Skip to content

Commit

Permalink
🐛 Fix .lib false positives in binary artifacts (#1879)
Browse files Browse the repository at this point in the history
* ignore printable files

* updates

* e2e tests

* e2e fix

* comments
  • Loading branch information
laurentsimon authored May 3, 2022
1 parent 2cb6541 commit 74ea0f4
Show file tree
Hide file tree
Showing 4 changed files with 470 additions and 35 deletions.
25 changes: 24 additions & 1 deletion checks/raw/binary_artifact.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ import (
"fmt"
"path/filepath"
"strings"
"unicode"

"github.com/h2non/filetype"
"github.com/h2non/filetype/types"
Expand Down Expand Up @@ -92,8 +93,17 @@ var checkBinaryFileContent fileparser.DoWhileTrueOnFileContent = func(path strin
}

exists1 := binaryFileTypes[t.Extension]
if exists1 {
*pfiles = append(*pfiles, checker.File{
Path: path,
Type: checker.FileTypeBinary,
Offset: checker.OffsetDefault,
})
return true, nil
}

exists2 := binaryFileTypes[strings.ReplaceAll(filepath.Ext(path), ".", "")]
if exists1 || exists2 {
if !isText(content) && exists2 {
*pfiles = append(*pfiles, checker.File{
Path: path,
Type: checker.FileTypeBinary,
Expand All @@ -103,3 +113,16 @@ var checkBinaryFileContent fileparser.DoWhileTrueOnFileContent = func(path strin

return true, nil
}

// TODO: refine this function.
func isText(content []byte) bool {
for _, c := range string(content) {
if c == '\t' || c == '\n' || c == '\r' {
continue
}
if !unicode.IsPrint(c) {
return false
}
}
return true
}
33 changes: 17 additions & 16 deletions checks/raw/binary_artifact_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,6 @@ package raw

import (
"fmt"
"log"
"os"
"testing"

Expand All @@ -29,37 +28,40 @@ import (
func TestBinaryArtifacts(t *testing.T) {
t.Parallel()
tests := []struct {
name string
inputFile string
err error
files []string
expect int
name string
err error
files []string
expect int
}{
{
name: "Jar file",
inputFile: "../testdata/binaryartifacts/jars/aws-java-sdk-core-1.11.571.jar",
err: nil,
name: "Jar file",
err: nil,
files: []string{
"../testdata/binaryartifacts/jars/aws-java-sdk-core-1.11.571.jar",
},
expect: 1,
},
{
name: "non binary file",
inputFile: "../testdata/licensedir/withlicense/LICENSE",
err: nil,
name: "non binary file",
err: nil,
files: []string{
"../testdata/licensedir/withlicense/LICENSE",
},
},
{
name: "non binary file",
inputFile: "../doesnotexist",
err: nil,
name: "non binary file",
err: nil,
files: []string{
"../doesnotexist",
},
},
{
name: "printable character .lib",
err: nil,
files: []string{
"../testdata/binaryartifacts/printable.lib",
},
},
}
for _, tt := range tests {
tt := tt // Re-initializing variable so it is not changed while executing the closure below
Expand All @@ -72,7 +74,6 @@ func TestBinaryArtifacts(t *testing.T) {
mockRepoClient.EXPECT().GetFileContent(gomock.Any()).DoAndReturn(func(file string) ([]byte, error) {
// This will read the file and return the content
content, err := os.ReadFile(file)
log.Println(os.Getwd())
if err != nil {
return content, fmt.Errorf("%w", err)
}
Expand Down
Loading

0 comments on commit 74ea0f4

Please sign in to comment.