/// <summary>
/// Analyzes a directory of files.
/// </summary>
/// <param name="directory"> directory to analyze. </param>
/// <returns> List of tags identified </returns>
public async Task <AnalyzeResult?> AnalyzeDirectory(Options options, string directory)
{
Logger.Trace("AnalyzeDirectory({0})", directory);
AnalyzeResult?analysisResult = null;
// Call Application Inspector using the NuGet package
AnalyzeOptions?analyzeOptions = new AnalyzeOptions()
{
ConsoleVerbosityLevel = "None",
LogFileLevel = "Off",
SourcePath = new[] { directory },
IgnoreDefaultRules = options.DisableDefaultRules,
CustomRulesPath = options.CustomRuleDirectory,
ConfidenceFilters = "high,medium,low",
ScanUnknownTypes = true,
AllowAllTagsInBuildFiles = options.AllowTagsInBuildFiles,
SingleThread = false,
FilePathExclusions = options.FilePathExclusions?.Split(',') ?? Array.Empty <string>()
};
try
{
AnalyzeCommand?analyzeCommand = new AnalyzeCommand(analyzeOptions);
analysisResult = analyzeCommand.GetResult();
Logger.Debug("Operation Complete: {0} files analyzed.", analysisResult?.Metadata?.TotalFiles);
}
catch (Exception ex)
{
Logger.Warn("Error analyzing {0}: {1}", directory, ex.Message);
}
return(analysisResult);
}
/// <summary>
/// Analyzes a directory of files.
/// </summary>
/// <param name="directory"> directory to analyze. </param>
/// <returns> List of tags identified </returns>
public async Task <AnalyzeResult?> AnalyzeDirectory(Options options, string directory)
{
Logger.Trace("AnalyzeDirectory({0})", directory);
AnalyzeResult?analysisResult = null;
// Call Application Inspector using the NuGet package
var analyzeOptions = new AnalyzeOptions()
{
ConsoleVerbosityLevel = "None",
LogFileLevel = "Off",
SourcePath = directory,
IgnoreDefaultRules = options.DisableDefaultRules == true,
CustomRulesPath = options.CustomRuleDirectory,
ConfidenceFilters = "high,medium,low",
TreatEverythingAsCode = options.TreatEverythingAsCode,
SingleThread = true
};
try
{
var analyzeCommand = new AnalyzeCommand(analyzeOptions);
analysisResult = analyzeCommand.GetResult();
Logger.Debug("Operation Complete: {0} files analyzed.", analysisResult?.Metadata?.TotalFiles);
}
catch (Exception ex)
{
Logger.Warn("Error analyzing {0}: {1}", directory, ex.Message);
}
return(analysisResult);
}
private static int RunAnalysis(AnalyzeOptions options)
{
var indexDb = new IndexDb(options.Directory);
indexDb.Build();
indexDb.ShowStatistic();
var callGraphBuilder = new CallGraphBuilder(indexDb);
CreateCleanDirectory(options.Output);
foreach (var group in Loader.GetPatternGroups())
{
var callGraph = callGraphBuilder.CreateGraph(group.Patterns);
callGraphBuilder.ShowStatistic();
if (callGraph.IsEmpty)
{
continue;
}
callGraph.RemoveDuplicatePaths();
var groupDirectory = Path.Combine(options.Output, group.Name);
Directory.CreateDirectory(groupDirectory);
callGraph.Dump(Path.Combine(groupDirectory, "full.png"));
callGraph.RemoveNonPublicEntryNodes();
callGraph.Dump(Path.Combine(groupDirectory, "public.png"));
}
return(0);
}
public void InvalidLogPath_Fail()
{
AnalyzeOptions options = new AnalyzeOptions()
{
SourcePath = Path.Combine(Helper.GetPath(Helper.AppPath.testSource), @"unzipped\simple\main.cpp"),
FilePathExclusions = "none", //allow source under unittest path
LogFilePath = Path.Combine(Helper.GetPath(Helper.AppPath.testOutput), @"baddir\log.txt")
};
AnalyzeResult.ExitCode exitCode = AnalyzeResult.ExitCode.CriticalError;
try
{
AnalyzeCommand command = new AnalyzeCommand(options);
AnalyzeResult result = command.GetResult();
exitCode = result.ResultCode;
}
catch (Exception)
{
}
//because these are static and each test is meant to be indpendent null assign the references to create the log
WriteOnce.Log = null;
Utils.Logger = null;
Assert.IsTrue(exitCode == AnalyzeResult.ExitCode.CriticalError);//test fails even when values match unless this case run individually -mstest bug?
