Automate profiling for iOS using Xcode 12 xctrace command line tools - ios

I am trying to automate performance testing using Xcode 12 Instruments developer tool and need some help.
I want to parse .trace file into readable format and want to print leaks/CPU usage on console. I am using below xctrace command line to automate leaks/Time Profiling with Xcode 12 Instruments tool:
xcrun xctrace record --device "udid" --template "Leaks" --time-limit 10m --attach "PID" --output "xyz.trace"
xcrun xctrace export --input "xyz.trace" toc --output "xyz.xml"
Is would be really great if someone can help.
Trace file for reference: https://gofile.io/d/EpvOXa

I am not sure if I understood your problem correctly, but if I run your command, I received a an error message. The CLI-tool gave me the following instructions:
usage: xctrace export [<options>] [--toc | --xpath expression]
description:
Export given .trace using supplied query to the XML file format that can be later read and post-processed
options:
--input <file> Export data from the given .trace file
--output <path> Command output is written to the given path, if specified
--toc Present entities to export in the table of contents form
--xpath <expression> Choose elements to export using specified XPath expression
notes:
If output path is not specified, the export operation output will be written to the standard output.
Table of Contents and XPath query are two separate modes and they cannot be specified together.
examples:
xctrace export --input input.trace --toc
xctrace export --input input.trace --toc --output table_of_contents.xml
xctrace export --input input.trace --xpath '/trace-toc/run[#number="1"]/data/table[#schema="my-table-schema"]'
According to this, the parameter toc is missing the two dashes. I hope that will fix it for you.

Related

Grepping list of phpass hashes against a file

I'm trying to grep multiple strings which look like this (there's a few hundred) against a file which contains data:string
Example strings: (no sensitive data is provided, they have been modified).
$H$9a...DcuCqC/rMVmfiFNm2rqhK5vFW1
$H$9n...AHZAV.sTefg8ap8qI8U4A5fY91
$H$9o...Bi6Z3E04x6ev1ZCz0hItSh2JJ/
$H$9w...CFva1ddp8IRBkgwww3COVLf/K1
I've been researching how to grep a file of patterns against another file, and came across the following commands
grep -f strings.txt datastring.txt > output.txt
grep -Ff strings.txt datastring.txt > output.txt
But unfortunately, these commands do NOT work successfully, and only print out a handful of results to my output file. I think it may be something to do with the symbols contained in strings.txt, but I'm unsure. Any help/advice would be great.
To further mention, I'm using Cygwin on Windows (if this is relevant).
Here's an updated example:
strings.txt contains the following:
$H$9a...DcuCqC/rMVmfiFNm2rqhK5vFW1
$H$9n...AHZAV.sTefg8ap8qI8U4A5fY91
$H$9o...Bi6Z3E04x6ev1ZCz0hItSh2JJ/
$H$9w...CFva1ddp8IRBkgwww3COVLf/K1
datastring.txt contains the following:
$H$9a...DcuCqC/rMVmfiFNm2rqhK5vFW1:53491
$H$9n...AHZAV.sTefg8ap8qI8U4A5fY91:03221
$H$9o...Bi6Z3E04x6ev1ZCz0hItSh2JJ/:20521
$H$9w...CFva1ddp8IRBkgwww3COVLf/K1:30142
So technically, all lines should be included in the OUTPUT file, but only this line is outputted:
$H$9w...CFva1ddp8IRBkgwww3COVLf/K1:30142
I just don't understand.
You have showed the output of cat -A strings.txt elsewhere, which includes ^M representing a CR (carriage return) character at the end of each line:
This indicates your file has Windows line endings (CR LF) instead of the Unix line endings (only LF) that grep would expect.
You can convert files with dos2unix strings.txt and back with unix2dos strings.txt.
Alternatively, if you don't have dos2unix installed in your Cygwin environment, you can also do that with sed.
sed -i 's/\r$//' strings.txt # dos2unix
sed -i 's/$/\r/' strings.txt # unix2dos

