public void GetFileLocationPath_UriPathCanBeResolved()
{
string repoPath = "file:///C:/code/myProject/src/";
var run = new Microsoft.CodeAnalysis.Sarif.Run
{
OriginalUriBaseIds = new Dictionary <string, ArtifactLocation>
{
["REPO_ROOT"] = new ArtifactLocation
{
Uri = new Uri(repoPath),
}
},
};
var dataCache = new RunDataCache();
int runId = CodeAnalysisResultManager.Instance.GetNextRunIndex();
CodeAnalysisResultManager.Instance.RunIndexToRunDataCache.Add(runId, dataCache);
CodeAnalysisResultManager.Instance.CacheUriBasePaths(run);
string filePath = @"AnalysisStep.cs";
var artifact = new ArtifactLocation {
Uri = new Uri(filePath, UriKind.Relative), UriBaseId = "REPO_ROOT"
};
string path = SdkUIUtilities.GetFileLocationPath(artifact, runId);
path.Should().Be(@"C:\code\myProject\src\AnalysisStep.cs");
}
public void SarifWorkItemExtensions_CreateWorkItemTitle_LongTitleFromUrl()
{
int maxLength = 256;
string ruleId = "TestRuleId";
string expectedTemplate = "[aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa:Warning]: TestRuleId: Test Rule (in al...)";
string expected = $":Warning]: TestRuleId: Test Rule (in al" + new string('a', maxLength - expectedTemplate.Length) + "...)";
Result result = new Result();
ArtifactLocation artifactLocation = new ArtifactLocation(new Uri("al" + new string('a', 1024), UriKind.Relative), string.Empty, 0, new Message(), new Dictionary <string, SerializedPropertyInfo>());
PhysicalLocation physicalLocation = new PhysicalLocation(new Address(), artifactLocation, new Region(), new Region(), new Dictionary <string, SerializedPropertyInfo>());
Location location = new Location(0, physicalLocation, null, null, null, null, null);
result.Locations = new List <Location>();
result.Locations.Add(location);
result.RuleId = ruleId;
SarifLog sarifLog = CreateLogWithEmptyRun();
Run run = sarifLog.Runs[0];
run.Results.Add(result);
string title = sarifLog.Runs[0].CreateWorkItemTitle(false);
title.Should().EndWith(expected);
}
public void TryReconstructAbsoluteUri_WhenInputResolvesIndirectly_ReturnsTrueWithResolvedUri()
{
var artifactLocation = new ArtifactLocation
{
Uri = new Uri("Sarif/CopyrightNotice.txt", UriKind.Relative),
UriBaseId = SourceRootBaseId
};
var originalUriBaseIds = new Dictionary <string, ArtifactLocation>
{
[ProjectRootBaseId] = new ArtifactLocation
{
Uri = new Uri("file://c:/code/sarif-sdk/", UriKind.Absolute)
},
[SourceRootBaseId] = new ArtifactLocation
{
Uri = new Uri("src/", UriKind.Relative),
UriBaseId = ProjectRootBaseId
}
};
bool wasResolved = artifactLocation.TryReconstructAbsoluteUri(originalUriBaseIds, out Uri resolvedUri);
wasResolved.Should().BeTrue();
resolvedUri.Should().Be(new Uri("file://c:/code/sarif-sdk/src/Sarif/CopyrightNotice.txt", UriKind.Absolute));
}
private void CaptureFile(ArtifactLocation fileLocation)
{
if (fileLocation == null || fileLocation.Uri == null)
{
return;
}
Encoding encoding = null;
if (_run.DefaultEncoding != null)
{
try
{
encoding = Encoding.GetEncoding(_run.DefaultEncoding);
}
catch (ArgumentException) { } // Unrecognized encoding name
}
// Ensure Artifact is in Run.Artifacts and ArtifactLocation.Index is set to point to it
_run.GetFileIndex(
fileLocation,
addToFilesTableIfNotPresent: true,
_dataToInsert,
encoding);
// Remove redundant Uri and UriBaseId once index has been set
if (this.Optimize)
{
fileLocation.Uri = null;
fileLocation.UriBaseId = null;
}
}
public void TryReconstructAbsoluteUri_WhenChainedUriIsAbsent_ReturnsFalse()
{
var artifactLocation = new ArtifactLocation
{
Uri = new Uri("Sarif/CopyrightNotice.txt", UriKind.Relative),
UriBaseId = SourceRootBaseId
};
var originalUriBaseIds = new Dictionary <string, ArtifactLocation>
{
[ProjectRootBaseId] = new ArtifactLocation
{
Description = new Message
{
Text = "The root of the project."