}
public void NoDefaultCustomRules_Pass()
{
AnalyzeOptions options = new AnalyzeOptions()
{
SourcePath = Path.Combine(Helper.GetPath(Helper.AppPath.testSource), @"unzipped\simple\main.cpp"),
FilePathExclusions = "none", //allow source under unittest path
IgnoreDefaultRules = true,
CustomRulesPath = Path.Combine(Helper.GetPath(Helper.AppPath.testRules), @"myrule.json"),
};
AnalyzeResult.ExitCode exitCode = AnalyzeResult.ExitCode.CriticalError;
try
{
AnalyzeCommand command = new AnalyzeCommand(options);
AnalyzeResult result = command.GetResult();
exitCode = result.ResultCode;
}
catch (Exception)
{
exitCode = AnalyzeResult.ExitCode.CriticalError;
}
//because these are static and each test is meant to be indpendent null assign the references to create the log
WriteOnce.Log = null;
Utils.Logger = null;
Assert.IsTrue(exitCode == AnalyzeResult.ExitCode.Success);
}
public void IOExceptionRaisedCreatingSarifLog()
{
string path = Path.GetTempFileName();
try
{
using (var stream = File.OpenWrite(path))
{
// our log file is locked for write
// causing exceptions at analysis time
var options = new AnalyzeOptions()
{
BinaryFileSpecifiers = new string[] { this.GetType().Assembly.Location },
OutputFilePath = path,
Verbose = true,
};
ExceptionTestHelper(
ExceptionCondition.None,
RuntimeConditions.ExceptionCreatingLogfile,
expectedExitReason: FailureReason.ExceptionCreatingLogFile,
analyzeOptions: options);
}
}
finally
{
File.Delete(path);
}
}
public void ExpectedTagCountNoDupsAllowed_Pass()
{
AnalyzeOptions options = new AnalyzeOptions()
{
SourcePath = Path.Combine(Helper.GetPath(Helper.AppPath.testSource), @"unzipped\simple\mainduptags.cpp"),
FilePathExclusions = "none", //allow source under unittest path
AllowDupTags = false
};
AnalyzeResult.ExitCode exitCode = AnalyzeResult.ExitCode.CriticalError;
try
{
AnalyzeCommand command = new AnalyzeCommand(options);
AnalyzeResult result = command.GetResult();
exitCode = result.ResultCode;
if (exitCode == AnalyzeResult.ExitCode.Success)
{
exitCode = result.Metadata.TotalMatchesCount == 7 && result.Metadata.UniqueMatchesCount == 7 ? AnalyzeResult.ExitCode.Success : AnalyzeResult.ExitCode.NoMatches;
}
}
catch (Exception)
{
exitCode = AnalyzeResult.ExitCode.CriticalError;
}
//because these are static and each test is meant to be indpendent null assign the references to create the log
WriteOnce.Log = null;
Utils.Logger = null;
Assert.IsTrue(exitCode == AnalyzeResult.ExitCode.Success);
}
public void DefaultAndCustomRulesMatched_Pass()
{
AnalyzeOptions options = new AnalyzeOptions()
{
SourcePath = Path.Combine(Helper.GetPath(Helper.AppPath.testSource), @"unzipped\simple\main.cpp"),
FilePathExclusions = "none", //allow source under unittest path
CustomRulesPath = Path.Combine(Helper.GetPath(Helper.AppPath.testRules), @"myrule.json")
};
AnalyzeResult.ExitCode exitCode = AnalyzeResult.ExitCode.CriticalError;
try
{
AnalyzeCommand command = new AnalyzeCommand(options);
AnalyzeResult result = command.GetResult();
if (result.Metadata.UniqueTags.Any(v => v.Contains("Authentication.General")) &&
result.Metadata.UniqueTags.Any(v => v.Contains("Data.Custom1")))
{
exitCode = AnalyzeResult.ExitCode.Success;
}
}
catch (Exception)
{
exitCode = AnalyzeResult.ExitCode.CriticalError;
}
//because these are static and each test is meant to be indpendent null assign the references to create the log
WriteOnce.Log = null;
Utils.Logger = null;
Assert.IsTrue(exitCode == AnalyzeResult.ExitCode.Success);
}
public void InsecureLogPath_Fail()
{
AnalyzeOptions options = new AnalyzeOptions()
{
SourcePath = Path.Combine(Helper.GetPath(Helper.AppPath.testSource), @"unzipped\simple\main.cpp"),
FilePathExclusions = "none", //allow source under unittest path
LogFilePath = Path.Combine(Helper.GetPath(Helper.AppPath.testSource), @"unzipped\simple\empty.cpp"),
};
AnalyzeResult.ExitCode exitCode = AnalyzeResult.ExitCode.CriticalError;