Dyldinfo commamd not found

mac os 10.13.4
I write the command 'dyldinfo' in shell, but is wroing
-bash: dyldinfo: command not found
hope you help me
On recent versions of macOS you can run the tool with xcrun dyldinfo (as long as you have Xcode installed)
First, make sure you have either Xcode or Command Line Tools installed.
If you have one of those, you can find dyldinfo in /Library/Developer/CommandLineTools/usr/bin.
So, to run it, type this into your bash:
/Library/Developer/CommandLineTools/usr/bin/dyldinfo
You can check the dyldinfo path using following command:
$ xcrun --sdk dyldinfo
/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/dyldinfo
Showing that the command dyldinfo is under the path:/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/dyldinfo, which means commands like dyldinfo belong to Toolchains of Xcode. Therefore, 'dyldinfo' cannot be used as a separate shell command. Instead, you must invoke it by using xcrun <sdk>.
$ xcrun dyldinfo
Usage: dyldinfo [-arch <arch>] <options> <mach-o file>
-dylibs print dependent dylibs
-dr print dependent dylibs and show any recorded DR info
-rebase print addresses dyld will adjust if file not loaded at preferred address
-bind print addresses dyld will set based on symbolic lookups
-weak_bind print symbols which dyld must coalesce
-lazy_bind print addresses dyld will lazily set on first use
-export print addresses of all symbols this file exports
-opcodes print opcodes used to generate the rebase and binding information
-function_starts print table of function start addresses
-export_dot print a GraphViz .dot file of the exported symbols trie
-data_in_code print any data-in-code information

How to convert any GPX file to Xcode acceptable GPX file

I am trying to simulate a path in Xcode which has speed, latitude and longitude information.
There is a site which produces the same: http://www.bikehike.co.uk/mapview.php
I found one awk script which can convert this file to Xcode acceptable format: https://gist.github.com/scotbond/8a61cf1f4a43973e570b
Tried running this command in the terminal: awk -F script.awk bikehike_course >output.gpx
Where script.awk has the script, bikehike_course has the GPX file and output.gpx is the output file name
UPDATE
Tried: awk -f script.awk bikehike_course > output.gpx
Error: awk: syntax error at source line 1 source file adjust_gpx_to_apple_format.awk
context is
awk >>> ' <<<
awk: bailing out at source line 24
I think the syntax of the GPS file is broken.
The script on adjust_gpx_to_apple_format.awk on github is a call of awk with the awk script provided as parameter (in shell syntax).
Thus, the name adjust_gpx_to_apple_format.awk is somehow misleading.
Either the awk ' at the beginning and ' $1' at the end has to be removed. In this case,
awk -f adjust_gpx_to_apple_format.awk
should work (as the script looks like a correct awk script otherwise).
If left as is, the script might be called directly in the shell:
> ./adjust_gpx_to_apple_format.awk input.txt >output.txt
In the latter case, I would suggest two additions:
Insert a "hut" in the first line e.g. #!/bin/bash which makes it more obviously.
Rename the script to adjust_gpx_to_apple_format.sh.
Note:
Remember, that the file suffix does not have the strict meaning in Unix like shells as they have for example in MSDOS. Actually, the suffix could be anything (including nothing). It's more valuable for the user than the shell and should be chosen respectively.

