public static JToken ToJToken(this string pointer, JToken parentToken)
{
var jsonPointer = new JsonPointer(pointer);
JToken jToken = jsonPointer.Evaluate(parentToken);
return(jToken);
}
protected override void Analyze(AnnotatedCodeLocation annotatedCodeLocation, string annotatedCodeLocationPointer)
{
var pointer = new JsonPointer(annotatedCodeLocationPointer);
JToken token = pointer.Evaluate(Context.InputLogToken);
if (token.HasProperty(SarifPropertyName.Importance))
{
if (!annotatedCodeLocationPointer.Contains(SarifPropertyName.CodeFlows))
{
string importancePointer = annotatedCodeLocationPointer.AtProperty(SarifPropertyName.Importance);
LogResult(importancePointer, nameof(RuleResources.SARIF011_Default));
}
}
}
protected override void Analyze(AnnotatedCodeLocation annotatedCodeLocation, string annotatedCodeLocationPointer)
{
var pointer = new JsonPointer(annotatedCodeLocationPointer);
JToken token = pointer.Evaluate(Context.InputLogToken);
if (token.HasProperty(SarifPropertyName.Importance))
{
if (!annotatedCodeLocationPointer.Contains(SarifPropertyName.CodeFlows))
{
string importancePointer = annotatedCodeLocationPointer.AtProperty(SarifPropertyName.Importance);
LogResult(importancePointer, nameof(RuleResources.SARIF011_Default));
}
}
}
private void ChangeRoot(ChangeRootOptions options)
{
if (!string.IsNullOrEmpty(options.JsonPointer))
{
string currentPointer = GetSpecifiedPointer(options.JsonPointer);
JsonPointer jPointer = new JsonPointer(currentPointer);
// This will throw if the requested path does not exist.
jPointer.Evaluate(_rootToken);
// It didn't throw, so it's a good path.
_currentPointer = currentPointer;
}
_commandOutputBuilder.AppendLine(_currentPointer);
}
protected override void Analyze(Region region, string regionPointer)
{
var jsonPointer = new JsonPointer(regionPointer);
JToken regionToken = jsonPointer.Evaluate(Context.InputLogToken);
if (!region.IsBinaryRegion &&
!region.IsLineColumnBasedTextRegion &&
!region.IsOffsetBasedTextRegion)
{
// {0}: This 'region' object does not specify 'startLine', 'charOffset', or 'byteOffset'.
// As a result, it is impossible to determine whether this 'region' object describes
// a line/column text region, a character offset/length text region, or a binary region.
LogResult(
regionPointer,
nameof(RuleResources.SARIF1007_RegionPropertiesMustBeConsistent_Error_RegionStartPropertyMustBePresent_Text));
}
if (regionToken.HasProperty(SarifPropertyName.EndLine) &&
region.EndLine < region.StartLine)
{
string endLinePointer = regionPointer.AtProperty(SarifPropertyName.EndLine);
// {0}: In this 'region' object, the 'endLine' property '{1}' is less than the 'startLine'
// property '{2}'. The properties of a 'region' object must be internally consistent.
LogResult(
endLinePointer,
nameof(RuleResources.SARIF1007_RegionPropertiesMustBeConsistent_Error_EndLineMustNotPrecedeStartLine_Text),
region.EndLine.ToInvariantString(),
region.StartLine.ToInvariantString());
}
if (RegionIsOnOneLine(region, regionToken) &&
regionToken.HasProperty(SarifPropertyName.EndColumn) &&
region.EndColumn < region.StartColumn)
{
string endColumnPointer = regionPointer.AtProperty(SarifPropertyName.EndColumn);
// {0}: In this 'region' object, the 'endColumn' property '{1}' is less than the 'startColumn'
// property '{2}'. The properties of a 'region' object must be internally consistent.
