def scan(filename): eng = Engine(RuleBuilder(), SGrep("../rule/sgrep_rules")) fname = filename filename = "../testdata/" + filename result = eng.Scan(filename) f = open(filename + "_scan_result.txt", "w") json_str = jsonpickle.encode(result) f.write(json_str) f.close() return fname
def scan_directory(dirname): print(dirname) files = [ dirname + "/" + f for f in listdir(dirname) if isfile(join(dirname, f)) ] dirname = dirname.split('/')[-1] print(files) eng = Engine(RuleBuilder(), SGrep("../rule/sgrep_rules")) results = [] filename = "../testdata/" + dirname f = open(filename + "_scan_result.txt", "w") for name in files: print("Filename: " + name) result = eng.Scan(name) results.append(result) json_str = jsonpickle.encode(results) f.write(json_str) f.close() return dirname
import sys sys.path.append(r'./engine') sys.path.append(r'./rule') from engine import Engine from builder import RuleBuilder from sgrep import SGrep if __name__ == "__main__": if len(sys.argv) != 2: print("Usage: python3 ninjacs.py [filename]") exit(0) # Replace 0 with rule builder eng = Engine(RuleBuilder(), SGrep("rule/sgrep_rules")) result = eng.Scan(sys.argv[1]) result.ReportConsole()
from engine import Engine from file import * from sast import * import re class FakeRule: def Match(self, input): issues = [] for m in self.finder.finditer(input.Content): warning = input.Record(m.start(0)) issue = Issue(self.info, warning.Line, warning.Column, warning.Content) issues.append(issue) return issues class FakeRule1(FakeRule): def __init__(self): self.finder = re.compile("def") self.info = Info("Find def", "no recommendation") class FakeRule2(FakeRule): def __init__(self): self.finder = re.compile("\[.*\]") self.info = Info("Find []", "ninjacs!") class FakeRuleBuilder: def Build(self, languages): return [FakeRule1(), FakeRule2()] eng = Engine(FakeRuleBuilder()) result = eng.Scan("file.py") result.ReportConsole()