo \"$0 ver.${VERSION}\"\n}\n\n#####################################################################\n#\n# \ucd08\uae30\ud654\n#\n#####################################################################\nfunc_init() {\n  if [ ${DEBUG_ON} -eq 1 ]\n  then\n    echo \">> func_init()\"\n  fi\n\n  if [ -z \"${WINDIR}\" ]; then\n    IS_WINDOWS=0\n  else\n    IS_WINDOWS=1\n  fi\n\n  if [ ${IS_WINDOWS} -eq 1 ]; then\n    DEVNULL=null.dev\n    WINCMD=\"\/cygdrive\/c\/Windows\/System32\/cmd.exe \/C\"\n    PATH=${WIN_MINGW_DIR}\/bin:${PATH}\n    ECHO_CMD=\"${WIN_MINGW_DIR}\/bin\/echo\"\n    FIND_CMD=\"${WIN_MINGW_DIR}\/bin\/find\"\n  else\n    DEVNULL=\/dev\/null\n    WINCMD=\"\"\n    ECHO_CMD=\"echo\"\n    FIND_CMD=\"find\"\n  fi\n}\n\n#####################################################################\n#\n# \ud544\uc694\ud55c \uc720\ud2f8\ub9ac\ud2f0\uac00 \uc788\ub294\uc9c0 \uac80\uc0ac\n#\n#####################################################################\nfunc_check_utils() {\n  if [ ${DEBUG_ON} -eq 1 ]\n  then\n    echo \">> func_check_utils()\"\n  fi\n\n  local IS_EXIT=0;\n  UTILNAMES=( \"grep\" \"unzip\" \"find\")\n\n  # \uc708\ub3c4\uc6b0 \uc720\ud2f8\ub9ac\ud2f0 \uccb4\ud0b9\n  if [ ${IS_WINDOWS} -eq 1 ]; then\n    if [ ! -e ${WIN_MINGW_DIR}\/bin\/xmllint ] || [ ! -e ${WIN_MINGW_DIR}\/bin\/unzip ] || [ ! -e ${WIN_MINGW_DIR}\/bin\/sed ] || [ ! -e ${WIN_MINGW_DIR}\/bin\/basename ]; then\n      echo \"ERROR: ${WIN_MINGW_DIR} not found !\"\n      IS_EXIT=1\n    fi\n\n    if [ ${IS_EXIT} -ne 0 ]; then\n      exit 1\n    fi\n    return\n  fi\n\n  # \ub9ac\ub205\uc2a4 \uc720\ud2f8\ub9ac\ud2f0 \uccb4\ud0b9\n  for LOOP1 in \"${UTILNAMES[@]}\"\n  do\n    which ${LOOP1} > ${DEVNULL}\n    if [ $? -ne 0 ]; then\n      echo \"ERROR: ${LOOP1} not found !\"\n      IS_EXIT=1\n    fi\n  done\n\n  # \uc5c6\ub294 \uc720\ud2f8\ub9ac\ud2f0\uac00 \uc788\uc73c\uba74 \uc2a4\ud06c\ub9bd\ud2b8 \uc885\ub8cc\n  if [ ${IS_EXIT} -ne 0 ]; then\n    exit 1\n  fi\n\n  unset UTILNAMES\n}\n\n#####################################################################\n#\n# \uc784\uc2dc \ubc0f \ubd88\ud544\uc694\ud55c \ud30c\uc77c \uc0ad\uc81c\n#\n#####################################################################\nfunc_clean() {\n  if [ ${DEBUG_ON} -eq 1 ]\n  then\n    echo \">> func_clean()\"\n  fi\n\n  if [ ${IS_WINDOWS} -eq 1 ]; then\n    rm -f ${DEVNULL}\n  fi\n\n  rm -rf ${FPR_TMP_DIR}\n}\n\n#####################################################################\n#\n# FPR\ud30c\uc77c unzip\n# $1 : fpr \ud30c\uc77c\uba85\n#\n#####################################################################\nfunc_unzip() {\n  if [ ${DEBUG_ON} -eq 1 ]\n  then\n    echo \">> func_unzip()\"\n  fi\n\n  if [ -d ${FPR_TMP_DIR} ]\n  then\n    rm -rf ${FPR_TMP_DIR}\n  fi\n  mkdir ${FPR_TMP_DIR}\n  unzip $1 -d ${FPR_TMP_DIR} audit.fvdl audit.xml filtertemplate.xml &amp;> ${DEVNULL}\n}\n\n#####################################################################\n#\n# audit.fvdl\uc5d0\uc11c \ud30c\uc77c\uc218\ub97c \ucd94\ucd9c\ud55c\ub2e4.\n#\n#####################################################################\nfunc_get_srccount() {\n  if [ ${DEBUG_ON} -eq 1 ]\n  then\n    echo \">> func_get_srccount()\"\n  fi\n\n  FPR_SRCCOUNT=$(grep -e \"&lt;NumberFiles>.*&lt;\/NumberFiles>\" ${FPR_TMP_DIR}\/audit.fvdl | cut -d \">\" -f2 | cut -d \"&lt;\" -f1)\n\n  # \ud30c\uc77c \uac2f\uc218 \ucd9c\ub825\n  if [ ${DEBUG_ON} -eq 1 ]\n  then\n    echo \">> fpr src count: ${FPR_SRCCOUNT}\"\n  fi\n}\n\n#####################################################################\n#\n# \ud2b9\uc815 \ub514\ub809\ud1a0\ub9ac\uc5d0\uc11c \uc18c\uc2a4\ud30c\uc77c\uc744 \ucc3e\ub294\ub2e4.