Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sarif validation rule 2010 - provide code snippets #1953

Merged
merged 3 commits into from
Jun 30, 2020
Merged

sarif validation rule 2010 - provide code snippets #1953

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
86c6360
rule + test cases
Jun 30, 2020
830d1e6
reviews++
Jun 30, 2020
1f45697
remove blank line
Jun 30, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
67 changes: 67 additions & 0 deletions src/Sarif.Multitool/Rules/SARIF2010.ProvideCodeSnippets.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
// Copyright (c) Microsoft. All rights reserved.
// Licensed under the MIT license. See LICENSE file in the project root for full license information.

using System.Collections.Generic;
using System.Runtime.CompilerServices;

using Microsoft.Json.Pointer;

namespace Microsoft.CodeAnalysis.Sarif.Multitool.Rules
{
public class ProvideCodeSnippets : SarifValidationSkimmerBase
{
/// <summary>
/// SARIF2010
/// </summary>
public override string Id => RuleId.ProvideCodeSnippets;

/// <summary>
/// Placeholder_SARIF2010_ProvideCodeSnippets_FullDescription_Text
/// </summary>
public override MultiformatMessageString FullDescription => new MultiformatMessageString { Text = RuleResources.SARIF2010_ProvideCodeSnippets_FullDescription_Text };

protected override IEnumerable<string> MessageResourceNames => new string[] {
nameof(RuleResources.SARIF2010_ProvideCodeSnippets_Note_Default_Text)
};

public override FailureLevel DefaultLevel => FailureLevel.Note;

protected override void Analyze(Result result, string resultPointer)
{
if (result.Locations != null)
{
string locationsPointer = resultPointer.AtProperty(SarifPropertyName.Locations);
for (int i = 0; i < result.Locations.Count; i++)
{
AnalyzeResultLocation(result.Locations[i], locationsPointer.AtIndex(i));
}
}
}

private void AnalyzeResultLocation(Location location, string locationPointer)
{
AnalyzeRegion(
location.PhysicalLocation?.Region,
locationPointer
.AtProperty(SarifPropertyName.PhysicalLocation)
.AtProperty(SarifPropertyName.Region));

AnalyzeRegion(
location.PhysicalLocation?.ContextRegion,
locationPointer
.AtProperty(SarifPropertyName.PhysicalLocation)
.AtProperty(SarifPropertyName.ContextRegion));
}

private void AnalyzeRegion(Region region, string regionPointer)
{
if (region != null && region.Snippet == null)
Copy link

@ghost ghost Jun 30, 2020
edited by ghost
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

if [](start = 12, length = 2)

Remove extra blank line above. #Closed

{
// Placeholder_SARIF2010_ProvideCodeSnippets_Note_Default_Text
LogResult(
regionPointer,
nameof(RuleResources.SARIF2010_ProvideCodeSnippets_Note_Default_Text));
}
}
}
}
1 change: 1 addition & 0 deletions src/Sarif.Multitool/SarifPropertyName.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ public static class SarifPropertyName
public const string ArtifactChanges = "artifactChanges";
public const string CodeFlows = "codeFlows";
public const string Configuration = "configuration";
public const string ContextRegion = "contextRegion";
public const string Conversion = "conversion";
public const string ConversionSources = "conversionSources";
public const string Description = "description";
Expand Down
12 changes: 12 additions & 0 deletions src/Test.FunctionalTests.Sarif/Multitool/ValidateCommandTests.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -221,6 +221,18 @@ public void SARIF2009_ConsiderConventionalIdentifierValues_Invalid()
MakeInvalidTestFileName(RuleId.ConsiderConventionalIdentifierValues, nameof(RuleId.ConsiderConventionalIdentifierValues)),
parameter: new TestParameters(verbose: true));

[Fact]
public void SARIF2010_ProvideCodeSnippets_Valid()
=> RunTest(
MakeValidTestFileName(RuleId.ProvideCodeSnippets, nameof(RuleId.ProvideCodeSnippets)),
parameter: new TestParameters(verbose: true));

[Fact]
public void SARIF2010_ProvideCodeSnippets_Invalid()
=> RunTest(
MakeInvalidTestFileName(RuleId.ProvideCodeSnippets, nameof(RuleId.ProvideCodeSnippets)),
parameter: new TestParameters(verbose: true));

[Fact]
public void SARIF2011_ProvideContextRegion_Valid()
=> RunTest(
Expand Down
225 changes: 225 additions & 0 deletions ...ata/Multitool/ValidateCommand/ExpectedOutputs/SARIF2010.ProvideCodeSnippets_Invalid.sarif
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,225 @@
{
"$schema": "https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.5.json",
"version": "2.1.0",
Copy link
Contributor Author

