public void FortifyStrings_ContainsCorrectStrings() { var nameTable = new NameTable(); var uut = new FortifyStrings(nameTable); Assert.AreSame(nameTable.Add("Issue"), uut.Issue); Assert.AreSame(nameTable.Add("iid"), uut.Iid); Assert.AreSame(nameTable.Add("ruleID"), uut.RuleId); Assert.AreSame(nameTable.Add("Category"), uut.Category); Assert.AreSame(nameTable.Add("Folder"), uut.Folder); Assert.AreSame(nameTable.Add("Kingdom"), uut.Kingdom); Assert.AreSame(nameTable.Add("Abstract"), uut.Abstract); Assert.AreSame(nameTable.Add("AbstractCustom"), uut.AbstractCustom); Assert.AreSame(nameTable.Add("Friority"), uut.Friority); Assert.AreSame(nameTable.Add("Tag"), uut.Tag); Assert.AreSame(nameTable.Add("Comment"), uut.Comment); Assert.AreSame(nameTable.Add("Primary"), uut.Primary); Assert.AreSame(nameTable.Add("Source"), uut.Source); Assert.AreSame(nameTable.Add("TraceDiagramPath"), uut.TraceDiagramPath); Assert.AreSame(nameTable.Add("ExternalCategory"), uut.ExternalCategory); Assert.AreSame(nameTable.Add("type"), uut.Type); Assert.AreSame(nameTable.Add("FileName"), uut.FileName); Assert.AreSame(nameTable.Add("FilePath"), uut.FilePath); Assert.AreSame(nameTable.Add("LineStart"), uut.LineStart); Assert.AreSame(nameTable.Add("Snippet"), uut.Snippet); Assert.AreSame(nameTable.Add("SnippetLine"), uut.SnippetLine); Assert.AreSame(nameTable.Add("TargetFunction"), uut.TargetFunction); }
/// <summary>Parses an element as a Fortify PathElement node, consuming the node.</summary> /// <param name="xmlReader">The <see cref="XmlReader"/> from which a node shall be parsed. When /// this function returns, this reader is placed directly after the element on which it is /// currently placed.</param> /// <param name="strings">Strings used in processing Fortify logs.</param> /// <returns>A <see cref="FortifyPathElement"/> parsed from the element on which /// <paramref name="xmlReader"/> is positioned when this method is called.</returns> public static FortifyPathElement Parse(XmlReader xmlReader, FortifyStrings strings) { //<xs:complexType name="PathElement"> // <xs:sequence> // <xs:element name="FileName" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="FilePath" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="LineStart" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="Snippet" type="xs:string" minOccurs="0" maxOccurs="1"/> // <xs:element name="SnippetLine" type="xs:int" minOccurs="0" maxOccurs="1"/> // <xs:element name="TargetFunction" type="xs:string" minOccurs="0" maxOccurs="1"/> // </xs:sequence> //</xs:complexType> if (xmlReader.NodeType != XmlNodeType.Element || xmlReader.IsEmptyElement) { throw xmlReader.CreateException(SarifResources.FortifyNotValidPathElement); } int pathElementDepth = xmlReader.Depth; xmlReader.Read(); // Always true because !IsEmptyElement xmlReader.IgnoreElement(strings.FileName, IgnoreOptions.Required); string filePath = xmlReader.ReadElementContentAsString(strings.FilePath, String.Empty); int lineStart = xmlReader.ReadElementContentAsInt(strings.LineStart, String.Empty); xmlReader.IgnoreElement(strings.Snippet, IgnoreOptions.Optional); xmlReader.IgnoreElement(strings.SnippetLine, IgnoreOptions.Optional); string targetFunction = xmlReader.ReadOptionalElementContentAsString(strings.TargetFunction); xmlReader.ReadEndElement(); try { return(new FortifyPathElement(filePath, lineStart, targetFunction)); } catch (ArgumentException ex) { throw xmlReader.CreateException(ex.Message); } }
