internal static Result CreateResult(FailureLevel level, ResultKind kind, Region region, string path)
{
return(new Result
{
RuleId = TestRuleId,
Level = level,
Kind = kind,
Locations = new List <Location>
{
new Location
{
PhysicalLocation = new PhysicalLocation
{
ArtifactLocation = new ArtifactLocation
{
Uri = new Uri(path, UriKind.RelativeOrAbsolute)
},
Region = region
}
}
},
Message = new Message
{
Arguments = new List <string>
{
"42",
"54"
},
Id = TestMessageStringId
}
});
}
private void WriteToConsole(ResultKind kind, FailureLevel level, Uri uri, Region region, string ruleId, string message)
{
ValidateKindAndLevel(kind, level);
switch (level)
{
// These result types are optionally emitted.
case FailureLevel.None:
case FailureLevel.Note:
{
if (Verbose)
{
Console.WriteLine(GetMessageText(uri, region, ruleId, message, kind, level));
}
break;
}
// These result types are always emitted.
case FailureLevel.Error:
case FailureLevel.Warning:
{
Console.WriteLine(GetMessageText(uri, region, ruleId, message, kind, level));
break;
}
default:
{
throw new InvalidOperationException();
}
}
}
public void NoteTestResult(FailureLevel messageKind, string targetPath)
{
switch (messageKind)
{
case FailureLevel.Error:
{
FailTargets.Add(targetPath);
break;
}
case FailureLevel.Warning:
{
FailTargets.Add(targetPath);
break;
}
case FailureLevel.Note:
{
throw new NotImplementedException();
}
default:
{
break;
}
}
}
public static ResultLevelVersionOne CreateResultLevelVersionOne(FailureLevel v2FailureLevel, ResultKind v2ResultKind)
{
if (v2ResultKind != ResultKind.Fail)
{
v2FailureLevel = FailureLevel.None;
}
switch (v2FailureLevel)
{
case FailureLevel.Error:
return(ResultLevelVersionOne.Error);
case FailureLevel.Note:
return(ResultLevelVersionOne.Note);
case FailureLevel.Warning:
return(ResultLevelVersionOne.Warning);
case FailureLevel.None:
return(CreateResultLevelVersionOneFromResultKind(v2ResultKind));
default:
return(ResultLevelVersionOne.Default);
}
}
internal ReportingDescriptor CreateRule(RuleVersionOne v1Rule)
{
ReportingDescriptor rule = null;
if (v1Rule != null)
{
rule = new ReportingDescriptor
{
FullDescription = CreateMultiformatMessageString(v1Rule.FullDescription),
HelpUri = v1Rule.HelpUri,
Id = v1Rule.Id,
MessageStrings = v1Rule.MessageFormats.ConvertToMultiformatMessageStringsDictionary(),
Name = v1Rule.Name,
Properties = v1Rule.Properties,
ShortDescription = CreateMultiformatMessageString(v1Rule.ShortDescription)
};
FailureLevel level = Utilities.CreateReportingConfigurationDefaultLevel(v1Rule.DefaultLevel);
rule.DefaultConfiguration = new ReportingConfiguration
{
Level = level,
Enabled = v1Rule.Configuration != RuleConfigurationVersionOne.Disabled
};
}
return(rule);
}
private void Init(string id, string ruleId, int ruleIndex, PhysicalLocation physicalLocation, Message message, FailureLevel level, int threadId, DateTime timeUtc, ExceptionData exception, IDictionary <string, SerializedPropertyInfo> properties)
{
Id = id;
RuleId = ruleId;
RuleIndex = ruleIndex;
if (physicalLocation != null)
{
PhysicalLocation = new PhysicalLocation(physicalLocation);
}
if (message != null)
{
Message = new Message(message);
}
Level = level;
ThreadId = threadId;
TimeUtc = timeUtc;
if (exception != null)
{
Exception = new ExceptionData(exception);
}
if (properties != null)
{
Properties = new Dictionary <string, SerializedPropertyInfo>(properties);
}
}
public bool ShouldLog(FailureLevel level)
{
switch (level)
{
case FailureLevel.None:
case FailureLevel.Note:
{
if (!Verbose)
{
return(false);
}
break;
}
case FailureLevel.Error:
case FailureLevel.Warning:
{
break;
}
default:
{
throw new InvalidOperationException();
}
}
return(true);
}
public static void LogPdbLoadTrace(
IAnalysisContext context,
bool pdbLoadSucceeded,
string pdbLoadTrace)
{
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
string formatString = pdbLoadSucceeded
// The PDB for '{0}' was found and loaded. Probing details:{1}