}
// But Uri is absent.
},
[SourceRootBaseId] = new ArtifactLocation
{
Uri = new Uri("src/", UriKind.Relative),
UriBaseId = ProjectRootBaseId // But originalUriBaseIds[ProjectRootBaseId] is absent.
}
};
bool wasResolved = artifactLocation.TryReconstructAbsoluteUri(originalUriBaseIds, out Uri resolvedUri);
wasResolved.Should().BeFalse();
}
internal static string GetFileLocationPath(ArtifactLocation artifactLocation, int runId)
{
string path = null;
if (artifactLocation?.Uri != null)
{
RunDataCache dataCache = CodeAnalysisResultManager.Instance.RunIndexToRunDataCache[runId];
Uri uri = artifactLocation.Uri;
// try to resolve path using OriginalUriBasePaths
string uriBaseId = artifactLocation.UriBaseId;
if (!string.IsNullOrEmpty(uriBaseId) && dataCache.OriginalUriBasePaths.ContainsKey(uriBaseId))
{
Uri baseUri = dataCache.OriginalUriBasePaths[uriBaseId];
uri = new Uri(baseUri, uri);
}
try
{
path = uri.LocalPath;
}
catch (InvalidOperationException)
{
// if cannot resolve local path return original uri string
// it will try to resolve the path when user navigates to the error list item
path = uri.ToPath();
}
}
return(path);
}
public override Run VisitRun(Run run)
{
_fileToIndexMap = new Dictionary <ArtifactLocation, int>();
run.Artifacts = run.Artifacts ?? new List <Artifact>();
// First, we'll initialize our file object to index map
// with any files that already exist in the table
for (int i = 0; i < run.Artifacts.Count; i++)
{
Artifact fileData = run.Artifacts[i];
var fileLocation = new ArtifactLocation
{
Uri = fileData.Location.Uri,
UriBaseId = fileData.Location.UriBaseId
};
_fileToIndexMap[fileLocation] = i;
// For good measure, we'll explicitly populate the file index property
run.Artifacts[i].Location.Index = i;
}
_currentRun = run;
// Next, visit all run file locations. This will add any
// previously unknown file objects to the files table.
base.VisitRun(run);
return(_currentRun);
}
protected override void Analyze(ArtifactLocation artifactLocation, string artifactLocationPointer)
{
Uri artifactLocationUri = artifactLocation.Uri;
if (artifactLocationUri == null)
{
return;
}
if (artifactLocation.UriBaseId != null && artifactLocationUri.IsAbsoluteUri)
{
// {0}: This 'artifactLocation' object has a 'uriBaseId' property '{1}', but its
// 'uri' property '{2}' is an absolute URI. Since the purpose of 'uriBaseId' is
// to resolve a relative reference to an absolute URI, it is not allowed when
// the 'uri' property is already an absolute URI.
LogResult(
artifactLocationPointer,
nameof(RuleResources.SARIF1004_ExpressUriBaseIdsCorrectly_Error_UriBaseIdRequiresRelativeUri_Text),
artifactLocation.UriBaseId,
artifactLocation.Uri.OriginalString);
}
if (!artifactLocationUri.IsAbsoluteUri && artifactLocationUri.OriginalString.StartsWith("/"))
{
// The relative reference '{0}' begins with a slash, which will prevent it from combining properly
// with the absolute URI specified by a 'uriBaseId'.
LogResult(
artifactLocationPointer.AtProperty(SarifPropertyName.Uri),
nameof(RuleResources.SARIF1004_ExpressUriBaseIdsCorrectly_Error_RelativeReferenceMustNotBeginWithSlash_Text),
artifactLocation.Uri.OriginalString);
}
}
public void Run_RetrievesExistingFileDataObject()
{
Run run = BuildDefaultRunObject();
ArtifactLocation fileLocation = BuildDefaultFileLocation();
fileLocation.Index.Should().Be(-1);
// Retrieve existing file location. Our input file location should have its
// fileIndex property set as well.