\n#\n#####################################################################\nfunc_get_file_count() {\n  if [ ${DEBUG_ON} -eq 1 ]\n  then\n    echo \">> func_get_file_count()\"\n  fi\n\n  SRCFILE_COUNT=$(${FIND_CMD} \"${1}\" -type f -name *.java -o -name *.php -o -name *.xml -o -name *.html -o -name *.js -o -name *.jsp -o -name *.kt -o -name *.conf -o -name *.cs -o -name *.py -o -name *.properties | wc -l)\n\n  # \ud30c\uc77c \uac2f\uc218 \ucd9c\ub825\n  if [ ${DEBUG_ON} -eq 1 ]\n  then\n    echo \">> file src count: ${SRCFILE_COUNT}\"\n  fi\n}\n\n#####################################################################\n#\n# Prefix\ub97c \ubc1b\uc544\uc11c \ud574\ub2f9 \uc5c5\ubb34\uc758 \uac00\uc7a5 \ucd5c\uadfc FPR \ud30c\uc77c\uba85\uc744 \uc54c\uc544\ub0b8\ub2e4.\n#\n#####################################################################\nget_last_fpr_filename() {\n  unset ${FPR_FILENAME}\n  FPR_FILENAME=`ls -1r ${FPR_DIR}\/${1}_*.fpr | head -n 1`\n}\n\n#####################################################################\n#\n# \uacb0\uacfc\ub97c \ucd9c\ub825\ud55c\ub2e4.\n#\n#####################################################################\nfunc_print_result() {\n  ${ECHO_CMD} \"${1},${2},${FPR_SRCCOUNT},${SRCFILE_COUNT}\"\n  ${ECHO_CMD} \"${1},${2},${FPR_SRCCOUNT},${SRCFILE_COUNT}\" >> ${RESULT_FILE}\n}\n\n#####################################################################\n#\n# \ud558\ub098\uc758 \uc5c5\ubb34\uc5d0 \ub300\ud55c \ubd84\uc11d \uc2e4\ud589\n#\n#####################################################################\nfunc_comp_src_count() {\n  # FPR \ub514\ub809\ud1a0\ub9ac\uc5d0\uc11c \uac00\uc7a5 \ucd5c\uadfc\uc758 FPR \ud30c\uc77c\uc758 \ud30c\uc77c\uba85\uc744 \uc54c\uc544\ub0b8\ub2e4.\n  get_last_fpr_filename ${1}\n  if  [ ! ${FPR_FILENAME} ]\n  then\n    echo \"ERROR: FPR file not found ! (${1})\"\n    return 1\n  fi\n\n  # FPR \ud30c\uc77c \uc874\uc7ac \uc5ec\ubd80 \uccb4\ud06c\n  #if [ ! -e ${1} ]; then\n  #  echo \"ERROR: ${1} not found !\"\n  #  return\n  #fi\n\n  # \uc18c\uc2a4 \ub514\ub809\ud1a0\ub9ac \uc874\uc7ac \uc5ec\ubd80 \uccb4\ud06c\n  if [ ! -d ${2} ]; then\n    echo \"ERROR: ${2} not found !\"\n    return\n  fi\n\n  func_unzip \"${FPR_FILENAME}\"\n  func_get_srccount\n  func_get_file_count \"${2}\"\n  func_print_result \"${FPR_FILENAME}\" \"${2}\"\n  func_clean\n}\n\n#####################################################################\n#\n# main\n#\n#####################################################################\nfunc_usage\nfunc_init\nfunc_check_utils\n\n${ECHO_CMD} \"FPR,SRCDIR,COUNT_IN_FPR,COUNT_IN_SRCDIR\" > ${RESULT_FILE}\n\n#####################################################################\n# \uc774 \uc544\ub798\ub85c \uc5c5\ubb34\uc758 \uc774\ub2c8\uc15c\uacfc \uc18c\uc2a4 \ub514\ub809\ud1a0\ub9ac\ub97c \ub098\uc5f4\ud55c\ub2e4.\n#####################################################################\nfunc_comp_src_count \"webgoat\" \".\/webgoat\"\nfunc_comp_src_count \"webgoat\" \".\/webgoat\"\nfunc_comp_src_count \"webgoat\" \".\/webgoat\"<\/pre>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_import_markdown_pro_load_document_selector":0,"_import_markdown_pro_submit_text_textarea":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[66],"tags":[],"class_list":["post-5012","post","type-post","status-publish","format-standard","hentry","category-computing_fortify"],"_links":{"self":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/posts\/5012","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5012"}],"version-history":[{"count":0,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/posts\/5012\/revisions"}],"wp:attachment":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5012"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5012"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5012"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}