/// <summary>Parses an element as a Fortify PathElement node, consuming the node.</summary> /// <param name="xmlReader">The <see cref="XmlReader"/> from which a node shall be parsed. When /// this function returns, this reader is placed directly after the element on which it is /// currently placed.</param> /// <param name="strings">Strings used in processing Fortify logs.</param> /// <returns>A <see cref="FortifyPathElement"/> parsed from the element on which /// <paramref name="xmlReader"/> is positioned when this method is called.</returns> public static FortifyPathElement Parse(XmlReader xmlReader, FortifyStrings strings) { //<xs:complexType name="PathElement"> // <xs:sequence> // <xs:element name="FileName" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="FilePath" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="LineStart" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="Snippet" type="xs:string" minOccurs="0" maxOccurs="1"/> // <xs:element name="SnippetLine" type="xs:int" minOccurs="0" maxOccurs="1"/> // <xs:element name="TargetFunction" type="xs:string" minOccurs="0" maxOccurs="1"/> // </xs:sequence> //</xs:complexType> if (xmlReader.NodeType != XmlNodeType.Element || xmlReader.IsEmptyElement) { throw xmlReader.CreateException(ConverterResources.FortifyNotValidPathElement); } xmlReader.Read(); // Always true because !IsEmptyElement xmlReader.IgnoreElement(strings.FileName, IgnoreOptions.Required); string filePath = xmlReader.ReadElementContentAsString(strings.FilePath, String.Empty); int lineStart = xmlReader.ReadElementContentAsInt(strings.LineStart, String.Empty); xmlReader.IgnoreElement(strings.Snippet, IgnoreOptions.Optional); xmlReader.IgnoreElement(strings.SnippetLine, IgnoreOptions.Optional); string targetFunction = xmlReader.ReadOptionalElementContentAsString(strings.TargetFunction); xmlReader.ReadEndElement(); try { return new FortifyPathElement(filePath, lineStart, targetFunction); } catch (ArgumentException ex) { throw xmlReader.CreateException(ex.Message); } }
/// <summary>Initializes a new instance of the <see cref="FortifyConverter"/> class.</summary> public FortifyConverter() { _nameTable = new NameTable(); _strings = new FortifyStrings(_nameTable); }
/// <summary> /// Parses a Fortify Result element from an <see cref="XmlReader"/>. /// </summary> /// <param name="xmlReader">The <see cref="XmlReader"/> from which an element containing a Fortify result shall be /// consumed. When this method returns, this <see cref="XmlReader"/> is positioned on the following element.</param> /// <param name="strings">Strings used in processing a Fortify report.</param> /// <returns>A <see cref="FortifyIssue"/> containing data from the node on which <paramref name="xmlReader"/> was /// placed when this method was called.</returns> public static FortifyIssue Parse(XmlReader xmlReader, FortifyStrings strings) { //<xs:element name="Result"> // <xs:complexType> // <xs:sequence> // <!-- Result Description --> // <xs:element name="Category" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="Folder" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="Kingdom" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="Abstract" type="xs:string" minOccurs="0" maxOccurs="1"/> // <xs:element name="AbstractCustom" type="xs:string" minOccurs="0" maxOccurs="1"/> // <xs:element name="Friority" type="xs:string" minOccurs="0" maxOccurs="1"/> // <!-- custom tags including Analysis --> // <xs:element name="Tag" minOccurs="0" maxOccurs="unbounded"> // <xs:complexType> // <xs:sequence> // <xs:element name="Name" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="Value" type="xs:string" minOccurs="1" maxOccurs="1"/> // </xs:sequence> // </xs:complexType> // </xs:element> // <xs:element name="Comment" minOccurs="0" maxOccurs="unbounded"> // <xs:complexType> // <xs:sequence> // <xs:element name="UserInfo" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="Comment" type="xs:string" minOccurs="1" maxOccurs="1"/> // </xs:sequence> // </xs:complexType> // </xs:element> // <!