RetrieveFileIndexAndValidate(run, fileLocation, expectedFileIndex: 1);
// Repeat look-up with bad file index value. This should succeed and reset
// the fileIndex to the appropriate value.
fileLocation = BuildDefaultFileLocation();
fileLocation.Index = Int32.MaxValue;
RetrieveFileIndexAndValidate(run, fileLocation, expectedFileIndex: 1);
// Now set a unique property bag on the file location. The property bag
// should not interfere with retrieving the file data object. The property bag should
// not be modified as a result of retrieving the file data index.
fileLocation = BuildDefaultFileLocation();
fileLocation.SetProperty(Guid.NewGuid().ToString(), "");
RetrieveFileIndexAndValidate(run, fileLocation, expectedFileIndex: 1);
// Now use a file location that has no url and therefore relies strictly on
// the index in run.artifacts (i.e., _fileToIndexMap will not be used).
fileLocation = new ArtifactLocation
{
Index = 0
};
RetrieveFileIndexAndValidate(run, fileLocation, expectedFileIndex: 0);
}
private static void ReplaceInUri(ArtifactLocation artifactLocation, string replaceThis, string withThis)
{
string original = artifactLocation.Uri.OriginalString;
string updated = original.Replace(replaceThis, withThis);
artifactLocation.Uri = new Uri(updated);
}
private void AnalyzeOriginalUriBaseIdsEntry(string uriBaseId, ArtifactLocation artifactLocation, string pointer)
{
if (artifactLocation.Uri == null)
{
return;
}
// If it's not a well-formed URI of _any_ kind, then don't bother triggering this rule.
// Rule SARIF1003, UrisMustBeValid, will catch it.
// Check for well-formedness first, before attempting to create a Uri object, to
// avoid having to do a try/catch. Unfortunately Uri.TryCreate will return true
// even for a malformed URI string.
string uriString = artifactLocation.Uri.OriginalString;
if (uriString != null && Uri.IsWellFormedUriString(uriString, UriKind.RelativeOrAbsolute))
{
var uri = new Uri(uriString, UriKind.RelativeOrAbsolute);
if (artifactLocation.UriBaseId == null && !uri.IsAbsoluteUri)
{
LogResult(pointer, nameof(RuleResources.SARIF1018_NotAbsolute), uriString, uriBaseId);
}
if (!uriString.EndsWith("/"))
{
LogResult(pointer, nameof(RuleResources.SARIF1018_LacksTrailingSlash), uriString, uriBaseId);
}
}
}
private ArtifactLocation ExpressRelativeToRepoRoot(ArtifactLocation node)
{
Uri uri = node.Uri;
if (uri == null && node.Index >= 0 && _run.Artifacts?.Count > node.Index)
{
uri = _run.Artifacts[node.Index].Location.Uri;
}
if (uri != null && uri.IsAbsoluteUri && uri.IsFile)
{
string repoRootPath = _gitHelper.GetRepositoryRoot(uri.LocalPath);
if (repoRootPath != null)
{
var repoRootUri = new Uri(repoRootPath + @"\", UriKind.Absolute);
_repoRootUris ??= new HashSet <Uri>();
_repoRootUris.Add(repoRootUri);
Uri relativeUri = repoRootUri.MakeRelativeUri(uri);
if (!string.IsNullOrEmpty(relativeUri.OriginalString))
{
node.Uri = relativeUri;
node.UriBaseId = GetUriBaseIdForRepoRoot(repoRootUri);
}
}
}
return(node);
}
public override ArtifactLocation VisitArtifactLocation(ArtifactLocation node)
{
if (node.Index != -1 && HistoricalFiles != null)
{
node.Index = CacheFileData(HistoricalFiles[node.Index]);
}
return(node);
}
public override ArtifactLocation VisitArtifactLocation(ArtifactLocation node)
{
if (node.Index != -1 && CurrentRun.Artifacts != null)
{
node.Index = CacheArtifact(CurrentRun.Artifacts[node.Index], CurrentRun.Artifacts);
}
return(base.VisitArtifactLocation(node));
}