LogResult(
endColumnPointer,
nameof(RuleResources.SARIF1007_RegionPropertiesMustBeConsistent_Error_EndColumnMustNotPrecedeStartColumn_Text),
region.EndColumn.ToInvariantString(),
region.StartColumn.ToInvariantString());
}
}
protected override void Analyze(Region region, string regionPointer)
{
var jsonPointer = new JsonPointer(regionPointer);
var regionToken = jsonPointer.Evaluate(Context.InputLogToken);
if (regionToken.HasProperty(SarifPropertyName.EndLine) &&
region.EndLine < region.StartLine)
{
string endLinePointer = regionPointer.AtProperty(SarifPropertyName.EndLine);
LogResult(
endLinePointer,
nameof(RuleResources.SARIF012_Default),
region.EndLine.ToInvariantString(),
region.StartLine.ToInvariantString());
}
}
protected override void Analyze(Region region, string regionPointer)
{
var jsonPointer = new JsonPointer(regionPointer);
var regionToken = jsonPointer.Evaluate(Context.InputLogToken);
if (regionToken.HasProperty(SarifPropertyName.EndLine) &&
region.EndLine < region.StartLine)
{
string endLinePointer = regionPointer.AtProperty(SarifPropertyName.EndLine);
LogResult(
endLinePointer,
nameof(RuleResources.SARIF012_Default),
region.EndLine.ToInvariantString(),
region.StartLine.ToInvariantString());
}
}
private JToken GetSpecifiedToken(CommonOptions options)
{
string pointer = GetSpecifiedPointer(options.JsonPointer);
JToken token;
if (pointer == PointerSegmentSeparator)
{
token = _rootToken;
}
else
{
var jPointer = new JsonPointer(pointer);
token = jPointer.Evaluate(_rootToken);
}
return(token);
}
protected override void Analyze(Region region, string regionPointer)
{
var jsonPointer = new JsonPointer(regionPointer);
JToken regionToken = jsonPointer.Evaluate(Context.InputLogToken);
if (RegionIsOnOneLine(region, regionToken) &&
regionToken.HasProperty(SarifPropertyName.EndColumn) &&
region.EndColumn < region.StartColumn)
{
string endColumnPointer = regionPointer.AtProperty(SarifPropertyName.EndColumn);
LogResult(
endColumnPointer,
nameof(RuleResources.SARIF1013_Default),
region.EndColumn.ToInvariantString(),
region.StartColumn.ToInvariantString());
}
}
private Region GetRegionFromJPointer(string jPointer)
{
JsonPointer jsonPointer = new JsonPointer(jPointer);
JToken jToken = jsonPointer.Evaluate(Context.InputLogToken);
IJsonLineInfo lineInfo = jToken;
Region region = null;
if (lineInfo.HasLineInfo())
{
region = new Region
{
StartLine = lineInfo.LineNumber,
StartColumn = lineInfo.LinePosition
};
}
return(region);
}
protected override void Analyze(AnnotatedCodeLocation annotatedCodeLocation, string annotatedCodeLocationPointer)
{
var pointer = new JsonPointer(annotatedCodeLocationPointer);
JToken token = pointer.Evaluate(Context.InputLogToken);
if (token.HasProperty(SarifPropertyName.Essential))
{
string essentialPointer = annotatedCodeLocationPointer.AtProperty(SarifPropertyName.Essential);
// Emit a different warning depending on whether or not this annotatedCodeLocation
// occurs in a codeFlow, because the "importance" property is only meaningful within
// a codeFlow.
string formatId = annotatedCodeLocationPointer.Contains(SarifPropertyName.CodeFlows)
? nameof(RuleResources.SARIF005_Default)
: nameof(RuleResources.SARIF005_OnlyInCodeFlow);
LogResult(essentialPointer, formatId);
}
}
public void RunEvaluationTests(EvaluationTestCase test)
{
JsonPointer jPointer = new JsonPointer(test.Pointer);
JToken documentToken = JToken.Parse(test.Document);
JToken actualResult = null;
Action action = () => actualResult = jPointer.Evaluate(documentToken);
if (test.Valid)
{
action.Should().NotThrow();
JToken expectedResult = JToken.Parse(test.Result);
s_comparer.Equals(expectedResult, actualResult).Should().BeTrue();
}
else
{
action.Should().Throw <ArgumentException>().WithMessage($"*{test.Pointer}*");
}
}
protected override void Analyze(AnnotatedCodeLocation annotatedCodeLocation, string annotatedCodeLocationPointer)
{
var pointer = new JsonPointer(annotatedCodeLocationPointer);
JToken token = pointer.Evaluate(Context.InputLogToken);
if (token.HasProperty(SarifPropertyName.Essential))
{
string essentialPointer = annotatedCodeLocationPointer.AtProperty(SarifPropertyName.Essential);
// Emit a different warning depending on whether or not this annotatedCodeLocation
// occurs in a codeFlow, because the "importance" property is only meaningful within
// a codeFlow.