? RuleResources.PdbLoadSucceeded
// Could not locate the PDB for '{0'}. Probing details:{1}
: RuleResources.PdbLoadFailed;
FailureLevel failureLevel = pdbLoadSucceeded
? FailureLevel.Note
: FailureLevel.Warning;
context.Logger.LogConfigurationNotification(
Errors.CreateNotification(
context.TargetUri,
"TRC001.PdbLoad",
context.Rule.Id,
failureLevel,
exception: null,
persistExceptionStack: false,
formatString,
context.TargetUri.GetFileName(),
pdbLoadTrace));
}
private static FailureLevel GetFailureLevelFrom(string level, out ResultKind resultKind)
{
resultKind = ResultKind.Fail;
FailureLevel failureLevel = FailureLevel.None;
switch (level)
{
// Failure cases. ResultKind.Fail + specific failure level
case "warning": { failureLevel = FailureLevel.Warning; break; }
case "error": { failureLevel = FailureLevel.Error; break; }
case "note": { failureLevel = FailureLevel.Note; break; }
// Non-failure cases. FailureLevel.None + specific result kind
case "notapplicable": { resultKind = ResultKind.NotApplicable; break; }
case "info": { resultKind = ResultKind.Informational; break; }
case "pass": { resultKind = ResultKind.Pass; break; }
case "review": { resultKind = ResultKind.Review; break; }
case "open": { resultKind = ResultKind.Open; break; }
default: { failureLevel = FailureLevel.Warning; break; }
}
return(failureLevel);
}
private static object[] BuildDefaultTestCase(FailureLevel level, ResultKind kind = ResultKind.Fail)
{
string lineLabel = level != FailureLevel.None
? level.ToString().ToLowerInvariant()
: kind.ToString().ToLowerInvariant();
if (kind == ResultKind.Informational)
{
// Console reporting historically abbreviates this term
lineLabel = "info";
}
if (level == FailureLevel.None && kind == ResultKind.None)
{
// No good information? Mark it as informational.
lineLabel = "info";
}
return(new object[]
{
level,
kind,
MultiLineTestRegion,
$"{TestData.TestAnalysisTarget}(2,4,3,5): {lineLabel} {TestData.TestRuleId}: First: 42, Second: 54",
TestData.TestAnalysisTarget
});
}
public void FortifyFprConverter_GetFailureLevelFromRuleMetadata_ReturnsAppropriateFailureLevel()
{
var expectedInputOutputs = new Dictionary <string, FailureLevel>
{
{ "0.0", FailureLevel.Note },
{ "0.5", FailureLevel.Note },
{ "1.0", FailureLevel.Note },
{ "1.1", FailureLevel.Warning },
{ "2.0", FailureLevel.Warning },
{ "2.5", FailureLevel.Warning },
{ "2.9", FailureLevel.Warning },
{ "3.0", FailureLevel.Warning },
{ "3.1", FailureLevel.Error },
{ "3.5", FailureLevel.Error },
{ "3.9", FailureLevel.Error },
{ "4.5", FailureLevel.Error },
{ "5.0", FailureLevel.Error },
{ "-5.5", FailureLevel.Warning }, //Invalid value, we default it to Warning
{ "5.5", FailureLevel.Error }, // Invalid value, we guess that it should be treated as Error
};
foreach (KeyValuePair <string, FailureLevel> keyValuePair in expectedInputOutputs)
{
ReportingDescriptor rule = new ReportingDescriptor();
rule.SetProperty <string>("Impact", keyValuePair.Key);
FailureLevel level = FortifyFprConverter.GetFailureLevelFromRuleMetadata(rule);
level.Should().Be(keyValuePair.Value);
}
}
protected static void LogToolNotification(
IAnalysisLogger logger,
string message,
FailureLevel level = FailureLevel.Note,
Exception ex = null)
{
ExceptionData exceptionData = null;
if (ex != null)
{
exceptionData = new ExceptionData
{
Kind = ex.GetType().FullName,
Message = ex.Message,
Stack = Stack.CreateStacks(ex).FirstOrDefault()
};
}
TextWriter writer = level == FailureLevel.Error ? Console.Error : Console.Out;
writer.WriteLine(message);
logger.LogToolNotification(new Notification
{
Level = level,
Message = new Message {
Text = message
},
Exception = exceptionData
});
}
private void AddToolNotification(
string id,
FailureLevel level,
string messageFormat,
params object[] args)
{
string message = string.Format(CultureInfo.CurrentCulture, messageFormat, args);
// When the parser read the offending line, it incremented the line number,
// so report the previous line.