public override ArtifactLocation VisitArtifactLocation(ArtifactLocation node)
{
if (node.Index != -1 && HistoricalFiles != null)
{
node.Index = CacheArtifact(HistoricalFiles[node.Index], HistoricalFiles);
}
return(base.VisitArtifactLocation(node));
}
public override ArtifactLocation VisitArtifactLocation(ArtifactLocation node)
{
if (_currentRun.OriginalUriBaseIds == null || !_currentRun.OriginalUriBaseIds.Values.Contains(node))
{
node.Index = _currentRun.GetFileIndex(node, addToFilesTableIfNotPresent: true);
}
return(base.VisitArtifactLocation(node));
}
public override Result VisitResult(Result node)
{
if (!FilteringStrategy(node))
{
return(node);
}
string ruleId;
if (node.RuleIndex > -1 && CurrentRun.Tool?.Driver?.Rules?.Count > node.RuleIndex)
{
ruleId = CurrentRun.Tool.Driver.Rules?[node.RuleIndex].Id;
}
else
{
// Remove the rule pattern index from the rule id. e.g. CSCAN0230/5
int lastIndexOf = node.RuleId.LastIndexOf('/');
ruleId = node.RuleId.Substring(0, lastIndexOf >= 0 ? lastIndexOf : node.RuleId.Length);
}
ArtifactLocation artifactLocation = node.Locations?[0]?.PhysicalLocation?.ArtifactLocation ?? s_emptyArtifactLocation;
if (!_targetToRuleMap.TryGetValue(artifactLocation.Uri.ToString(), out Dictionary <string, SarifLog> ruleToSarifLogMap))
{
ruleToSarifLogMap = _targetToRuleMap[artifactLocation.Uri.ToString()] = new Dictionary <string, SarifLog>();
}
if (!ruleToSarifLogMap.TryGetValue(ruleId, out SarifLog sarifLog))
{
ruleToSarifLogMap[ruleId] = sarifLog = new SarifLog()
{
Runs = new[]
{
new Run
{
Tool = CurrentRun.Tool,
Invocations = CurrentRun.Invocations,
Results = new List <Result>()
},
}
};
SplitSarifLogs.Add(sarifLog);
}
if (artifactLocation != null && artifactLocation.Index > -1)
{
int originalIndex = CurrentRun.GetFileIndex(artifactLocation);
artifactLocation = artifactLocation.DeepClone();
artifactLocation.Index = sarifLog.Runs[0].GetFileIndex(artifactLocation);
node.Locations[0].PhysicalLocation.ArtifactLocation = artifactLocation;
sarifLog.Runs[0].Artifacts[artifactLocation.Index] = CurrentRun.Artifacts[originalIndex];
}
sarifLog.Runs[0].Results.Add(node);
return(node);
}
public override ArtifactLocation VisitArtifactLocation(ArtifactLocation node)
{
if (_run.Artifacts != null && node.Index > -1)
{
node = _run.Artifacts[node.Index].Location;
}
node.Index = -1;
return(base.VisitArtifactLocation(node));
}
internal static List <AnalysisStepNode> Convert(CodeFlow codeFlow, Run run, int resultId, int runIndex)
{
var root = new AnalysisStepNode(resultId: resultId, runIndex: runIndex)
{
Children = new List <AnalysisStepNode>(),
};
ThreadFlow threadFlow = codeFlow.ThreadFlows?[0];
if (threadFlow != null)
{
int lastNestingLevel = 0;
AnalysisStepNode lastParent = root;
AnalysisStepNode lastNewNode = null;
foreach (ThreadFlowLocation location in threadFlow.Locations)
{
ArtifactLocation artifactLocation = location.Location?.PhysicalLocation?.ArtifactLocation;
if (artifactLocation != null)
{
Uri uri = location.Location?.PhysicalLocation?.ArtifactLocation?.Uri;
if (uri == null && artifactLocation.Index > -1)
{
artifactLocation.Uri = run.Artifacts[artifactLocation.Index].Location.Uri;
}
}
var newNode = new AnalysisStepNode(resultId: resultId, runIndex: runIndex)
{
Location = location,
Children = new List <AnalysisStepNode>(),
};
if (location.NestingLevel > lastNestingLevel)
{
// The previous node was a call, so this new node's parent is that node
lastParent = lastNewNode;
}
else if (location.NestingLevel < lastNestingLevel)