string formatId = annotatedCodeLocationPointer.Contains(SarifPropertyName.CodeFlows)
? nameof(RuleResources.SARIF005_Default)
: nameof(RuleResources.SARIF005_OnlyInCodeFlow);
LogResult(essentialPointer, formatId);
}
}
protected override void Analyze(CodeFlow codeFlow, string codeFlowPointer)
{
var pointer = new JsonPointer(codeFlowPointer);
JToken codeFlowToken = pointer.Evaluate(Context.InputLogToken);
JProperty locationsProperty = codeFlowToken.Children<JProperty>()
.FirstOrDefault(prop => prop.Name.Equals(SarifPropertyName.Locations, StringComparison.Ordinal));
if (locationsProperty != null)
{
JArray annotatedCodeLocationArray = locationsProperty.Value as JArray;
string annotatedCodeLocationsPointer = codeFlowPointer.AtProperty(SarifPropertyName.Locations);
ReportMissingStepProperty(
annotatedCodeLocationArray,
annotatedCodeLocationsPointer);
ReportInvalidStepValues(
codeFlow.Locations.ToArray(),
annotatedCodeLocationArray,
annotatedCodeLocationsPointer);
}
}
protected override void Analyze(ThreadFlow threadFlow, string threadFlowPointer)
{
var pointer = new JsonPointer(threadFlowPointer);
JToken threadFlowToken = pointer.Evaluate(Context.InputLogToken);
JProperty locationsProperty = threadFlowToken.Children <JProperty>()
.FirstOrDefault(prop => prop.Name.Equals(SarifPropertyName.Locations, StringComparison.Ordinal));
if (locationsProperty != null)
{
JArray threadFlowLocationsArray = locationsProperty.Value as JArray;
string threadFlowLocationsPointer = threadFlowPointer.AtProperty(SarifPropertyName.Locations);
ReportMissingStepProperty(
threadFlowLocationsArray,
threadFlowLocationsPointer);
ReportInvalidStepValues(
threadFlow.Locations.ToArray(),
threadFlowLocationsArray,
threadFlowLocationsPointer);
}
}
public async Task <JToken> ResolveAsync(JToken refToken)
{
var jProperty = GetRefJProperty(refToken);
if (jProperty == null)
{
throw new InvalidOperationException("Failed to resolve reference, $copy property not present");
}
var refTarget = jProperty.Value.Value <string>();
var targetFragments = refTarget.Split('#');
string jsonFile;
string jsonPointer = null;
JToken refDoc = this.rootDocument;
jsonPointer = targetFragments.Length == 2 ? targetFragments[1] : string.Empty;
if (targetFragments[0] != string.Empty)
{
jsonFile = targetFragments[0];
var jDoc = File.ReadAllText(jsonFile);
refDoc = JToken.Parse(jDoc);
}
else
{
// throw
}
var jPointer = new JsonPointer(jsonPointer);
var json = jPointer.Evaluate(refDoc);
foreach (JProperty prop in refToken.Children <JProperty>())
{
if (prop.Name != RefPropertyName)
{
// JToken is an object, so we merge objects
if (json[prop.Name] != null && json[prop.Name].Type == JTokenType.Object)
{
JObject targetProperty = json[prop.Name] as JObject;
targetProperty.Merge(prop.Value);
}
// JToken is an object, so we merge objects
else if (json[prop.Name] != null && json[prop.Name].Type == JTokenType.Array)
{
JArray targetArray = json[prop.Name] as JArray;
targetArray.Merge(prop.Value);
}
// JToken is a value, simply assign
else
{
json[prop.Name] = prop.Value;
}
}
}
return(await Task.FromResult(json));
}
