def add_region_and_context_region(physical_location, line_number, code):
"""This adds the region information for displaying the code snippet
:param physical_location: Points to file
:param line_number: Line number suggested by the tool
:param code: Source code snippet
"""
first_line_number, snippet_lines = parse_code(code)
# Ensure start line is always non-zero
if first_line_number == 0:
first_line_number = 1
end_line_number = first_line_number + len(snippet_lines) - 1
if end_line_number < first_line_number:
end_line_number = first_line_number + 3
index = line_number - first_line_number
snippet_line = ""
if line_number == 0:
line_number = 1
if snippet_lines and len(snippet_lines) > index:
if index > 0:
snippet_line = snippet_lines[index]
else:
snippet_line = snippet_lines[0]
if snippet_line.strip().replace("\n", "") == "":
snippet_line = ""
physical_location.region = om.Region(
start_line=line_number, snippet=om.ArtifactContent(text=snippet_line)
)
physical_location.context_region = om.Region(
start_line=first_line_number,
end_line=end_line_number,
snippet=om.ArtifactContent(text="".join(snippet_lines)),
)
def add_region_and_context_region(physical_location, line_number, code):
"""This adds the region information for displaying the code snippet
:param physical_location: Points to file
:param line_number: Line number suggested by the tool
:param code: Source code snippet
"""
first_line_number, snippet_lines = parse_code(code)
end_line_number = first_line_number + len(snippet_lines) - 1
if end_line_number < first_line_number:
end_line_number = first_line_number + 3
index = line_number - first_line_number
snippet_line = ""
if len(snippet_lines) > index:
if index > 0:
snippet_line = snippet_lines[index]
else:
snippet_line = snippet_lines[0]
physical_location.region = om.Region(
start_line=line_number, snippet=om.ArtifactContent(text=snippet_line))
physical_location.context_region = om.Region(
start_line=first_line_number,
end_line=end_line_number,
snippet=om.ArtifactContent(text="".join(snippet_lines)),
)
def create_result(path, rule_id, issue_dict, rules, rule_indices):
if rule_id in rules:
rule = rules[rule_id]
rule_index = rule_indices[rule_id]
else:
doc = issue_dict['metadata'].get('reference')
if not doc:
doc = ('https://mobile-security.gitbook.io/'
'mobile-security-testing-guide/')
rule = om.ReportingDescriptor(
id=rule_id,
name=get_rule_name(rule_id),
help_uri=doc,
)
rule_index = len(rules)
rules[rule_id] = rule
rule_indices[rule_id] = rule_index
locations = []
for item in issue_dict.get('files', []):
physical_location = om.PhysicalLocation(
artifact_location=om.ArtifactLocation(
uri=to_uri(item['file_path'])),
)
physical_location.region = om.Region(
start_line=item['match_lines'][0],
end_line=item['match_lines'][1],
start_column=item['match_position'][0],
end_column=item['match_position'][1],
snippet=om.ArtifactContent(text=item['match_string']),
)
locations.append(om.Location(physical_location=physical_location))
if not locations:
artifact = om.PhysicalLocation(
artifact_location=om.ArtifactLocation(
uri=path[0]),
)
artifact.region = om.Region(
start_line=1,
end_line=1,
start_column=1,
end_column=1,
snippet=om.ArtifactContent(text='Missing Best Practice'),
)
locations.append(om.Location(physical_location=artifact))
return om.Result(
rule_id=rule.id,
rule_index=rule_index,
message=om.Message(text=issue_dict['metadata']['description']),
level=level_from_severity(issue_dict['metadata']['severity']),
locations=locations,
properties={
'owasp-mobile': issue_dict['metadata']['owasp-mobile'],
'masvs': issue_dict['metadata']['masvs'],
'cwe': issue_dict['metadata']['cwe'],
'reference': issue_dict['metadata']['reference'],
},
)
def add_region_and_context_region(physical_location, line_number, code):
first_line_number, snippet_lines = parse_code(code)
snippet_line = snippet_lines[line_number - first_line_number]
physical_location.region = om.Region(
start_line=line_number, snippet=om.ArtifactContent(text=snippet_line)
)
physical_location.context_region = om.Region(
start_line=first_line_number,
end_line=first_line_number + len(snippet_lines) - 1,
snippet=om.ArtifactContent(text="".join(snippet_lines)),
)
def add_region_and_context_region(physical_location, line_number, code):
first_line_number, snippet_lines = parse_code(code)
end_line_number = first_line_number + len(snippet_lines) - 1
if end_line_number < first_line_number:
end_line_number = first_line_number + 3
index = line_number - first_line_number
snippet_line = ""
if len(snippet_lines) > index:
snippet_line = snippet_lines[index]
physical_location.region = om.Region(
start_line=line_number, snippet=om.ArtifactContent(text=snippet_line))
physical_location.context_region = om.Region(
start_line=first_line_number,
end_line=end_line_number,
snippet=om.ArtifactContent(text="".join(snippet_lines)),
)
def create_result(rule_id, issue_dict, rules, rule_indices):
if rule_id in rules:
rule = rules[rule_id]
rule_index = rule_indices[rule_id]
else:
doc = 'https://ajinabraham.github.io/nodejsscan/#{}'.format(rule_id)
rule = om.ReportingDescriptor(
id=rule_id,
name=get_rule_name(rule_id),
help_uri=doc,
)
rule_index = len(rules)
rules[rule_id] = rule
rule_indices[rule_id] = rule_index
locations = []
for item in issue_dict['files']:
physical_location = om.PhysicalLocation(
artifact_location=om.ArtifactLocation(
uri=to_uri(item['file_path'])),
)
physical_location.region = om.Region(
start_line=item['match_lines'][0],
end_line=item['match_lines'][1],
start_column=item['match_position'][0],
end_column=item['match_position'][1],
snippet=om.ArtifactContent(text=item['match_string']),
)
locations.append(om.Location(physical_location=physical_location))
return om.Result(
rule_id=rule.id,
rule_index=rule_index,
message=om.Message(text=issue_dict['metadata']['description']),
level=level_from_severity(issue_dict['metadata']['severity']),
locations=locations,
properties={
'owasp-web': issue_dict['metadata']['owasp-web'],
'cwe': issue_dict['metadata']['cwe'],
},
)