{
// The previous node was a return, so this new node's parent is the previous node's grandparent
lastParent = lastNewNode.Parent.Parent;
}
newNode.Parent = lastParent;
lastParent.Children.Add(newNode);
lastNewNode = newNode;
lastNestingLevel = location.NestingLevel;
}
root.Children.ForEach(n => n.Parent = null);
}
return(root.Children);
}
public override ArtifactLocation VisitArtifactLocation(ArtifactLocation node)
{
if (_dataToInsert.HasFlag(OptionallyEmittedData.VersionControlDetails))
{
node = ExpressRelativeToRepoRoot(node);
}
return(base.VisitArtifactLocation(node));
}
public void TryReconstructAbsoluteUri_WhenInputUriIsNull_ReturnsFalse()
{
var artifactLocation = new ArtifactLocation();
bool wasResolved = artifactLocation.TryReconstructAbsoluteUri(originalUriBaseIds: null, out Uri resolvedUri);
wasResolved.Should().BeFalse();
resolvedUri.Should().BeNull();
}
public override ArtifactLocation VisitArtifactLocation(ArtifactLocation node)
{
FileLocationUris = FileLocationUris ?? new List <string>();
FileLocationUris.Add(node.Uri.OriginalString);
FileLocationUriBaseIds = FileLocationUriBaseIds ?? new List <string>();
FileLocationUriBaseIds.Add(node.UriBaseId);
return(base.VisitArtifactLocation(node));
}
public override ArtifactLocation VisitArtifactLocation(ArtifactLocation node)
{
if (this.artifacts != null && node.Index > -1)
{
node.Uri = this.artifacts[node.Index].Location.Uri;
node.UriBaseId = this.artifacts[node.Index].Location.UriBaseId;
node.Index = -1;
}
return(base.VisitArtifactLocation(node));
}
protected override void Analyze(ArtifactLocation artifactLocation, string artifactLocationPointer)
{
ValidateArrayIndex(
artifactLocation.Index,
Context.CurrentRun.Artifacts,
artifactLocationPointer,
"artifactLocation",
SarifPropertyName.Index,
$"runs[{Context.CurrentRunIndex}].artifacts");
}
protected override void Analyze(ArtifactLocation fileLocation, string fileLocationPointer)
{
if (fileLocation.UriBaseId != null && fileLocation.Uri.IsAbsoluteUri)
{
LogResult(
fileLocationPointer.AtProperty(SarifPropertyName.Uri),
nameof(RuleResources.SARIF1014_Default),
fileLocation.Uri.OriginalString);
}
}
public override ArtifactLocation VisitArtifactLocation(ArtifactLocation node)
{
HashSet <int> artifactIndices = null;
// Does this run have any artifacts, and if so, does this ArtifactLocation specify a
// valid index into those artifacts?
if (currentRunArtifacts != null &&
node.Index >= 0 &&
node.Index < currentRunArtifacts.Count)
{
// Does this artifactLocation occur in the context of a result...
if (inResult)
{
// If so, does this result belong to any partition?
if (currentPartitionValue != null)
{
// Remap this index if it isn't already remapped.
Dictionary <T, HashSet <int> > artifactIndicesDictionary = partitionRunInfos[currentRunIndex].ArtifactIndicesDictionary;
if (!artifactIndicesDictionary.ContainsKey(currentPartitionValue))
{
artifactIndicesDictionary.Add(currentPartitionValue, new HashSet <int>());
}
artifactIndices = artifactIndicesDictionary[currentPartitionValue];
}
}
// ... or outside of any result?
else
{
artifactIndices = partitionRunInfos[currentRunIndex].GlobalArtifactIndices;
}
// Either way, bring the artifact and all its ancestors into the appropriate
// list of indices.
if (artifactIndices != null)
{
// It's safe to add the same item to a hash set multiple times, but
// we check whether we've already seen this item anyway to avoid walking
// the ancestor chain if we don't need to.