-- primary or sink --> // <xs:element name="Primary" type="PathElement" minOccurs="1" maxOccurs="1"/> // <!-- source --> // <xs:element name="Source" type="PathElement" minOccurs="0" maxOccurs="1"/> // <xs:element name="TraceDiagramPath" type="xs:string" minOccurs="0" maxOccurs="1"/> // <!-- optional external category (i.e. STIG) --> // <xs:element name="ExternalCategory" minOccurs="0" maxOccurs="1"> // <xs:complexType> // <xs:simpleContent> // <xs:extension base="xs:string"> // <xs:attribute name="type" type="xs:string" use="required"/> // </xs:extension> // </xs:simpleContent> // </xs:complexType> // </xs:element> // </xs:sequence> // <xs:attribute name="iid" type="xs:string" use="optional"/> // <xs:attribute name="ruleID" type="xs:string" use="optional"/> // </xs:complexType> //</xs:element> if (!xmlReader.IsStartElement(strings.Issue)) { throw xmlReader.CreateException(ConverterResources.FortifyNotValidResult); } string iid = null; string ruleId = null; while (xmlReader.MoveToNextAttribute()) { string name = xmlReader.LocalName; if (Ref.Equal(name, strings.Iid)) { iid = xmlReader.Value; } else if (Ref.Equal(name, strings.RuleId)) { ruleId = xmlReader.Value; } } xmlReader.MoveToElement(); xmlReader.Read(); // reads start element string category = xmlReader.ReadElementContentAsString(strings.Category, String.Empty); xmlReader.IgnoreElement(strings.Folder, IgnoreOptions.Required); string kingdom = xmlReader.ReadElementContentAsString(strings.Kingdom, String.Empty); string abstract_ = xmlReader.ReadOptionalElementContentAsString(strings.Abstract); string abstractCustom = xmlReader.ReadOptionalElementContentAsString(strings.AbstractCustom); string friority = xmlReader.ReadOptionalElementContentAsString(strings.Friority); xmlReader.IgnoreElement(strings.Tag, IgnoreOptions.Optional | IgnoreOptions.Multiple); xmlReader.IgnoreElement(strings.Comment, IgnoreOptions.Optional | IgnoreOptions.Multiple); FortifyPathElement primary = FortifyPathElement.Parse(xmlReader, strings); FortifyPathElement source; if (xmlReader.NodeType == XmlNodeType.Element && Ref.Equal(xmlReader.LocalName, strings.Source)) { source = FortifyPathElement.Parse(xmlReader, strings); } else { source = null; } xmlReader.IgnoreElement(strings.TraceDiagramPath, IgnoreOptions.Optional); ImmutableArray<int> cweIds = ImmutableArray<int>.Empty; if (xmlReader.NodeType == XmlNodeType.Element && Ref.Equal(xmlReader.LocalName, strings.ExternalCategory)) { if (xmlReader.GetAttribute(strings.Type) == "CWE") { cweIds = ParseCweIds(xmlReader.ReadElementContentAsString()); } else { xmlReader.Skip(); } } xmlReader.ReadEndElement(); // </Result> return new FortifyIssue(ruleId, iid, category, kingdom, abstract_, abstractCustom, friority, primary, source, cweIds); }
/// <summary> /// Parses a Fortify Result element from an <see cref="XmlReader"/>. /// </summary> /// <param name="xmlReader">The <see cref="XmlReader"/> from which an element containing a Fortify result shall be /// consumed. When this method returns, this <see cref="XmlReader"/> is positioned on the following element.</param> /// <param name="strings">Strings used in processing a Fortify report.</param> /// <returns>A <see cref="FortifyIssue"/> containing data from the node on which <paramref name="xmlReader"/> was /// placed when this method was called.</returns> public static FortifyIssue Parse(XmlReader xmlReader, FortifyStrings strings) { //<xs:element name="Result"> // <xs:complexType> // <xs:sequence> // <!