try
{
AnalyzeCommand command = new AnalyzeCommand(options);
AnalyzeResult result = command.GetResult();
exitCode = result.ResultCode;
}
catch (Exception)
{
//check for specific error if desired
}
//because these are static and each test is meant to be indpendent null assign the references to create the log
WriteOnce.Log = null;
Utils.Logger = null;
Assert.IsTrue(exitCode == AnalyzeResult.ExitCode.CriticalError);
}
public void LogErrorLevel_Pass()
{
AnalyzeOptions options = new AnalyzeOptions()
{
SourcePath = Path.Combine(Helper.GetPath(Helper.AppPath.testSource), @"unzipped\simple\badfile.cpp"),
FilePathExclusions = "none", //allow source under unittest path
LogFileLevel = "error",
LogFilePath = Path.Combine(Helper.GetPath(Helper.AppPath.testOutput), @"logerror.txt"),
};
AnalyzeResult.ExitCode exitCode = AnalyzeResult.ExitCode.CriticalError;
try
{
AnalyzeCommand command = new AnalyzeCommand(options);
}
catch (Exception)
{
string testLogContent = File.ReadAllText(options.LogFilePath);
if (!String.IsNullOrEmpty(testLogContent) && testLogContent.ToLower().Contains("error"))
{
exitCode = AnalyzeResult.ExitCode.Success;
}
else
{
exitCode = AnalyzeResult.ExitCode.CriticalError;
}
}
//because these are static and each test is meant to be indpendent null assign the references to create the log
WriteOnce.Log = null;
Utils.Logger = null;
Assert.IsTrue(exitCode == AnalyzeResult.ExitCode.Success);
}
private void Verify(string testFileName)
{
string testDirectory = Path.Combine(Environment.CurrentDirectory, TestDataDirectory);
string testFilePath = Path.Combine(TestDataDirectory, testFileName);
string expectedFilePath = MakeExpectedFilePath(testDirectory, testFileName);
string actualFilePath = MakeActualFilePath(testDirectory, testFileName);
var analyzeOptions = new AnalyzeOptions
{
TargetFileSpecifiers = new[] { testFilePath },
OutputFilePath = actualFilePath,
SchemaFilePath = JsonSchemaFile,
Quiet = true
};
new AnalyzeCommand().Run(analyzeOptions);
string actualLogContents = File.ReadAllText(actualFilePath);
string expectedLogContents = File.ReadAllText(expectedFilePath);
// We can't just compare the text of the log files because properties
// like start time, and absolute paths, will differ from run to run.
// Until SarifLogger has a "deterministic" option (see http://github.com/Microsoft/sarif-sdk/issues/500),
// we perform a selective compare of just the elements we care about.
SelectiveCompare(actualLogContents, expectedLogContents);
}
public void UnauthorizedAccessExceptionCreatingSarifLog()
{
string path = Environment.GetFolderPath(Environment.SpecialFolder.Windows);
path = Path.Combine(path, Guid.NewGuid().ToString());
try
{
// attempt to persist to unauthorized location will raise exception
var options = new AnalyzeOptions()
{
BinaryFileSpecifiers = new string[] { this.GetType().Assembly.Location },
OutputFilePath = path,
Verbose = true,
};
ExceptionTestHelper(
ExceptionCondition.None,
RuntimeConditions.ExceptionCreatingLogfile,
expectedExitReason: FailureReason.ExceptionCreatingLogFile,
analyzeOptions: options);
}
finally
{
File.Delete(path);
}
}
public void BasicZipRead_Pass()
{
AnalyzeOptions options = new AnalyzeOptions()
{
SourcePath = Path.Combine(Helper.GetPath(Helper.AppPath.testSource), @"zipped\main.zip"),
FilePathExclusions = "none", //allow source under unittest path
};
AnalyzeResult.ExitCode exitCode = AnalyzeResult.ExitCode.CriticalError;
try
{
AnalyzeCommand command = new AnalyzeCommand(options);
AnalyzeResult result = command.GetResult();
exitCode = result.ResultCode;
}
catch (Exception)
{
}
//because these are static and each test is meant to be indpendent null assign the references to create the log
WriteOnce.Log = null;
Utils.Logger = null;
Assert.IsTrue(exitCode == AnalyzeResult.ExitCode.Success);
}
public Host GetAnalysis(string hostname, int?maxAge = null, AnalyzeOptions options = AnalyzeOptions.None)
