feat: 添加unittest测试
This commit is contained in:
		
							
								
								
									
										87
									
								
								detection/backdoor_detection.py
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										87
									
								
								detection/backdoor_detection.py
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,87 @@ | |||||||
|  | """ | ||||||
|  | Usage: python backdoor_detection.py your_file_path | ||||||
|  | """ | ||||||
|  |  | ||||||
|  | import re | ||||||
|  | from typing import List, Tuple, Dict | ||||||
|  | import sys | ||||||
|  |  | ||||||
|  |  | ||||||
|  | def read_file_content(file_path: str) -> str: | ||||||
|  |     """ | ||||||
|  |     Reads and returns the content of a specified file. Exits the program with an error if the file does not exist or cannot be read. | ||||||
|  |  | ||||||
|  |     :param file_path: The full path to the file. | ||||||
|  |     :return: The text content of the file. | ||||||
|  |     :raises FileNotFoundError: If the file does not exist. | ||||||
|  |     :raises IOError: If the file cannot be read. | ||||||
|  |     """ | ||||||
|  |     try: | ||||||
|  |         with open(file_path, "r", encoding="utf-8") as file: | ||||||
|  |             return file.read() | ||||||
|  |     except FileNotFoundError: | ||||||
|  |         print("Error: File not found.") | ||||||
|  |         sys.exit(1) | ||||||
|  |     except IOError: | ||||||
|  |         print("Error: Could not read file.") | ||||||
|  |         sys.exit(1) | ||||||
|  |  | ||||||
|  |  | ||||||
|  | def find_dangerous_functions(file_content: str) -> Dict[str, List[Tuple[int, str]]]: | ||||||
|  |     """ | ||||||
|  |     Searches the given code text for potentially dangerous function calls and classifies results by risk level. | ||||||
|  |     Ignores comments in the code. | ||||||
|  |  | ||||||
|  |     :param file_content: String content of the code file. | ||||||
|  |     :return: Dictionary with risk levels as keys and lists of tuples (line number, matched line content) as values. | ||||||
|  |     """ | ||||||
|  |     # Define dangerous functions and their risk levels | ||||||
|  |     patterns: Dict[str, str] = { | ||||||
|  |         r"\bsystem\(": "high", | ||||||
|  |         r"\bexec\(": "high", | ||||||
|  |         r"\bpopen\(": "medium", | ||||||
|  |         r"\beval\(": "high", | ||||||
|  |         r"\bsubprocess\.run\(": "medium", | ||||||
|  |     } | ||||||
|  |     # Store results classified by risk level | ||||||
|  |     classified_results = {"high": [], "medium": [], "low": []} | ||||||
|  |     for line_number, line in enumerate(file_content.split("\n"), start=1): | ||||||
|  |         # Remove comments from the line | ||||||
|  |         clean_line = line.split("#")[0].strip() | ||||||
|  |         if not clean_line:  # Skip empty or comment-only lines | ||||||
|  |             continue | ||||||
|  |         found = False | ||||||
|  |         for pattern, risk_level in patterns.items(): | ||||||
|  |             if re.search(pattern, clean_line): | ||||||
|  |                 classified_results[risk_level].append((line_number, clean_line)) | ||||||
|  |                 found = True | ||||||
|  |                 break  # Stop checking other patterns once a match is found | ||||||
|  |     return classified_results | ||||||
|  |  | ||||||
|  |  | ||||||
|  | def main(file_path: str): | ||||||
|  |     """ | ||||||
|  |     Main function that reads file content, checks for dangerous functions, and outputs classified results by risk level. | ||||||
|  |  | ||||||
|  |     :param file_path: File path input from the command line. | ||||||
|  |     """ | ||||||
|  |     file_content = read_file_content(file_path) | ||||||
|  |     classified_dangerous = find_dangerous_functions(file_content) | ||||||
|  |     for risk_level in [ | ||||||
|  |         "high", | ||||||
|  |         "medium", | ||||||
|  |     ]:  # Only iterate over high and medium risk levels | ||||||
|  |         occurrences = classified_dangerous[risk_level] | ||||||
|  |         if occurrences: | ||||||
|  |             print(f"Dangerous functions found at risk level {risk_level}:") | ||||||
|  |             for line_num, func in occurrences: | ||||||
|  |                 print(f"  Line {line_num}: {func}") | ||||||
|  |         else: | ||||||
|  |             print(f"No dangerous functions found at risk level {risk_level}.") | ||||||
|  |  | ||||||
|  |  | ||||||
|  | if __name__ == "__main__": | ||||||
|  |     if len(sys.argv) < 2: | ||||||
|  |         print("Usage: python script.py <file_path>") | ||||||
|  |         sys.exit(1) | ||||||
|  |     main(sys.argv[1]) | ||||||
							