@harleenkohli harleenkohli Jun 30, 2020
edited by ghost
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

oops, wrong file, pushing the correct one! hold on! #Closed

"runs": [
{
"tool": {
"driver": {
"name": "SARIF Functional Testing",
"rules": [
{
"id": "SARIF2010",
"name": "ProvideCodeSnippets",
"shortDescription": {
"text": "Placeholder_SARIF2010_ProvideCodeSnippets_FullDescription_Text."
},
"fullDescription": {
"text": "Placeholder_SARIF2010_ProvideCodeSnippets_FullDescription_Text"
},
"messageStrings": {
"Note_Default": {
"text": "Placeholder_SARIF2010_ProvideCodeSnippets_Note_Default_Text"
}
},
"helpUri": "http://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html"
},
{
"id": "SARIF2011",
"name": "ProvideContextRegion",
"shortDescription": {
"text": "Placeholder_SARIF2011_ProvideContextRegion_FullDescription_Text."
},
"fullDescription": {
"text": "Placeholder_SARIF2011_ProvideContextRegion_FullDescription_Text"
},
"messageStrings": {
"Note_Default": {
"text": "{0}: Placeholder"
}
},
"helpUri": "http://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html"
}
]
}
},
"invocations": [
{
"toolConfigurationNotifications": [
{
"message": {
"text": "Rule 'SARIF2002' was explicitly disabled by the user. As result, this tool run cannot be used for compliance or other auditing processes that require a comprehensive analysis."
},
"descriptor": {
"id": "WRN999.RuleExplicitlyDisabled"
}
},
{
"message": {
"text": "Rule 'SARIF2006' was explicitly disabled by the user. As result, this tool run cannot be used for compliance or other auditing processes that require a comprehensive analysis."
},
"descriptor": {
"id": "WRN999.RuleExplicitlyDisabled"
}
}
],
"executionSuccessful": true
}
],
"artifacts": [
{
"location": {
"uri": "FunctionalTestOutput.ValidateCommand/Inputs.SARIF2010.ProvideCodeSnippets_Invalid.sarif",
"uriBaseId": "TEST_DIR"
}
}
],
"results": [
{
"ruleId": "SARIF2010",
"ruleIndex": 0,
"level": "note",
"message": {
"id": "Note_Default",
"arguments": [
"runs[0].results[0].locations[0].physicalLocation.region"
]
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"index": 0
},
"region": {
"startLine": 30,
"startColumn": 27
}
}
}
]
},
{
"ruleId": "SARIF2010",
"ruleIndex": 0,
"level": "note",
"message": {
"id": "Note_Default",
"arguments": [
"runs[0].results[0].locations[0].physicalLocation.contextRegion"
]
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"index": 0
},
"region": {
"startLine": 33,
"startColumn": 34
}
}
}
]
},
{
"ruleId": "SARIF2010",
"ruleIndex": 0,
"level": "note",
"message": {
"id": "Note_Default",
"arguments": [
"runs[0].results[1].locations[0].physicalLocation.contextRegion"
]
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"index": 0
},
"region": {
"startLine": 59,
"startColumn": 34
}
}
}
]
},
{
"ruleId": "SARIF2010",
"ruleIndex": 0,
"level": "note",
"message": {
"id": "Note_Default",
"arguments": [
"runs[0].results[2].locations[0].physicalLocation.region"
]
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"index": 0
},
"region": {
"startLine": 79,
"startColumn": 27
}
}
}
]
},
{
"ruleId": "SARIF2010",
"ruleIndex": 0,
"level": "note",
"message": {
"id": "Note_Default",
"arguments": [
"runs[0].results[3].locations[0].physicalLocation.region"
]
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"index": 0
},
"region": {
"startLine": 105,
"startColumn": 27
}
}
}
]
},
{
"ruleId": "SARIF2011",
"ruleIndex": 1,
"level": "note",
"message": {
"id": "Note_Default",
"arguments": [
"runs[0].results[3].locations[0].physicalLocation"
]
},
"locations": [
{
"physicalLocation": {
"artifactLocation": {
"index": 0
},
"region": {
"startLine": 101,
"startColumn": 35
}
}
}
]
}
],
"columnKind": "utf16CodeUnits"
}
]
}
46 changes: 46 additions & 0 deletions ...tData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2010.ProvideCodeSnippets_Valid.sarif
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,46 @@
{
"$schema": "https://schemastore.azurewebsites.net/schemas/json/sarif-2.1.0-rtm.5.json",
"version": "2.1.0",
"runs": [
{
"tool": {
"driver": {
"name": "SARIF Functional Testing"
}
},
"invocations": [
{
"toolConfigurationNotifications": [
{
"message": {
"text": "Rule 'SARIF2002' was explicitly disabled by the user. As result, this tool run cannot be used for compliance or other auditing processes that require a comprehensive analysis."
},
"descriptor": {
"id": "WRN999.RuleExplicitlyDisabled"
}
},
{
"message": {
"text": "Rule 'SARIF2006' was explicitly disabled by the user. As result, this tool run cannot be used for compliance or other auditing processes that require a comprehensive analysis."
},
"descriptor": {
"id": "WRN999.RuleExplicitlyDisabled"
}
}
],
"executionSuccessful": true
}
],
"artifacts": [
{
"location": {
"uri": "FunctionalTestOutput.ValidateCommand/Inputs.SARIF2010.ProvideCodeSnippets_Valid.sarif",
"uriBaseId": "TEST_DIR"
}
}
],
"results": [],
"columnKind": "utf16CodeUnits"
}
]
}
Loading