private void Analyze(
IEnumerable <IBinarySkimmer> skimmers,
IList <string> roslynAnalyzerFilePaths,
IEnumerable <string> targets,
AggregatingLogger logger,
PropertyBag policy)
{
HashSet <string> disabledSkimmers = new HashSet <string>();
foreach (string target in targets)
{
var context = AnalyzeCommand.CreateContext(logger, policy, target);
if (context.PE.LoadException != null)
{
LogExceptionLoadingTarget(context);
continue;
}
else if (!context.PE.IsPEFile)
{
LogExceptionInvalidPE(context);
continue;
}
context = CreateContext(logger, policy, target);
// Analyzing {0}...
logger.Log(MessageKind.AnalyzingTarget, context, DriverResources.Analyzing);
foreach (IBinarySkimmer skimmer in skimmers)
{
if (disabledSkimmers.Contains(skimmer.Id))
{
continue;
}
string reasonForNotAnalyzing = null;
context.Rule = skimmer;
AnalysisApplicability applicability = AnalysisApplicability.Unknown;
try
{
applicability = skimmer.CanAnalyze(context, out reasonForNotAnalyzing);
}
catch (Exception ex)
{
LogUnhandledRuleExceptionAssessingTargetApplicability(disabledSkimmers, context, skimmer, ex);
continue;
}
switch (applicability)
{
case AnalysisApplicability.NotApplicableToSpecifiedTarget:
{
// Image '{0}' was not evaluated for check '{1}' as the analysis
// is not relevant based on observed binary metadata: {2}.
context.Logger.Log(MessageKind.NotApplicable,
context,
RuleUtilities.BuildTargetNotAnalyzedMessage(
context.PE.FileName,
context.Rule.Name,
reasonForNotAnalyzing));
break;
}
case AnalysisApplicability.NotApplicableToAnyTargetWithoutPolicy:
{
// Check '{0}' was disabled for this run as the analysis was not
// configured with required policy ({1}). To resolve this,
// configure and provide a policy file on the BinSkim command-line
// using the --policy argument (recommended), or pass
// '--policy default' to invoke built-in settings. Invoke the
// BinSkim.exe 'export' command to produce an initial policy file
// that can be edited if required and passed back into the tool.
context.Logger.Log(MessageKind.ConfigurationError, context,
RuleUtilities.BuildRuleDisabledDueToMissingPolicyMessage(
context.Rule.Name,
reasonForNotAnalyzing));
disabledSkimmers.Add(skimmer.Id);
break;
}
case AnalysisApplicability.ApplicableToSpecifiedTarget:
{
try
{
skimmer.Analyze(context);
}
catch (Exception ex)
{
LogUnhandledRuleExceptionAnalyzingTarget(disabledSkimmers, context, skimmer, ex);
}
break;
}
}
}
// Once we've processed all portable executable skimmers for a specific
// target, we'll proactively let go of the data associated with this
// analysis phase. Follow-on analyses (such as the Roslyn integration)
// shouldn't attempt to rehydrate this data. The context implementation
// currently raises an exception if there is an attempt to rehydrate a
// previously nulled PE instance.
DisposePortableExecutableContextData(context);
// IsManagedAssembly is computed on intitializing the binary context
// object and is still valid after disposing the PE data. The Roslyn
// analysis is driven solely off the binary file path in the context.
if (context.IsManagedAssembly && roslynAnalyzerFilePaths?.Count > 0)
{
AnalyzeManagedAssembly(context.Uri.LocalPath, roslynAnalyzerFilePaths, context);
}
}
}