Interpreting Fortify results file (.fpr) through command line

As part of automating the process of running secure code analysis, I have a Jenkins job which uses the sourceanalyzer command line tool to generate an .fpr results file. At the moment I'm opening this results file in Audit Workbench application to view the results and check if there's any newly introduced issues etc, and generating a report from there in PDF/XML format.
Does anyone is it possible to invoke Audit Workbench through the command line and generate a report on the issues, which we could then leverage through a Jenkins script and also then mail the results? Looking online the command line usage seems to stop at the fpr generation stage.
Thanks in advance!
There is a command-line utility to generate an Report from the FPR file.
Currently there are two report generators: Legacy and BIRT. The BIRT report engine was introduced into Audit Workbench with version 4.40.
Here is an example using the BIRT Report engine to generate a DISA STIG report
BIRTReportGenerator -template "DISA STIG" -source HelloWorld_second.fpr
-output BirtReport.pdf -format PDF -showSuppressed --Version "DISA STIG 3.9"
-UseFortifyPriorityOrder
Using the legacy one is a little more involved. The command is:
ReportGenerator -format pdf -f LegacyReport.pdf -source HelloWorld_second.fpr
-template DisaStig3.10.xml -showSuppressed -showHidden
You can either use one of the predefined template reports located in the <SCA Install Dir>/Core/config/reports directory or generate one using the Report Wizard and saving the template which gets stored in the C:\Users\<USER>\AppData\Local\Fortify\config\AWB-XX.XX\reports\ directory in Windows.
On Linux/Mac look at the configuration file <SCA Install Dir>/Core/config/fortify.properties for the com.fortify.WorkingDirectory property, this is where the reports will be stored
#SBurris,
If you don't want to show Suppressed/Hidden is it just -hideSuppressed and -hideHidden?
Also, is there a way to add custom filters to not show things like "nones" from the STIG/SANS/OWASP like you can create in the AWB GUI?
Basically, I need a command(s) to merge two FPRs and then compare them based on what is found new on the scanned code vs. the old FPR.
Merge should be:
FPRUtility -merge -project <newest_scan.fpr> -source <previous_scan.fpr> -f <BUILDXX_MergedWith_BUILDXY.fpr>
The custom filter I need after the merge is:
"[OWASP Top 10 2013]:!<none> OR [SANS Top 25 2011]:!<none> OR [STIG 3.9]:!<none> AND [Detected On]:!/^/"
Where the Detected On field is a custom tag that I need to carry through from the previous FPR file into the newly merged one.
AND THEN output the report from that newly merged fpr in pdf and xml format to a location/filename I specify. Something along the lines of:
~AWB_Installation_Dir/bin/ReportGenerator -format pdf -f [BUILDXX_MergedWith_BUILDXY].pdf -source output.fpr
-template DisaStig3.10.xml -hideSuppressed -hideHidden
Obviously this can be a multitude of commands as long as we can get it back to Bamboo. Any help would be greatly appreciated. Thanks.
FPRUtility interprets the space-separated conditions in the -information -search -query ... parameter by applying the boolean AND operator. To obtain a union of 2 conditions A || B, I figured I could intersect negations of other conditions that complement the former: !C && !D (where A || B || C || D always holds true). I.e., to find all high and critical issues, I use
FORTIFY_ROOT\jre\bin\java -d64 -Xmx4096M -jar FORTIFY_ROOT\Core\lib\exe\fpr-utility-exe.jar -project APP_VER_DATE.fpr -information -search -query "[OWASP Top 10 2017]:A [fortify priority order]:!low [fortify priority order]:!medium" -categoryIssueCounts -listIssues > issues.txt
In case of an audit, I figured I needed the older report generation utility to include suppressed issues (and their comments),
sed -e 's/\(IssueListing limit=\)"[^"]\+"/\1"-1"/' -i "FORTIFY_ROOT/Core/config/reports/DeveloperWorkbook.xml"
cmd /c call ReportGenerator -template DeveloperWorkbookAll.xml -format pdf -source APP_VER_DATE.fpr -showSuppressed -f "APP_VER_DATE_with_suppressed.pdf"

Markdown to PDF using Pandoc since Xetex Deprecation

On my MacBook (OSX Mountain Lion), I used to use this Pandoc command to convert Markdown to PDF:
$ markdown2pdf -N -o pandoc_output.pdf --xetex --toc --template=mytemplate.tex myfile.md
But markdown2pdf no longer works, and --xetex option in markdown2pdf -N -o ../../Desktop/pandoc_output.pdf --xetex --toc --template=mytemplate-headers-garamond_date.tex is deprecated.
If I do this:
$ pandoc -N -o Desktop/pandoc_output.pdf --xetex --toc --template=mytemplate.tex myfile.md
I get this:
pandoc: unrecognized option `--xetex'
But if I take out --xetex and do this:
$ pandoc -N -o Desktop/pandoc_output.pdf --toc --template=mytemplate.tex myfile.md
then I get this:
pandoc: Error producing PDF from TeX source.
! Package hyperref Error: Wrong driver option `xetex',
(hyperref) because XeTeX is not detected.
See the hyperref package documentation for explanation.
Type H <return> for immediate help.
...
l.3925 \ProcessKeyvalOptions{Hyp}
What's the solution?
Try --latex-engine=xelatex instead of --xetex
The prior answers to this question were helpful to me, as I had installed pandoc a couple years ago, but never Tex Live. Consequently I had no idea if I had installed it correctly, so putting in the entire path helped me to see that it was working, as follows:
pandoc --latex-engine=/usr/local/texlive/2012basic/bin/universal-darwin/xelatex
This is the default install location for the BasicTex setup which you download from the Pandoc install page.
I had also forgotten about using pandoc -D Latex >my-latex-template.tex to generate a template. After giving a .tex template instead of my .html one (which caused a 'you don't have BEGIN {' error) , I got .PDF: In other words, the default template worked.
Also, I had inaccurately entered -t pdf (not shown above) to set pdf as an output format, but this was not correct. The output format is Latex, which is then translated to PDF. It is not necessary to specify an output format with the dash -t option.
I hope this record of my minor stumbles saves someone some time.
See the pandoc User's Guide (or man page) for the --latex-engine option.

Resources