long lineNumber = _parser.Context.Row - 1;
string messageWithLineNumber = string.Format(
CultureInfo.CurrentCulture,
ConverterResources.SemmleNotificationFormat,
lineNumber,
message);
_toolNotifications.Add(new Notification
{
Descriptor = new ReportingDescriptorReference
{
Id = id,
},
TimeUtc = DateTime.UtcNow,
Level = level,
Message = new Message {
Text = messageWithLineNumber
}
});
}
protected virtual void AnalyzeTargets(
TOptions options,
IEnumerable <Skimmer <TContext> > skimmers,
TContext rootContext,
IEnumerable <string> targets)
{
var disabledSkimmers = new SortedSet <string>();
foreach (Skimmer <TContext> skimmer in skimmers)
{
PerLanguageOption <RuleEnabledState> ruleEnabledProperty =
DefaultDriverOptions.CreateRuleSpecificOption(skimmer, DefaultDriverOptions.RuleEnabled);
RuleEnabledState ruleEnabled = rootContext.Policy.GetProperty(ruleEnabledProperty);
FailureLevel failureLevel = (ruleEnabled == RuleEnabledState.Default || ruleEnabled == RuleEnabledState.Disabled)
? default
: (FailureLevel)Enum.Parse(typeof(FailureLevel), ruleEnabled.ToString());
if (ruleEnabled == RuleEnabledState.Disabled)
{
disabledSkimmers.Add(skimmer.Id);
Warnings.LogRuleExplicitlyDisabled(rootContext, skimmer.Id);
RuntimeErrors |= RuntimeConditions.RuleWasExplicitlyDisabled;
}
else if (!skimmer.DefaultConfiguration.Enabled && ruleEnabled == RuleEnabledState.Default)
{
// This skimmer is disabled by default, and the configuration file didn't mention it.
// So disable it, but don't complain that the rule was explicitly disabled.
disabledSkimmers.Add(skimmer.Id);
}
else if (skimmer.DefaultConfiguration.Level != failureLevel &&
ruleEnabled != RuleEnabledState.Default &&
ruleEnabled != RuleEnabledState.Disabled)
{
skimmer.DefaultConfiguration.Level = failureLevel;
}
}
if (disabledSkimmers.Count == skimmers.Count())
{
Errors.LogAllRulesExplicitlyDisabled(rootContext);
ThrowExitApplicationException(rootContext, ExitReason.NoRulesLoaded);
}
if ((options.DataToInsert.ToFlags() & OptionallyEmittedData.Hashes) != 0)
{
// If analysis is persisted to a disk log file, we will have already
// computed all file hashes and stored them to _pathToHashDataMap.