if (!artifactIndices.Contains(node.Index))
{
artifactIndices.Add(node.Index);
Artifact artifact = currentRunArtifacts[node.Index];
while (artifact.ParentIndex >= 0)
{
artifactIndices.Add(artifact.ParentIndex);
artifact = currentRunArtifacts[artifact.ParentIndex];
}
}
}
}
return(base.VisitArtifactLocation(node));
}
public override ArtifactLocation VisitArtifactLocation(ArtifactLocation node)
{
if (_currentRun.OriginalUriBaseIds == null || !_currentRun.OriginalUriBaseIds.Values.Contains(node))
{
FileLocationUris = FileLocationUris ?? new List <string>();
FileLocationUris.Add(node.Uri.OriginalString);
FileLocationUriBaseIds = FileLocationUriBaseIds ?? new List <string>();
FileLocationUriBaseIds.Add(node.UriBaseId);
}
return(base.VisitArtifactLocation(node));
}
private void RetrieveFileIndexAndValidate(Run run, ArtifactLocation fileLocation, int expectedFileIndex)
{
bool validateIndex = fileLocation.Uri != null;
int fileIndex = run.GetFileIndex(fileLocation, addToFilesTableIfNotPresent: false);
if (validateIndex)
{
fileLocation.Index.Should().Be(fileIndex);
}
fileIndex.Should().Be(expectedFileIndex);
}
private bool AnalyzeArtifactLocation(ArtifactLocation artifactLocation)
{
// No artifactLocation / no artifacts, so we should look for the snippet.
if (artifactLocation == null || this.artifacts == null)
{
return(true);
}
// Checking if we can reconstruct uri from artifactLocation
// If we can't, we still need to validate, since neither originalUriBaseIds
// nor artifactLocation.UriBaseId is required.
artifactLocation.TryReconstructAbsoluteUri(this.originalUriBaseIds, out Uri resolvedUri);
foreach (Artifact artifact in this.artifacts)
{
// Content/text doesn't exist, continue to next
if (string.IsNullOrEmpty(artifact.Contents?.Text))
{
continue;
}
// if mimetype exists and is binary, continue to next
if (!string.IsNullOrEmpty(artifact.MimeType) && MimeType.IsBinaryMimeType(artifact.MimeType))
{
continue;
}
// Checking if we can reconstruct uri from artifact
// If we can't, we still need to validate, since originalUriBaseIds aren't
// required nether artifactLocation.UriBaseId.
artifact.Location.TryReconstructAbsoluteUri(this.originalUriBaseIds, out Uri artifactUri);
if (resolvedUri != null && artifactUri != null)
{
if (artifactUri.AbsolutePath.Equals(resolvedUri.AbsolutePath))
{
return(false);
}
}
else
{
// Couldn't generate the absoluteUris, so let's compare everything.
if (this.artifacts.Any(a => a.Location?.Uri.OriginalString == artifactLocation.Uri.OriginalString &&
a.Location?.UriBaseId == artifactLocation.UriBaseId))
{
return(false);
}
}
}
return(true);
}
public static IDictionary <string, ArtifactLocation> ConstructUriBaseIdsDictionary(this CommonOptionsBase options)
{
if (options.UriBaseIds == null || options.UriBaseIds.Count() == 0)
{
return(null);
}
var uriBaseIdsDictionary = new Dictionary <string, ArtifactLocation>();
foreach (string uriBaseId in options.UriBaseIds)
{
string[] tokens = uriBaseId.Split('=');
string key = tokens[0];
string uriToken = tokens[1];
Uri value = null;
try
{
value = new Uri(uriToken, UriKind.RelativeOrAbsolute);
if (!value.IsAbsoluteUri)
{
value = null;
// Command-line tools may be required to provide relative paths for
// various operations. We will help resolve these to absolute paths
// where we can.
try
{
uriToken = Path.GetFullPath(uriToken);
Uri.TryCreate(uriToken, UriKind.Absolute, out value);
}
catch (ArgumentException) { } // illegal file path characters throw this
catch (PathTooLongException) { }
}
}
catch (UriFormatException) { }
if (value == null)
{
throw new InvalidOperationException("Could not construct absolute URI from specified value: " + tokens[1]);
}
uriBaseIdsDictionary[key] = new ArtifactLocation {
Uri = value
};
}
return(uriBaseIdsDictionary);
}