-
Notifications
You must be signed in to change notification settings - Fork 86
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix false positives for 'SARIF1002.UrisMustBeValid' due to Uri.IsWellFormedUriString bug #2501
Changes from 3 commits
60bb414
4bb9461
ebc734c
83c2349
f288136
04fe163
6c908c3
976f073
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,9 @@ | ||
# SARIF Package Release History (SDK, Driver, Converters, and Multitool) | ||
|
||
## Unreleased | ||
|
||
* BUGFIX: Fix false positive for `SARIF1002.UrisMustBeValid` for URIs with the format `file:/c:/location/filename.txt`. [#]() | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. ? #Pending |
||
|
||
## **v2.4.15** [Sdk](https://www.nuget.org/packages/Sarif.Sdk/2.4.15) | [Driver](https://www.nuget.org/packages/Sarif.Driver/2.4.15) | [Converters](https://www.nuget.org/packages/Sarif.Converters/2.4.15) | [Multitool](https://www.nuget.org/packages/Sarif.Multitool/2.4.15) | [Multitool Library](https://www.nuget.org/packages/Sarif.Multitool.Library/2.4.15) | ||
|
||
* BUGFIX: Fix `ArgumentNullException` when `PropertiesDictionary` is instantiated with a null comparer. [#2482](https://github.com/microsoft/sarif-sdk/pull/2482) | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -80,7 +80,7 @@ private void AnalyzeUri(Uri uri, string pointer) | |
string uriString = uri?.OriginalString; | ||
if (uriString != null) | ||
{ | ||
if (!Uri.IsWellFormedUriString(uriString, UriKind.RelativeOrAbsolute)) | ||
if (!UriIsWellFormedUriString(uriString, UriKind.RelativeOrAbsolute)) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. |
||
{ | ||
// {0}: The string '{1}' is not a valid URI reference. URIs must conform to | ||
// [RFC 3986](https://tools.ietf.org/html/rfc3986). | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Put this information in the helper. |
||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -246,6 +246,14 @@ internal static string JsonPointerToJavaScript(string pointerString) | |
return sb.ToString(); | ||
} | ||
|
||
internal static bool UriIsWellFormedUriString(string uriString, UriKind uriKind) | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Suggest naming IsWellFormedUriString per C# style guidelines #Closed There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. +1 |
||
{ | ||
bool isWellFormed = Uri.IsWellFormedUriString(uriString, uriKind); | ||
bool csBug = (uriString.StartsWith("file:/") && Uri.TryCreate(uriString, uriKind, out Uri result)); | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. |
||
|
||
return isWellFormed || csBug; | ||
} | ||
|
||
private static readonly string s_javaScriptIdentifierPattern = @"^[$_\p{L}][$_\p{L}0-9]*$"; | ||
private static readonly Regex s_javaScriptIdentifierRegex = new Regex(s_javaScriptIdentifierPattern, RegexOptions.Compiled); | ||
|
||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
'for file URIs that omit the 'authority' #Pending