-
Notifications
You must be signed in to change notification settings - Fork 81
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add D2D for ELFs and Go binaries #1113 #1114 #1170
Conversation
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
scanpipe/pipes/d2d.py
Outdated
@@ -1662,3 +1664,148 @@ def _match_purldb_resources_post_process( | |||
package.add_resources(unmapped_resources) | |||
|
|||
return interesting_codebase_resources.count() | |||
|
|||
|
|||
def _map_paths_resource( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Too much imbrications, please refactor in smaller testable pieces.
scanpipe/pipes/d2d.py
Outdated
from_resources.get(id=rid) for rid in match.resource_ids | ||
] | ||
matched_from_resources.sort( | ||
key=lambda res: (len(res.path.strip("/").split("/")), res.path) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A proper well-named function would be better for readability and testing.
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
@@ -189,6 +191,16 @@ def map_javascript(self): | |||
""" | |||
d2d.map_javascript(project=self.project, logger=self.log) | |||
|
|||
@group("Elf") | |||
def map_elf(self): | |||
"""Map DWARF paths using similarities of path suffixes.""" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"""Map DWARF paths using similarities of path suffixes.""" | |
"""Map ELF binaries to their sources.""" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There are 9 new functions introduced in those changes and I see only 2 unit tests.
We need to improve this test coverage.
scanpipe/pipes/d2d.py
Outdated
) | ||
|
||
|
||
def process_relations( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This function name and the docstring are too generic.
scanpipe/pipes/d2d.py
Outdated
""" | ||
return sorted( | ||
matched_from_resources, | ||
key=lambda res: (len(res.path.strip("/").split("/")), res.path), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
That's the lambda "key" that needed to be replaced by a function.
|
||
@group("Go") | ||
def map_go(self): | ||
"""Map GO file paths using similarities of path suffixes.""" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
"""Map GO file paths using similarities of path suffixes.""" | |
"""Map Go binaries to their sources.""" |
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
This is for these two issues:
Testing steps:
to
side of the D2D, by addingto-
prefix on the zip file. For exampleto-data.zip
and add the files likebuilder.go
in a zip file and add it to thefrom
side of the D2D, by addingfrom-
prefix on the zip file.map_deploy_to_develop
pipeline.