public void UseCase_Normal_Test() { RuleProcessor processor = new RuleProcessor(@"rules\valid"); processor.AddRules(@"rules\custom", "my rules"); string testString = "strcpy(dest,src);"; // strcpy test Match match = processor.IsMatch(testString, 0, "cpp"); Assert.IsTrue(match.Success, "strcpy should be flagged"); Assert.AreEqual(0, match.Location, "strcpy invalid index"); Assert.AreEqual(16, match.Length, "strcpy invalid length "); Assert.AreEqual("DS185832", match.Rule.Id, "strcpy invalid rule"); // Fix it test Assert.AreNotEqual(match.Rule.Fixes.Length, 0, "strcpy invalid Fixes"); CodeFix fix = match.Rule.Fixes[0]; string fixedCode = RuleProcessor.Fix(testString, fix); Assert.AreEqual("strcpy_s(dest, <size of dest>, src);", fixedCode, "strcpy invalid code fix"); Assert.IsTrue(fix.Name.Contains("Change to strcpy_s"), "strcpy wrong fix name"); // TODO test testString = "//TODO: fix this later"; match = processor.IsMatch(testString, 0, "csharp"); Assert.IsTrue(match.Success, "todo should be flagged"); Assert.AreEqual(2, match.Location, "todo invalid index"); Assert.AreEqual(4, match.Length, "todo invalid length "); Assert.AreEqual("DS176209", match.Rule.Id, "todo invalid rule"); Assert.AreEqual(0, match.Rule.Fixes.Length, "todo invalid Fixes"); Assert.AreEqual("my rules", match.Rule.Tag, "todo invalid tag"); }
public void UseCase_SuppressExistingPast_Test() { RuleProcessor processor = new RuleProcessor(@"rules\valid"); processor.AddRules(@"rules\custom"); string testString = "MD5 hash = new MD5CryptoServiceProvider(); //DevSkim: ignore DS126858,DS168931 until 1980-07-15"; Suppressor sup = new Suppressor(testString, "csharp"); Assert.IsFalse(sup.IsRuleSuppressed("DS126858"), "Is suppressed DS126858 should be True"); Assert.IsFalse(sup.IsRuleSuppressed("DS168931"), "Is suppressed DS168931 should be True"); // Suppress multiple string suppressedString = sup.SuppressRule("DS196098"); string expected = "MD5 hash = new MD5CryptoServiceProvider(); //DevSkim: ignore DS126858,DS168931,DS196098 until 1980-07-15"; Assert.AreEqual(expected, suppressedString, "Suppress multiple failed"); // Suppress multiple new date DateTime expirationDate = DateTime.Now.AddDays(10); suppressedString = sup.SuppressRule("DS196098", expirationDate); expected = "MD5 hash = new MD5CryptoServiceProvider(); //DevSkim: ignore DS126858,DS168931,DS196098 until {0:yyyy}-{0:MM}-{0:dd}"; Assert.AreEqual(string.Format(expected, expirationDate), suppressedString, "Suppress multiple new date failed"); // Suppress multiple to all suppressedString = sup.SuppressAll(); expected = "MD5 hash = new MD5CryptoServiceProvider(); //DevSkim: ignore all until 1980-07-15"; Assert.AreEqual(string.Format(expected, expirationDate), suppressedString, "Suppress multiple to all failed"); // Suppress multiple to all new date suppressedString = sup.SuppressAll(expirationDate); expected = "MD5 hash = new MD5CryptoServiceProvider(); //DevSkim: ignore all until {0:yyyy}-{0:MM}-{0:dd}"; Assert.AreEqual(string.Format(expected, expirationDate), suppressedString, "Suppress multiple to all new date failed"); }
public void UseCase_Suppress_Test() { RuleProcessor processor = new RuleProcessor(@"rules\valid"); processor.AddRules(@"rules\custom"); // Is supressed test string testString = "md5.new()"; Match match = processor.IsMatch(testString, 0, "python"); Assert.IsTrue(match.Success, "Is suppressed should ve flagged"); string ruleId = match.Rule.Id; Suppressor sup = new Suppressor(testString, "python"); Assert.IsFalse(sup.IsRuleSuppressed(ruleId), "Is suppressed should be false"); // Suppress Rule test string suppressedString = sup.SuppressRule(ruleId); string expected = "md5.new() #DevSkim: ignore DS196098"; Assert.AreEqual(expected, suppressedString, "Supress Rule failed "); // Suppress Rule Until test DateTime expirationDate = DateTime.Now.AddDays(5); suppressedString = sup.SuppressRule(ruleId, expirationDate); expected = string.Format("md5.new() #DevSkim: ignore DS196098 until {0:yyyy}-{0:MM}-{0:dd}", expirationDate); Assert.AreEqual(expected, suppressedString, "Supress Rule Until failed "); // Suppress All test suppressedString = sup.SuppressAll(); expected = "md5.new() #DevSkim: ignore all"; Assert.AreEqual(expected, suppressedString, "Supress All failed"); // Suppress All Until test suppressedString = sup.SuppressAll(expirationDate); expected = string.Format("md5.new() #DevSkim: ignore all until {0:yyyy}-{0:MM}-{0:dd}", expirationDate); Assert.AreEqual(expected, suppressedString, "Supress All Until failed "); }
public void UseCase_IgnoreRules_Test() { RuleProcessor processor = new RuleProcessor(@"rules\valid"); processor.AddRules(@"rules\custom"); // MD5CryptoServiceProvider test string testString = "MD5 hash = new MD5CryptoServiceProvider(); //DevSkim: ignore DS126858"; Match match = processor.IsMatch(testString, 0, "csharp"); Assert.IsTrue(match.Success, "MD5CryptoServiceProvider should be flagged"); Assert.AreEqual(15, match.Location, "MD5CryptoServiceProvider invalid index"); Assert.AreEqual(24, match.Length, "MD5CryptoServiceProvider invalid length "); Assert.AreEqual("DS168931", match.Rule.Id, "MD5CryptoServiceProvider invalid rule"); // Ignore until test DateTime expirationDate = DateTime.Now.AddDays(5); testString = "requests.get('somelink', verify = False) #DevSkim: ignore DS130821 until {0:yyyy}-{0:MM}-{0:dd}"; match = processor.IsMatch(string.Format(testString, expirationDate), 0, "python"); Assert.IsFalse(match.Success, "Ignore until should not be flagged"); // Expired until test expirationDate = DateTime.Now; match = processor.IsMatch(string.Format(testString, expirationDate), 0, "python"); Assert.IsTrue(match.Success, "Expired until should be flagged"); // Ignore all until test expirationDate = DateTime.Now.AddDays(5); testString = "MD5 hash = new MD5.Create(); #DevSkim: ignore all until {0:yyyy}-{0:MM}-{0:dd}"; match = processor.IsMatch(string.Format(testString, expirationDate), 0, "csharp"); Assert.IsFalse(match.Success, "Ignore all until should not be flagged"); // Expired all test expirationDate = DateTime.Now; testString = "MD5 hash = new MD5CryptoServiceProvider(); //DevSkim: ignore all until {0:yyyy}-{0:MM}-{0:dd}"; match = processor.IsMatch(string.Format(testString, expirationDate), 0, "csharp"); Assert.IsTrue(match.Success, "Expired all should be flagged"); }
public void InvalidRuleDirectoryFailTest() { RuleProcessor processor = new RuleProcessor(); processor.AddRules("x:\\invalid_directory"); }