{
Host hostResult;
AnalysisResult result = GetAnalysisInternal(hostname, maxAge, options, out hostResult);
switch (result)
{
case AnalysisResult.Success:
return(hostResult);
case AnalysisResult.Error:
case AnalysisResult.UnknownError:
throw new Exception("The server was unable to handle the request (" + result + ")");
case AnalysisResult.Maintenance:
throw new Exception("The server was unable to handle the request due to Maintenance (HTTP 503)");
case AnalysisResult.RateLimit:
throw new Exception("The server was unable to handle the request due to rate limits (HTTP 429)");
case AnalysisResult.Overloaded:
throw new Exception("The server was unable to handle the request due to being overloaded (HTTP 529)");
default:
throw new ArgumentOutOfRangeException();
}
}
public void LogDebugLevel_Pass()
{
AnalyzeOptions options = new AnalyzeOptions()
{
SourcePath = Path.Combine(Helper.GetPath(Helper.AppPath.testSource), @"unzipped\simple\main.cpp"),
FilePathExclusions = "none", //allow source under unittest path
LogFileLevel = "debug",
LogFilePath = Path.Combine(Helper.GetPath(Helper.AppPath.testOutput), @"logdebug.txt"),
CloseLogOnCommandExit = true
};
AnalyzeResult.ExitCode exitCode = AnalyzeResult.ExitCode.CriticalError;
try
{
AnalyzeCommand command = new AnalyzeCommand(options);
AnalyzeResult result = command.GetResult();
exitCode = result.ResultCode;
string testLogContent = File.ReadAllText(options.LogFilePath);
if (String.IsNullOrEmpty(testLogContent))
{
exitCode = AnalyzeResult.ExitCode.CriticalError;
}
else if (testLogContent.ToLower().Contains("debug"))
{
exitCode = AnalyzeResult.ExitCode.Success;
}
}
catch (Exception)
{
//check for specific error if desired
}
Assert.IsTrue(exitCode == AnalyzeResult.ExitCode.Success);
}
public void ExpectedTagCountNoDupsAllowed_Pass()
{
AnalyzeOptions options = new AnalyzeOptions()
{
SourcePath = Path.Combine(Helper.GetPath(Helper.AppPath.testSource), @"unzipped\simple\mainduptags.cpp"),
FilePathExclusions = "none", //allow source under unittest path
AllowDupTags = false
};
AnalyzeResult.ExitCode exitCode = AnalyzeResult.ExitCode.CriticalError;
try
{
AnalyzeCommand command = new AnalyzeCommand(options);
AnalyzeResult result = command.GetResult();
exitCode = result.ResultCode;
if (exitCode == AnalyzeResult.ExitCode.Success)
{
exitCode = result.Metadata.TotalMatchesCount == 7 && result.Metadata.UniqueMatchesCount == 7 ? AnalyzeResult.ExitCode.Success : AnalyzeResult.ExitCode.NoMatches;
}
}
catch (Exception)
{
exitCode = AnalyzeResult.ExitCode.CriticalError;
}
Assert.IsTrue(exitCode == AnalyzeResult.ExitCode.Success);
}
public void DefaultAndCustomRulesMatched_Pass()
{
AnalyzeOptions options = new AnalyzeOptions()
{
SourcePath = Path.Combine(Helper.GetPath(Helper.AppPath.testSource), @"unzipped\simple\main.cpp"),
FilePathExclusions = "none", //allow source under unittest path
CustomRulesPath = Path.Combine(Helper.GetPath(Helper.AppPath.testRules), @"myrule.json")
};
AnalyzeResult.ExitCode exitCode = AnalyzeResult.ExitCode.CriticalError;
try
{
AnalyzeCommand command = new AnalyzeCommand(options);
AnalyzeResult result = command.GetResult();
if (result.Metadata.UniqueTags.Keys.Any(v => v.Contains("Authentication.General")) &&
result.Metadata.UniqueTags.Keys.Any(v => v.Contains("Data.Custom1")))
{
exitCode = AnalyzeResult.ExitCode.Success;
}
}
catch (Exception)
{
exitCode = AnalyzeResult.ExitCode.CriticalError;
}
Assert.IsTrue(exitCode == AnalyzeResult.ExitCode.Success);
}
public void NoConsoleOutput_Pass()
{
AnalyzeOptions options = new AnalyzeOptions()
{
SourcePath = Path.Combine(Helper.GetPath(Helper.AppPath.testSource), @"unzipped\simple\empty.cpp"),
FilePathExclusions = "none", //allow source under unittest path
ConsoleVerbosityLevel = "none"
};
AnalyzeResult.ExitCode exitCode = AnalyzeResult.ExitCode.CriticalError;
try
{
// Attempt to open output file.