								
								
									
										55
									
								
								tests/test_backdoor_detection.py
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										55
									
								
								tests/test_backdoor_detection.py
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,55 @@ | |||||||
|  | import unittest | ||||||
|  | from detection.backdoor_detection import find_dangerous_functions | ||||||
|  |  | ||||||
|  |  | ||||||
|  | class TestBackdoorDetection(unittest.TestCase): | ||||||
|  |     def test_high_risk_detection(self): | ||||||
|  |         content = """import os | ||||||
|  |         os.system('rm -rf /')   # high risk | ||||||
|  |         exec('print("Hello")')  # high risk | ||||||
|  |         eval('2 + 2')   # high risk | ||||||
|  |         """ | ||||||
|  |         results = find_dangerous_functions(content) | ||||||
|  |         self.assertIn((2, "os.system('rm -rf /')"), results["high"]) | ||||||
|  |         self.assertIn((3, "exec('print(\"Hello\")')"), results["high"]) | ||||||
|  |         self.assertIn((4, "eval('2 + 2')"), results["high"]) | ||||||
|  |  | ||||||
|  |     def test_medium_risk_detection(self): | ||||||
|  |         content = """import subprocess | ||||||
|  |         subprocess.run(['ls', '-l'])    # medium risk | ||||||
|  |         import os | ||||||
|  |         os.popen('ls')  # medium risk | ||||||
|  |         """ | ||||||
|  |         results = find_dangerous_functions(content) | ||||||
|  |         self.assertIn((2, "subprocess.run(['ls', '-l'])"), results["medium"]) | ||||||
|  |         self.assertIn((4, "os.popen('ls')"), results["medium"]) | ||||||
|  |  | ||||||
|  |     def test_no_risk_detection(self): | ||||||
|  |         content = """a = 10 | ||||||
|  |         b = a + 5 | ||||||
|  |         print('This should not be detected as risky.') | ||||||
|  |         """ | ||||||
|  |         results = find_dangerous_functions(content) | ||||||
|  |         self.assertEqual(len(results["high"]), 0) | ||||||
|  |         self.assertEqual(len(results["medium"]), 0) | ||||||
|  |         self.assertEqual(len(results["low"]), 0) | ||||||
|  |  | ||||||
|  |     def test_inclusion_of_comments(self): | ||||||
|  |         content = """# Just a comment line | ||||||
|  |         print('This is a safe line') | ||||||
|  |         eval('2 + 2')  # This should be high risk | ||||||
|  |         subprocess.run(['echo', 'hello'])  # This should be medium risk | ||||||
|  |         """ | ||||||
|  |         results = find_dangerous_functions(content) | ||||||
|  |         self.assertIn( | ||||||
|  |             (3, "eval('2 + 2')"), | ||||||
|  |             results["high"], | ||||||
|  |         ) | ||||||
|  |         self.assertIn( | ||||||
|  |             (4, "subprocess.run(['echo', 'hello'])"), | ||||||
|  |             results["medium"], | ||||||
|  |         ) | ||||||
|  |  | ||||||
|  |  | ||||||
|  | if __name__ == "__main__": | ||||||
|  |     unittest.main() | ||||||
		Reference in New Issue
	
	Block a user