_pathToHashDataMap = _pathToHashDataMap ?? HashUtilities.MultithreadedComputeTargetFileHashes(targets, options.Quiet);
}
foreach (string target in targets)
{
using (TContext context = DetermineApplicabilityAndAnalyze(options, skimmers, rootContext, target, disabledSkimmers))
{
RuntimeErrors |= context.RuntimeErrors;
}
}
}
public void Result_FormatFailureLevelsForVisualStudioTests(FailureLevel level, ResultKind kind, Region region, string expected, string path)
{
Result result = TestData.CreateResult(level, kind, region, path);
string actual = result.FormatForVisualStudio(TestData.TestRule);
actual.Should().Be(expected);
}
public ValidationFailure(string message, string code, FailureLevel level = FailureLevel.Warning)
{
Condition.Requires(message, nameof(message)).IsNotNullOrWhiteSpace();
Condition.Requires(code, nameof(code)).IsNotNullOrWhiteSpace();
this.Message = message;
this.Code = code;
this.Level = level;
}
public void FortifyFprConverter_GetFailureLevelFromRuleMetadata_MissingImpactProperty_ReturnsWarning()
{
ReportingDescriptor rule = new ReportingDescriptor();
FailureLevel level = FortifyFprConverter.GetFailureLevelFromRuleMetadata(rule);
level.Should().Be(FailureLevel.Warning);
}
public static Result BuildResult(FailureLevel level, ResultKind kind, IAnalysisContext context, Region region, string ruleMessageId, params string[] arguments)
{
if (context == null)
{
throw new ArgumentNullException(nameof(context));
}
if (arguments == null)
{
throw new ArgumentNullException(nameof(arguments));
}
ruleMessageId = NormalizeRuleMessageId(ruleMessageId, context.Rule.Id);
Result result = new Result
{
RuleId = context.Rule.Id,
Message = new Message
{
MessageId = ruleMessageId,
Arguments = arguments
},
Level = level,
Kind = kind
};
string targetPath = context.TargetUri?.LocalPath;
if (targetPath != null)
{
result.Locations = new List <Location> {
new Sarif.Location {
PhysicalLocation = new PhysicalLocation
{
ArtifactLocation = new ArtifactLocation
{
Uri = new Uri(targetPath)
},
Region = region
}
}
};
}
if (level == FailureLevel.Warning)
{
context.RuntimeErrors |= RuntimeConditions.OneOrMoreWarningsFired;
}
if (level == FailureLevel.Error)
{
context.RuntimeErrors |= RuntimeConditions.OneOrMoreErrorsFired;
}
return(result);
}
private Result ConstructResult(
Uri targetUri,
string ruleId,
FailureLevel level,
Region region,
FlexMatch flexMatch,
string fingerprint,
MatchExpression matchExpression,
IList <string> arguments)
{
var location = new Location()
{
PhysicalLocation = new PhysicalLocation
{
ArtifactLocation = new ArtifactLocation
{
Uri = targetUri,
},
Region = region,
},
};
Dictionary <string, string> fingerprints = BuildFingerprints(fingerprint);
string messageId = matchExpression.SubId ?? "Default";
var result = new Result()
{
RuleId = ruleId,
Level = level,
Message = new Message()
{
Id = messageId,
Arguments = arguments,
},
Locations = new List <Location>(new[] { location }),
Fingerprints = fingerprints,
};
if (matchExpression.Fixes?.Count > 0)
{
// Build arguments that may be required for fix text.
var argumentNameToValueMap = new Dictionary <string, string>();
foreach (KeyValuePair <string, int> kv in matchExpression.ArgumentNameToIndexMap)
{
argumentNameToValueMap["{" + kv.Key + "}"] = arguments[kv.Value];
}
foreach (SimpleFix fix in matchExpression.Fixes.Values)
{
ExpandArguments(fix, argumentNameToValueMap);
AddFixToResult(flexMatch, fix, result);
}
}
return(result);
}
private static string GetMessageText(
string toolName,
Uri uri,
Region region,
string ruleId,
string message,
ResultKind kind,
FailureLevel level)
{
string path = ConstructPathFromUri(uri);
string issueType = null;
switch (level)
{
case FailureLevel.Note:
issueType = "note";
break;
case FailureLevel.Error:
issueType = "error";
break;
case FailureLevel.Warning:
issueType = "warning";
break;
case FailureLevel.None:
issueType = kind.ToString().ToLowerInvariant();
// Shorten to 'info' for compatibility with previous behavior.
if (issueType == "informational")
{
issueType = "info";
}
break;
default:
throw new InvalidOperationException("Unknown message level:" + level.ToString());
}
string detailedDiagnosis = NormalizeMessage(message, enquote: false);
string location = "";
if (region != null)
{
// TODO: FormatForVisualStudio doesn't handle
// binary and char offsets only.
