gcc parser: extract CWE metadata (#43)

Signed-off-by: David Malcolm <dmalcolm@redhat.com>
fedora-static-analysis · Dec 1, 2021 · 92cc608 · 92cc608
1 parent ec2958e
commit 92cc608
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 2 deletions.
diff --git a/firehose/parsers/gcc.py b/firehose/parsers/gcc.py
@@ -40,6 +40,8 @@
 
 SWITCH_SUB_PATTERN = re.compile("^ \[\-W(?P<name>.*)\]$")
 
+CWE_SUB_PATTERN = re.compile("^(?P<message>.*) \[CWE-(?P<cwe>[0-9]+)\]$")
+
 # single quotes may not match locales that are not C
 FUNCTION_PATTERN = re.compile(".*: In (?:member )?function '(?P<func>.*)':")
 
@@ -107,7 +109,17 @@ def parse_warning(line, func_name):
     """
     match = GCC_PATTERN.match(line)
     if match:
-        message = Message(match.group('message'))
+        text = match.group('message')
+        # GCC 10 onwards can (optionally) append a CWE id to the message.
+        # Extract it if it is present.
+        cwe_match = CWE_SUB_PATTERN.match(text)
+        if cwe_match:
+            message = Message(cwe_match.group('message'))
+            cwe = int(cwe_match.group('cwe'))
+        else:
+            message = Message(text)
+            cwe = None
+
         func = Function(func_name)
         try:
             column = int(match.group('column'))
@@ -128,7 +140,7 @@ def parse_warning(line, func_name):
         path = File(match.group('path'), None)
         location = Location(path, func, point)
 
-        return Issue(None, switch, location, message, None, None)
+        return Issue(cwe, switch, location, message, None, None)
 
 
 if __name__ == '__main__':

diff --git a/tests/parsers/test_gcc_parser.py b/tests/parsers/test_gcc_parser.py
@@ -118,6 +118,16 @@ def test_parse_no_switch(self):
         issue = gcc.parse_warning(line, FUNC_NAME)
         self.assertIsInstance(issue, Issue)
 
+    def test_cwe(self):
+        line = "CWE415_Double_Free__malloc_free_long_16.c:40:9: warning: double-'free' of 'data' [CWE-415] [-Wanalyzer-double-free]"
+        issue = gcc.parse_warning(line, FUNC_NAME)
+        self.assertIsInstance(issue, Issue)
+        self.assertEqual(issue.testid, 'analyzer-double-free')
+        self.assertEqual(issue.location.file.givenpath, 'CWE415_Double_Free__malloc_free_long_16.c')
+        self.assertEqual(issue.location.point.line, 40)
+        self.assertEqual(issue.location.point.column, 9)
+        self.assertEqual(issue.message.text, "double-'free' of 'data'")
+        self.assertEqual(issue.cwe, 415)
 
 class TestParseFile(unittest.TestCase):
     @staticmethod