using (var writer = new StreamWriter(Path.Combine(Helper.GetPath(Helper.AppPath.testOutput), @"consoleout.txt")))
{
// Redirect standard output from the console to the output file.
Console.SetOut(writer);
AnalyzeCommand command = new AnalyzeCommand(options);
AnalyzeResult result = command.GetResult();
exitCode = result.ResultCode;
try
{
string testContent = File.ReadAllText(Path.Combine(Helper.GetPath(Helper.AppPath.testOutput), @"consoleout.txt"));
if (String.IsNullOrEmpty(testContent))
{
exitCode = AnalyzeResult.ExitCode.Success;
}
else
{
exitCode = AnalyzeResult.ExitCode.NoMatches;
}
}
catch (Exception)
{
exitCode = AnalyzeResult.ExitCode.Success;//no console output file found
}
}
}
catch (Exception)
{
exitCode = AnalyzeResult.ExitCode.CriticalError;
}
//reset to normal
var standardOutput = new StreamWriter(Console.OpenStandardOutput());
standardOutput.AutoFlush = true;
Console.SetOut(standardOutput);
//because these are static and each test is meant to be indpendent null assign the references to create the log
WriteOnce.Log = null;
Utils.Logger = null;
Assert.IsTrue(exitCode == AnalyzeResult.ExitCode.Success);
}
public ObjectDescriptor AddBinding(object obj, AnalyzeOptions options)
{
ThrowIfDisposed();
var objectDescriptor = objectAnalyzer.AnalyzeObject(obj, options);
objects.Add(objectDescriptor.Id, objectDescriptor);
return(objectDescriptor);
}
/// <summary>
/// Initializes a new <see cref="AnalyzeContext"/> instance.
/// </summary>
/// <param name="projects">A dictionary of projects and their compilation for easy access.</param>
/// <param name="options">The <see cref="AnalyzeOptions"/> that were passed to the command line.</param>
public AnalyzeContext(IDictionary <Project, Lazy <Compilation> > projects, AnalyzeOptions options)
{
this.Projects = projects;
this.Collector = new InvocationTreeCollector(this);
this.Options = options;
this.SpecifcationsProject = projects.FirstOrDefault(p => p.Key.Name == options.SpecificationsProject).Key;
if (this.SpecifcationsProject == null)
{
throw new ArgumentException($"Project {options.SpecificationsProject} not found in solution.");
}
}
public void ExceptionRaisedInvokingAnalyze()
{
var options = new AnalyzeOptions()
{
BinaryFileSpecifiers = new string[] { this.GetType().Assembly.Location },
};
ExceptionTestHelper(
ExceptionCondition.InvokingAnalyze,
RuntimeConditions.ExceptionInSkimmerAnalyze,
analyzeOptions: options
);
}
private void RunRules(StringBuilder sb, string inputFileName)
{
string fileName = Path.GetFileName(inputFileName);
string actualDirectory = Path.Combine(Path.GetDirectoryName(inputFileName), "Actual");
string expectedDirectory = Path.Combine(Path.GetDirectoryName(inputFileName), "Expected");
if (Directory.Exists(actualDirectory))
{
Directory.Delete(actualDirectory, true);
}
Directory.CreateDirectory(actualDirectory);
string expectedFileName = Path.Combine(expectedDirectory, fileName + ".sarif");
string actualFileName = Path.Combine(actualDirectory, fileName + ".sarif");
AnalyzeCommand command = new AnalyzeCommand();
AnalyzeOptions options = new AnalyzeOptions();
options.TargetFileSpecifiers = new string[] { inputFileName };
options.OutputFilePath = actualFileName;
options.Verbose = true;
options.Recurse = false;
options.ConfigurationFilePath = "default";
int result = command.Run(options);
Assert.Equal(0, result);
JsonSerializerSettings settings = new JsonSerializerSettings()
{
ContractResolver = SarifContractResolver.Instance,
Formatting = Formatting.Indented
};
string expectedText = File.ReadAllText(expectedFileName);
string actualText = File.ReadAllText(actualFileName);
