private void CompleteTask([NotNull] Tasks task, [NotNull] TaskProcessingResult result)
{
var lowResults = 0;
var mediumResults = 0;
var highResults = 0;
var vulnerabilities = result.Todo.Concat(result.Reopen).Select(x => x.VulnerabilityInfo);
foreach (var vulnerabilityInfo in vulnerabilities)
{
var severity = _vulnerabilitySeverityResolver.Resolve(vulnerabilityInfo.Type);
switch (severity)
{
case VulnerabilitySeverityType.Low:
lowResults++;
break;
case VulnerabilitySeverityType.Medium:
mediumResults++;
break;
case VulnerabilitySeverityType.High:
highResults++;
break;
case VulnerabilitySeverityType.Unknown:
// TODO log severities of such type because they are new for us
lowResults++;
break;
default:
throw new ArgumentOutOfRangeException();
}
var typeShort = _vulnerabilityShortTypeResolver.Resolve(vulnerabilityInfo.Type);
typeShort = typeShort.Substring(0, Math.Min(10, typeShort.Length));
_taskResultRepository.Insert(
new TaskResults
{
AdditionalExploitConditions = vulnerabilityInfo.AdditionalExploitConditions,
Description = vulnerabilityInfo.Description,
ExploitGraph = vulnerabilityInfo.Exploit,
File = vulnerabilityInfo.File,
Function = vulnerabilityInfo.Function,
LineNumber = vulnerabilityInfo.NumberLine,
Message = vulnerabilityInfo.Message,
Place = vulnerabilityInfo.Place,
RawLine = vulnerabilityInfo.RawLine,
SeverityTypeInfo = severity == VulnerabilitySeverityType.Unknown
? VulnerabilitySeverityType.Low
: severity,
SourceFile = vulnerabilityInfo.SourceFile,
TaskId = task.Id,
Type = vulnerabilityInfo.Type,
TypeShort = typeShort,
LinePosition = vulnerabilityInfo.Position,
IssueNumber = vulnerabilityInfo.IssueNumber,
IssueUrl = vulnerabilityInfo.IssueUrl
});
}
task.FinishPostProcessing(_timeService.GetUtc());
task.LowSeverityVulns = lowResults;
task.MediumSeverityVulns = mediumResults;
task.HighSeverityVulns = highResults;
task.FP = result.FalsePositiveAnnotations.Length + result.FalsePositivePairs.Length;
task.Todo = result.Todo.Length;
task.Reopen = result.Reopen.Length;
task.Fixed = result.Fixed.Length;
var previousTask = _taskRepository.GetPrevious(task);
if (previousTask == null)
{
return;
}
task.IncrementFP = task.FP - previousTask.FP;
task.IncrementFixed = task.Fixed - previousTask.Fixed;
task.IncrementReopen = task.Reopen - previousTask.Reopen;
task.IncrementTodo = task.Todo - previousTask.Todo;
}
protected override void ExecuteStage(PostProcessingBundle bundle)
{
var branches = bundle.VersionControlPlugin.GetBranches().ToList();
var mainBranch = branches.First(x => x.Name == bundle.Task.Repository);
var annotationGroups = bundle.Changes
.Where(x => x.Type != FileChangeAnnotationType.None)
.GroupBy(x => x.Annotation.LongName);
foreach (var typeGroup in annotationGroups)
{
var branchName = _branchNameBuilder.Build(new BranchNameBuilderInfo {
Type = typeGroup.Key
});
var branch = branches.FirstOrDefault(
x => string.Equals(
x.Name,
branchName,
StringComparison.CurrentCultureIgnoreCase));
if (branch == null)
{
using (
var telemetryScope = _telemetryScopeProvider.Create <VcsPluginInfo>(TelemetryOperationNames.VcsPlugin.CreateBranch)
)
{
try
{
telemetryScope.SetEntity(
new VcsPluginInfo
{
Plugin = bundle.Task.Projects.Plugins1, // VCS plugin =)
CreatedBranchName = branchName,
TaskId = bundle.Task.Id
});
branch = bundle.VersionControlPlugin.CreateBranch(bundle.Task.FolderPath, branchName, mainBranch.Id);
telemetryScope.WriteSuccess();
}
catch (Exception ex)
{
telemetryScope.WriteException(ex);
throw;
}
}
branches.Add(branch);
}
foreach (var fileGroup in typeGroup.GroupBy(x => x.Annotation.File))
{
var content = File.ReadAllText(Path.Combine(bundle.Task.FolderPath, fileGroup.Key));
var ending = content.GetLineSplitter();
var linesContent = content.Split(new[] { ending }, StringSplitOptions.None).ToList();
var rowShift = 0;
foreach (var fileUpdate in fileGroup.OrderBy(x => x.Annotation.LineStart))
{
var removeCount = 0;
if (fileUpdate.Type == FileChangeAnnotationType.Update)
{
removeCount = fileUpdate.Annotation.LineEnd - fileUpdate.Annotation.LineStart + 1;
for (var index = 0; index < removeCount; index++)
{
linesContent.RemoveAt(fileUpdate.Annotation.LineStart + rowShift - 1);
}
}
var serializedIssueAnnotation = _issueAnnotationSerializer.Serialize(fileUpdate.Annotation);
var annotation = _issueAnnotationFormatter.Format(serializedIssueAnnotation);
var lines = annotation.Split('\n');
var rawLine = linesContent[fileUpdate.Annotation.LineStart + rowShift - 1];
var startLineShift = rawLine.Substring(0, rawLine.Length - rawLine.TrimStart(' ', '\t').Length);
for (var index = 0; index < lines.Length; index++)
{
linesContent.Insert(
fileUpdate.Annotation.LineStart + rowShift + index - 1,
startLineShift + lines[index].Trim());
}
rowShift = rowShift - removeCount + lines.Length;
if (fileUpdate.Vulnerability != null)
{
fileUpdate.Vulnerability.NumberLine = fileUpdate.Annotation.LineStart + rowShift;
}
}
var memoryStream = new MemoryStream();
var streamWriter = new StreamWriter(memoryStream);
streamWriter.Write(string.Join(ending, linesContent));
streamWriter.Flush();
streamWriter.Close();
var commitTemplate = _templateProvider.Get(TemplateNames.CommitName);
commitTemplate.Body.Add(
new Dictionary <string, object>
{
{ "Group", _vulnerabilityShortTypeResolver.Resolve(typeGroup.Key) },
{ "File", Path.GetFileName(fileGroup.Key) }
});
var bodyCommit = commitTemplate.Body.Render();
_log.Debug($"Commit to {branch.Id} {fileGroup.Key}");
var fileContent = memoryStream.ToArray();
using (var telemetryScope = _telemetryScopeProvider.Create <VcsPluginInfo>(TelemetryOperationNames.VcsPlugin.Commit))
{
try
{
telemetryScope.SetEntity(
new VcsPluginInfo
{
Plugin = bundle.Task.Projects.Plugins1, // VCS plugin
CommittedSourcesSize = fileContent.Length,
TaskId = bundle.Task.Id
});
bundle.VersionControlPlugin.Commit(
bundle.Task.FolderPath,
branch.Id,
bodyCommit,
fileGroup.Key,
fileContent);
telemetryScope.WriteSuccess();
}
catch (Exception ex)
{
telemetryScope.WriteException(ex);
throw;
}
}
}
}
bundle.VersionControlPlugin.CleanUp(bundle.Task.FolderPath);
}
public string ShouldResolveShortTypeName(string longName) => _target.Resolve(longName);