location = region.FormatForVisualStudio();
}
return((path != null ? (path + location) : toolName)
+ $": {issueType} "
+ (!string.IsNullOrEmpty(ruleId) ? (ruleId + ": ") : "")
+ detailedDiagnosis);
}
private static Notification CreateNotification(
Uri uri,
string notificationId,
FailureLevel level,
Exception exception,
bool persistExceptionStack,
params string[] args)
{
return(CreateNotification(uri, notificationId, null, level, exception, persistExceptionStack, args));
}
public void SarifLogger_ShouldLogByFailureLevel(FailureLevel level, bool verboseLogging, bool expectedReturn)
{
LoggingOptions loggingOptions = verboseLogging ? LoggingOptions.Verbose : LoggingOptions.None;
var sb = new StringBuilder();
var logger = new SarifLogger(new StringWriter(sb), loggingOptions);
bool result = logger.ShouldLog(level);
result.Should().Be(expectedReturn);
}
public static Result BuildResult(ResultKind kind, IAnalysisContext context, Region region, string ruleMessageId, params string[] arguments)
{
// If kind indicates a failure, but we have no explicit failure
// level, we'll fall back to the default of Warning
FailureLevel level = (kind != ResultKind.Fail)
? FailureLevel.None
: FailureLevel.Warning;
return BuildResult(level, kind, context, region, ruleMessageId, arguments);
}
public static Result BuildResult(FailureLevel level, IAnalysisContext context, Region region, string ruleMessageId, params string[] arguments)
{
// If we have a failure level, the kind is Fail, otherwise None.
// A message of kind == debug and failure level == none is a trace
// message, pure and simple.
ResultKind kind = (level != FailureLevel.None)
? ResultKind.Fail
: ResultKind.None;
return BuildResult(level, kind, context, region, ruleMessageId, arguments);
}
private static IssueSeverity LevelToSeverity(FailureLevel level)
{
switch (level)
{
case FailureLevel.Warning: return(IssueSeverity.Warning);
case FailureLevel.Error: return(IssueSeverity.Error);
case FailureLevel.Note:
default: return(IssueSeverity.Suggestion);
}
}
private static void ValidateKindAndLevel(ResultKind kind, FailureLevel level)
{
if (level != FailureLevel.None && kind != ResultKind.Fail)
{
throw new ArgumentException("Level indicated a failure but kind was not set to 'Fail'.");
}
if (level == FailureLevel.None && kind == ResultKind.Fail)
{
throw new ArgumentException("Level did not indicate a failure but kind was set to 'Fail'.");
}
return;
}
public static string FormatForVisualStudio(this FailureLevel level)
{
switch (level)
{
case FailureLevel.Error:
return("error");
case FailureLevel.Warning:
return("warning");
default:
return("info");
}
}
public static NotificationLevelVersionOne CreateNotificationLevelVersionOne(FailureLevel v2FailureLevel)
{
switch (v2FailureLevel)
{
case FailureLevel.Error:
return(NotificationLevelVersionOne.Error);
case FailureLevel.Note:
return(NotificationLevelVersionOne.Note);
default:
return(NotificationLevelVersionOne.Warning);
}
}
private static Notification CreateNotification(
Uri uri,
string notificationId,
string ruleId,
FailureLevel level,
Exception exception,
bool persistExceptionStack,
params string[] args)
{
string messageFormat = GetMessageFormatResourceForNotification(notificationId);
string message = string.Format(CultureInfo.CurrentCulture, messageFormat, args);
string exceptionMessage = exception?.Message;
if (!string.IsNullOrEmpty(exceptionMessage))
{
// {0} ('{1}')
message = string.Format(CultureInfo.InvariantCulture, SdkResources.NotificationWithExceptionMessage, message, exceptionMessage);
}
var exceptionData = exception != null && persistExceptionStack
? ExceptionData.Create(exception)
: null;
var physicalLocation = uri != null
? new PhysicalLocation
{
ArtifactLocation = new ArtifactLocation
{
Uri = uri
},
}
: null;
var notification = new Notification
{
PhysicalLocation = physicalLocation,
Id = notificationId,
RuleId = ruleId,
Level = level,
Message = new Message {
Text = message
},
Exception = exceptionData
};
return(notification);
}
private void Init(bool enabled, FailureLevel level, double rank, IDictionary <string, SerializedPropertyInfo> parameters, IDictionary <string, SerializedPropertyInfo> properties)
{
Enabled = enabled;
Level = level;
Rank = rank;
if (parameters != null)
{
Parameters = new Dictionary <string, SerializedPropertyInfo>(parameters);
}
if (properties != null)
{
Properties = new Dictionary <string, SerializedPropertyInfo>(properties);
}
}