-- Result Description --> // <xs:element name="Category" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="Folder" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="Kingdom" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="Abstract" type="xs:string" minOccurs="0" maxOccurs="1"/> // <xs:element name="AbstractCustom" type="xs:string" minOccurs="0" maxOccurs="1"/> // <xs:element name="Friority" type="xs:string" minOccurs="0" maxOccurs="1"/> // <!-- custom tags including Analysis --> // <xs:element name="Tag" minOccurs="0" maxOccurs="unbounded"> // <xs:complexType> // <xs:sequence> // <xs:element name="Name" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="Value" type="xs:string" minOccurs="1" maxOccurs="1"/> // </xs:sequence> // </xs:complexType> // </xs:element> // <xs:element name="Comment" minOccurs="0" maxOccurs="unbounded"> // <xs:complexType> // <xs:sequence> // <xs:element name="UserInfo" type="xs:string" minOccurs="1" maxOccurs="1"/> // <xs:element name="Comment" type="xs:string" minOccurs="1" maxOccurs="1"/> // </xs:sequence> // </xs:complexType> // </xs:element> // <!-- primary or sink --> // <xs:element name="Primary" type="PathElement" minOccurs="1" maxOccurs="1"/> // <!-- source --> // <xs:element name="Source" type="PathElement" minOccurs="0" maxOccurs="1"/> // <xs:element name="TraceDiagramPath" type="xs:string" minOccurs="0" maxOccurs="1"/> // <!-- optional external category (i.e. STIG) --> // <xs:element name="ExternalCategory" minOccurs="0" maxOccurs="1"> // <xs:complexType> // <xs:simpleContent> // <xs:extension base="xs:string"> // <xs:attribute name="type" type="xs:string" use="required"/> // </xs:extension> // </xs:simpleContent> // </xs:complexType> // </xs:element> // </xs:sequence> // <xs:attribute name="iid" type="xs:string" use="optional"/> // <xs:attribute name="ruleID" type="xs:string" use="optional"/> // </xs:complexType> //</xs:element> if (!xmlReader.IsStartElement(strings.Issue)) { throw xmlReader.CreateException(ConverterResources.FortifyNotValidResult); } string iid = null; string ruleId = null; while (xmlReader.MoveToNextAttribute()) { string name = xmlReader.LocalName; if (StringReference.AreEqual(name, strings.Iid)) { iid = xmlReader.Value; } else if (StringReference.AreEqual(name, strings.RuleId)) { ruleId = xmlReader.Value; } } xmlReader.MoveToElement(); xmlReader.Read(); // reads start element string category = xmlReader.ReadElementContentAsString(strings.Category, String.Empty); xmlReader.IgnoreElement(strings.Folder, IgnoreOptions.Required); string kingdom = xmlReader.ReadElementContentAsString(strings.Kingdom, String.Empty); string abstract_ = xmlReader.ReadOptionalElementContentAsString(strings.Abstract); string abstractCustom = xmlReader.ReadOptionalElementContentAsString(strings.AbstractCustom); string friority = xmlReader.ReadOptionalElementContentAsString(strings.Friority); xmlReader.IgnoreElement(strings.Tag, IgnoreOptions.Optional | IgnoreOptions.Multiple); xmlReader.IgnoreElement(strings.Comment, IgnoreOptions.Optional | IgnoreOptions.Multiple); FortifyPathElement primary = FortifyPathElement.Parse(xmlReader, strings); FortifyPathElement source; if (xmlReader.NodeType == XmlNodeType.Element && StringReference.AreEqual(xmlReader.LocalName, strings.Source)) { source = FortifyPathElement.Parse(xmlReader, strings); } else { source = null; } xmlReader.IgnoreElement(strings.TraceDiagramPath, IgnoreOptions.Optional); ImmutableArray <int> cweIds = ImmutableArray <int> .Empty; if (xmlReader.NodeType == XmlNodeType.Element && StringReference.AreEqual(xmlReader.LocalName, strings.ExternalCategory)) { if (xmlReader.GetAttribute(strings.Type) == "CWE") { cweIds = ParseCweIds(xmlReader.ReadElementContentAsString()); } else { xmlReader.Skip(); } } xmlReader.ReadEndElement(); // </Result> return(new FortifyIssue(ruleId, iid, category, kingdom, abstract_, abstractCustom, friority, primary, source, cweIds)); }