// Make sure we can successfully deserialize what was just generated
ResultLog expectedLog = JsonConvert.DeserializeObject <ResultLog>(expectedText, settings);
ResultLog actualLog = JsonConvert.DeserializeObject <ResultLog>(actualText, settings);
var visitor = new ResultDiffingVisitor(expectedLog);
if (!visitor.Diff(actualLog.RunLogs[0].Results))
{
string errorMessage = "The output of the tool did not match for input {0}.";
sb.AppendLine(String.Format(CultureInfo.CurrentCulture, errorMessage, inputFileName));
sb.AppendLine("Check differences with:");
sb.AppendLine(GenerateDiffCommand(expectedFileName, actualFileName));
}
}
public void WhenAnAnalysisIsRun()
{
var options = new AnalyzeOptions
{
Solution = Hooks.Solution,
SpecificationsProject = _targetProject
};
var command = new AnalyzeCommand();
command.GetWorkspaceFunc = (solution) => Task.FromResult(Hooks.Workspace);
_analyzedInvocations = command.Analyze(options).Result["RootInvocations"];
}
public BaiduEazyDL(AnalyzeOptions options)
{
this.Key = options.Key;
this.SecretKey = options.Skey;
this.threshold = options.Threshold;
if (!string.IsNullOrWhiteSpace(options.Url))
{
this.API = options.Url;
}
else
{
throw new Exception("easyDL need an url ");
}
}
public void ExceptionRaisedInEngine()
{
AnalyzeCommand.RaiseUnhandledExceptionInDriverCode = true;
var options = new AnalyzeOptions()
{
BinaryFileSpecifiers = new string[] { this.GetType().Assembly.Location },
};
ExceptionTestHelper(
ExceptionCondition.None,
RuntimeConditions.ExceptionInEngine,
FailureReason.UnhandledExceptionInEngine);
AnalyzeCommand.RaiseUnhandledExceptionInDriverCode = false;
}
public ObjectDescriptor AnalyzeObject(object o, AnalyzeOptions options)
{
var type = o.GetType();
var builder = ObjectDescriptor.Create()
.WithId(idGenerator.GetNextId())
.WithMethods(methodAnalyzer.AnalyzeMethods(type))
.WithName(options.Name)
.WithObject(o);
if (options.AnalyzeProperties)
{
builder.WithProperties(propertyAnalyzer.AnalyzeProperties(type, o, options.ExtractPropertyValues));
}
return(builder.Get());
}
//[Ignore] // This test fails due to a bug in MSBuild. See https://github.com/Augurk/Augurk.CSharpAnalyzer/issues/1
public async Task RunAnalysisFromNetCoreProject()
{
// Arrange
AnalyzeOptions analyzeOptions = new AnalyzeOptions()
{
Solution = Path.Combine(AppContext.BaseDirectory, @"..\..\..\..\Analyzable Projects\Cucumis.sln"),
SpecificationsProject = "Cucumis.Specifications"
};
AnalyzeCommand analyzeCommand = new AnalyzeCommand();
analyzeCommand.GetWorkspaceFunc = GetWorkspace;
// Act
JToken result = await analyzeCommand.Analyze(analyzeOptions);
// Assert
Assert.IsNotNull(result);
Assert.IsTrue(result["RootInvocations"].Any());
}
public RunLog AnalyzeFile(string fileName)
{
string path = Path.GetTempFileName();
RunLog runLog = null;
try
{
var options = new AnalyzeOptions()
{
BinaryFileSpecifiers = new string[] { fileName },
Verbose = true,
Statistics = true,
ComputeTargetsHash = true,
PolicyFilePath = "default",
Recurse = true,
OutputFilePath = path,
SymbolsPath = "SRV*http://symweb"
};
var command = new AnalyzeCommand();
int result = command.Run(options);
Assert.Equal(AnalyzeCommand.SUCCESS, result);
JsonSerializerSettings settings = new JsonSerializerSettings()
{
ContractResolver = SarifContractResolver.Instance
};
IssueLog log = JsonConvert.DeserializeObject<IssueLog>(File.ReadAllText(path), settings);
Assert.NotNull(log);
Assert.Equal<int>(1, log.RunLogs.Count);
runLog = log.RunLogs[0];
}
finally
{
File.Delete(path);
}
return runLog;
}
public RunLog AnalyzeFile(string fileName)
{
string path = Path.GetTempFileName();
RunLog runLog = null;
try
{
var options = new AnalyzeOptions()
{
