def test_export_to_xml():
write_to_file(target=target, sid='abcdefg', output_format='xml', filename='test.xml')
assert os.path.exists(os.path.join(EXPORT_PATH, 'test.xml'))
with open(os.path.join(EXPORT_PATH, 'test.xml')) as f:
xml_string = f.read()
# XML tag
assert "</" in xml_string
# code_content
assert "127.0.1.1" in xml_string
# line_number
assert "294" in xml_string
# file_path
assert "common.py" in xml_string
# commit_author
assert "Sunny" in xml_string
# commit_time
assert "2015-01-31" in xml_string
# rule_name
assert "硬编码IP" in xml_string
os.remove(os.path.join(EXPORT_PATH, 'test.xml'))
def test_export_to_json():
write_to_file(target=target, sid='abcdefg', output_format='json', filename='test.json')
assert os.path.exists(os.path.join(EXPORT_PATH, 'test.json'))
with open(os.path.join(EXPORT_PATH, 'test.json')) as f:
json_string = f.read()
# JSON format
assert isinstance(json.loads(json_string), dict)
# code_content
assert "127.0.1.1" in json_string
# line_number
assert "294" in json_string
# file_path
assert "common.py" in json_string
# commit_author
assert "Sunny" in json_string
# commit_time
assert "2015-01-31" in json_string
# rule_name
assert "硬编码IP" in json_string
os.remove(os.path.join(EXPORT_PATH, 'test.json'))
def start(target, formatter, output, special_rules, a_sid=None, language=None, tamper_name=None, black_path=None, is_unconfirm=False, is_unprecom=False):
"""
Start CLI
:param black_path:
:param tamper_name:
:param language:
:param target: File, FOLDER, GIT
:param formatter:
:param output:
:param special_rules:
:param a_sid: all scan id
:return:
"""
global ast_object
# generate single scan id
s_sid = get_sid(target)
r = Running(a_sid)
data = (s_sid, target)
r.init_list(data=target)
r.list(data)
report = '?sid={a_sid}'.format(a_sid=a_sid)
d = r.status()
d['report'] = report
r.status(d)
task_id = a_sid
# 加载 kunlunmignore
load_kunlunmignore()
# parse target mode and output mode
pa = ParseArgs(target, formatter, output, special_rules, language, black_path, a_sid=None)
target_mode = pa.target_mode
output_mode = pa.output_mode
black_path_list = pa.black_path_list
# target directory
try:
target_directory = pa.target_directory(target_mode)
logger.info('[CLI] Target : {d}'.format(d=target_directory))
# static analyse files info
files, file_count, time_consume = Directory(target_directory, black_path_list).collect_files()
# vendor check
project_id = get_and_check_scantask_project_id(task_id)
Vendors(project_id, target_directory, files)
# detection main language and framework
if not language:
dt = Detection(target_directory, files)
main_language = dt.language
main_framework = dt.framework
else:
main_language = pa.language
main_framework = pa.language
logger.info('[CLI] [STATISTIC] Language: {l} Framework: {f}'.format(l=",".join(main_language), f=main_framework))
logger.info('[CLI] [STATISTIC] Files: {fc}, Extensions:{ec}, Consume: {tc}'.format(fc=file_count,
ec=len(files),
tc=time_consume))
if pa.special_rules is not None:
logger.info('[CLI] [SPECIAL-RULE] only scan used by {r}'.format(r=','.join(pa.special_rules)))
# Pretreatment ast object
ast_object.init_pre(target_directory, files)
ast_object.pre_ast_all(main_language, is_unprecom=is_unprecom)
# scan
scan(target_directory=target_directory, a_sid=a_sid, s_sid=s_sid, special_rules=pa.special_rules,
language=main_language, framework=main_framework, file_count=file_count, extension_count=len(files),
files=files, tamper_name=tamper_name, is_unconfirm=is_unconfirm)
except KeyboardInterrupt as e:
logger.error("[!] KeyboardInterrupt, exit...")
exit()
except Exception:
result = {
'code': 1002,
'msg': 'Exception'
}
Running(s_sid).data(result)
raise
# 输出写入文件
write_to_file(target=target, sid=s_sid, output_format=formatter, filename=output)