public void UseCase_Normal_Test()
{
RuleProcessor processor = new RuleProcessor(@"rules\valid");
processor.AddRules(@"rules\custom", "my rules");
string testString = "strcpy(dest,src);";
// strcpy test
Match match = processor.IsMatch(testString, 0, "cpp");
Assert.IsTrue(match.Success, "strcpy should be flagged");
Assert.AreEqual(0, match.Location, "strcpy invalid index");
Assert.AreEqual(16, match.Length, "strcpy invalid length ");
Assert.AreEqual("DS185832", match.Rule.Id, "strcpy invalid rule");
// Fix it test
Assert.AreNotEqual(match.Rule.Fixes.Length, 0, "strcpy invalid Fixes");
CodeFix fix = match.Rule.Fixes[0];
string fixedCode = RuleProcessor.Fix(testString, fix);
Assert.AreEqual("strcpy_s(dest, <size of dest>, src);", fixedCode, "strcpy invalid code fix");
Assert.IsTrue(fix.Name.Contains("Change to strcpy_s"), "strcpy wrong fix name");
// TODO test
testString = "//TODO: fix this later";
match = processor.IsMatch(testString, 0, "csharp");
Assert.IsTrue(match.Success, "todo should be flagged");
Assert.AreEqual(2, match.Location, "todo invalid index");
Assert.AreEqual(4, match.Length, "todo invalid length ");
Assert.AreEqual("DS176209", match.Rule.Id, "todo invalid rule");
Assert.AreEqual(0, match.Rule.Fixes.Length, "todo invalid Fixes");
Assert.AreEqual("my rules", match.Rule.Tag, "todo invalid tag");
}
public void IsMatch_InvalidInputTest()
{
RuleProcessor processor = new RuleProcessor();
// Langugage is null
Match match = processor.IsMatch(null, 0, "");
Assert.IsFalse(match.Success, "Match.Success should be false");
}
public void IsMatch_FalseTest()
{
RuleProcessor processor = new RuleProcessor();
string testString = "this is a test string";
// Normal functionality test
Match match = processor.IsMatch(testString, 0, "csharp");
Assert.IsFalse(match.Success, "Match.Success should be false");
// Non existent langugage
match = processor.IsMatch(testString, 0, "");
Assert.IsFalse(match.Success, "Match.Success should be false, when no language is passed");
// Index out of range
match = processor.IsMatch(testString, testString.Length + 1, "csharp");
Assert.IsFalse(match.Success, "Match.Success should be false, when invalid index is passed");
}
public void IsMatch_InvalidLanguageTest()
{
RuleProcessor processor = new RuleProcessor();
string testString = "this is a test string";
// Langugage is null
Match match = processor.IsMatch(testString, 0, null);
Assert.IsFalse(match.Success, "Match.Success should be false");
}
public void UseCase_IgnoreRules_Test()
{
RuleProcessor processor = new RuleProcessor(@"rules\valid");
processor.AddRules(@"rules\custom");
// MD5CryptoServiceProvider test
string testString = "MD5 hash = new MD5CryptoServiceProvider(); //DevSkim: ignore DS126858";
Match match = processor.IsMatch(testString, 0, "csharp");
Assert.IsTrue(match.Success, "MD5CryptoServiceProvider should be flagged");
Assert.AreEqual(15, match.Location, "MD5CryptoServiceProvider invalid index");
Assert.AreEqual(24, match.Length, "MD5CryptoServiceProvider invalid length ");
Assert.AreEqual("DS168931", match.Rule.Id, "MD5CryptoServiceProvider invalid rule");
// Ignore until test
DateTime expirationDate = DateTime.Now.AddDays(5);
testString = "requests.get('somelink', verify = False) #DevSkim: ignore DS130821 until {0:yyyy}-{0:MM}-{0:dd}";
match = processor.IsMatch(string.Format(testString, expirationDate), 0, "python");
Assert.IsFalse(match.Success, "Ignore until should not be flagged");
// Expired until test
expirationDate = DateTime.Now;
match = processor.IsMatch(string.Format(testString, expirationDate), 0, "python");
Assert.IsTrue(match.Success, "Expired until should be flagged");
// Ignore all until test
expirationDate = DateTime.Now.AddDays(5);
testString = "MD5 hash = new MD5.Create(); #DevSkim: ignore all until {0:yyyy}-{0:MM}-{0:dd}";
match = processor.IsMatch(string.Format(testString, expirationDate), 0, "csharp");
Assert.IsFalse(match.Success, "Ignore all until should not be flagged");
// Expired all test
expirationDate = DateTime.Now;
testString = "MD5 hash = new MD5CryptoServiceProvider(); //DevSkim: ignore all until {0:yyyy}-{0:MM}-{0:dd}";
match = processor.IsMatch(string.Format(testString, expirationDate), 0, "csharp");
Assert.IsTrue(match.Success, "Expired all should be flagged");
}
public void RuleInfoTest()
{
RuleProcessor processor = new RuleProcessor(@"rules\valid");
string testString = "strcpy(dest,src);";
Match match = processor.IsMatch(testString, 0, "cpp");
Assert.IsTrue(match.Success, "strcpy should be flagged");
Rule r = match.Rule;
Assert.IsTrue(r.Description.Contains("strcpy"), "Invalid decription");
Assert.IsTrue(r.File.Contains("dangerous_api.json"), "Invalid file");
Assert.IsTrue(r.Name.Contains("strcpy"), "Invalid name");
Assert.IsTrue(r.Replecement.Contains("strcpy_s"), "Invalid replacement");
Assert.IsTrue(r.RuleInfo.Contains(r.Id), "Invalid ruleinfo");
}
public void UseCase_Suppress_Test()
{
RuleProcessor processor = new RuleProcessor(@"rules\valid");
processor.AddRules(@"rules\custom");
// Is supressed test
string testString = "md5.new()";
Match match = processor.IsMatch(testString, 0, "python");
Assert.IsTrue(match.Success, "Is suppressed should ve flagged");
string ruleId = match.Rule.Id;
Suppressor sup = new Suppressor(testString, "python");
Assert.IsFalse(sup.IsRuleSuppressed(ruleId), "Is suppressed should be false");
// Suppress Rule test
string suppressedString = sup.SuppressRule(ruleId);
string expected = "md5.new() #DevSkim: ignore DS196098";
Assert.AreEqual(expected, suppressedString, "Supress Rule failed ");
// Suppress Rule Until test
DateTime expirationDate = DateTime.Now.AddDays(5);
suppressedString = sup.SuppressRule(ruleId, expirationDate);
expected = string.Format("md5.new() #DevSkim: ignore DS196098 until {0:yyyy}-{0:MM}-{0:dd}", expirationDate);
Assert.AreEqual(expected, suppressedString, "Supress Rule Until failed ");
// Suppress All test
suppressedString = sup.SuppressAll();
expected = "md5.new() #DevSkim: ignore all";
Assert.AreEqual(expected, suppressedString, "Supress All failed");
// Suppress All Until test
suppressedString = sup.SuppressAll(expirationDate);
expected = string.Format("md5.new() #DevSkim: ignore all until {0:yyyy}-{0:MM}-{0:dd}", expirationDate);
Assert.AreEqual(expected, suppressedString, "Supress All Until failed ");
}