BinaryFileSpecifiers = new string[] { fileName },
Verbose = true,
Statistics = true,
ComputeTargetsHash = true,
PolicyFilePath = "default",
Recurse = true,
OutputFilePath = path,
SymbolsPath = "SRV*http://symweb"
};
var command = new AnalyzeCommand();
int result = command.Run(options);
Assert.Equal(AnalyzeCommand.SUCCESS, result);
JsonSerializerSettings settings = new JsonSerializerSettings()
{
ContractResolver = SarifContractResolver.Instance
};
IssueLog log = JsonConvert.DeserializeObject <IssueLog>(File.ReadAllText(path), settings);
Assert.NotNull(log);
Assert.Equal <int>(1, log.RunLogs.Count);
runLog = log.RunLogs[0];
}
finally
{
File.Delete(path);
}
return(runLog);
}
public void BasicZipRead_Pass()
{
AnalyzeOptions options = new AnalyzeOptions()
{
SourcePath = Path.Combine(Helper.GetPath(Helper.AppPath.testSource), @"zipped\main.zip"),
FilePathExclusions = "none", //allow source under unittest path
};
AnalyzeResult.ExitCode exitCode = AnalyzeResult.ExitCode.CriticalError;
try
{
AnalyzeCommand command = new AnalyzeCommand(options);
AnalyzeResult result = command.GetResult();
exitCode = result.ResultCode;
}
catch (Exception)
{
}
Assert.IsTrue(exitCode == AnalyzeResult.ExitCode.Success);
}
public void TargetIsNotAPortableExecutable()
{
string path = Path.GetTempFileName();
try
{
var options = new AnalyzeOptions()
{
BinaryFileSpecifiers = new string[] { path },
};
ExceptionTestHelper(
ExceptionCondition.None,
RuntimeConditions.OneOrMoreTargetsNotPortableExecutables,
analyzeOptions: options);
}
finally
{
File.Delete(path);
}
}
public void ExceptionRaisedInEngine()
{
AnalyzeCommand.RaiseUnhandledExceptionInDriverCode = true;
var options = new AnalyzeOptions()
{
BinaryFileSpecifiers = new string[] { this.GetType().Assembly.Location },
};
ExceptionTestHelper(
ExceptionCondition.None,
RuntimeConditions.ExceptionInEngine,
FailureReason.UnhandledExceptionInEngine);
AnalyzeCommand.RaiseUnhandledExceptionInDriverCode = false;
}
public void ExceptionRaisedInvokingCanAnalyze()
{
var options = new AnalyzeOptions()
{
BinaryFileSpecifiers = new string[] { this.GetType().Assembly.Location },
};
ExceptionTestHelper(
ExceptionCondition.InvokingCanAnalyze,
RuntimeConditions.ExceptionRaisedInSkimmerCanAnalyze,
analyzeOptions: options
);
}
public void IOExceptionRaisedCreatingSarifLog()
{
string path = Path.GetTempFileName();
try
{
using (var stream = File.OpenWrite(path))
{
// our log file is locked for write
// causing exceptions at analysis time
var options = new AnalyzeOptions()
{
BinaryFileSpecifiers = new string[] { this.GetType().Assembly.Location },
OutputFilePath = path,
Verbose = true,
};
ExceptionTestHelper(
ExceptionCondition.None,
RuntimeConditions.ExceptionCreatingLogfile,
expectedExitReason: FailureReason.ExceptionCreatingLogFile,
analyzeOptions: options);
}
}
finally
{
File.Delete(path);
}
}
public void TargetIsNotAPortableExecutable()
{
string path = Path.GetTempFileName();
try
{
var options = new AnalyzeOptions()
{
BinaryFileSpecifiers = new string[] { path },
};
ExceptionTestHelper(
ExceptionCondition.None,
RuntimeConditions.OneOrMoreTargetsNotPortableExecutables,
analyzeOptions: options);
}
finally
{
File.Delete(path);
}
}
public void UnauthorizedAccessExceptionCreatingSarifLog()
{
string path = Environment.GetFolderPath(Environment.SpecialFolder.Windows);
path = Path.Combine(path, Guid.NewGuid().ToString());
try
{
// attempt to persist to unauthorized location will raise exception
var options = new AnalyzeOptions()
{
BinaryFileSpecifiers = new string[] { this.GetType().Assembly.Location },
OutputFilePath = path,
Verbose = true,
};
ExceptionTestHelper(
ExceptionCondition.None,
RuntimeConditions.ExceptionCreatingLogfile,
expectedExitReason: FailureReason.ExceptionCreatingLogFile,
analyzeOptions: options);
}
finally
{
File.Delete(path);
}
}
private void RunRules(StringBuilder sb, string inputFileName)
{
string fileName = Path.GetFileName(inputFileName);
string actualDirectory = Path.Combine(Path.GetDirectoryName(inputFileName), "Actual");
string expectedDirectory = Path.Combine(Path.GetDirectoryName(inputFileName), "Expected");
if (Directory.Exists(actualDirectory))
{
Directory.Delete(actualDirectory, true);
}
Directory.CreateDirectory(actualDirectory);
string expectedFileName = Path.Combine(expectedDirectory, fileName + ".sarif");
string actualFileName = Path.Combine(actualDirectory, fileName + ".sarif");
AnalyzeCommand command = new AnalyzeCommand();
AnalyzeOptions options = new AnalyzeOptions();
options.TargetFileSpecifiers = new string[] { inputFileName };
options.OutputFilePath = actualFileName;
options.Verbose = true;
options.Recurse = false;
options.ConfigurationFilePath = "default";
int result = command.Run(options);
Assert.Equal(0, result);
JsonSerializerSettings settings = new JsonSerializerSettings()
{
ContractResolver = SarifContractResolver.Instance,
Formatting = Formatting.Indented
};
string expectedText = File.ReadAllText(expectedFileName);
string actualText = File.ReadAllText(actualFileName);
// Make sure we can successfully deserialize what was just generated
ResultLog expectedLog = JsonConvert.DeserializeObject<ResultLog>(expectedText, settings);
ResultLog actualLog = JsonConvert.DeserializeObject<ResultLog>(actualText, settings);
var visitor = new ResultDiffingVisitor(expectedLog);
if (!visitor.Diff(actualLog.RunLogs[0].Results))
{
string errorMessage = "The output of the tool did not match for input {0}.";
sb.AppendLine(String.Format(CultureInfo.CurrentCulture, errorMessage, inputFileName));
sb.AppendLine("Check differences with:");
sb.AppendLine(GenerateDiffCommand(expectedFileName, actualFileName));
}
}
private void ExceptionTestHelper(
ExceptionCondition exceptionCondition,
RuntimeConditions runtimeConditions,
FailureReason expectedExitReason = FailureReason.ExceptionsDidNotHaltAnalysis,
AnalyzeOptions analyzeOptions = null)
{
AnalyzeCommand.DefaultRuleAssemblies = new Assembly[] { typeof(ExceptionRaisingRule).Assembly };
ExceptionRaisingRule.s_exceptionCondition = exceptionCondition;
analyzeOptions = analyzeOptions ?? new AnalyzeOptions()
{
BinaryFileSpecifiers = new string[0]
};
var command = new AnalyzeCommand();
int result = command.Run(analyzeOptions);
int expectedResult =
(runtimeConditions & RuntimeConditions.Fatal) == RuntimeConditions.NoErrors ?
AnalyzeCommand.SUCCESS : AnalyzeCommand.FAILURE;
Assert.Equal(runtimeConditions, command.RuntimeErrors);
Assert.Equal(expectedResult, result);
if (expectedExitReason != FailureReason.ExceptionsDidNotHaltAnalysis)
{
Assert.NotNull(command.ExecutionException);
if (expectedExitReason != FailureReason.UnhandledExceptionInEngine)
{
var eax = command.ExecutionException as ExitApplicationException<FailureReason>;
Assert.NotNull(eax);
}
}
else
{
Assert.Null(command.ExecutionException);
}
ExceptionRaisingRule.s_exceptionCondition = ExceptionCondition.None;
AnalyzeCommand.DefaultRuleAssemblies = null;
}
public void ExceptionLoadingTargetFile()
{
string path = Path.GetTempFileName();
try
{
var options = new AnalyzeOptions()
{
BinaryFileSpecifiers = new string[] { path },
};
using (var lockedStream = File.OpenWrite(path))
{
ExceptionTestHelper(
ExceptionCondition.None,
RuntimeConditions.ExceptionLoadingTargetFile,
analyzeOptions: options);
}
}
finally
{
File.Delete(path);
}
}
