Skip to content

Commit

Permalink
sarif: initial implementation of csdiff/v1 fingerprints
Browse files Browse the repository at this point in the history 
It hashes the data that csdiff uses in its matching algorithm
and the line content without spaces.  For this fingerprint to
be computed, the results need to include the line content for
the key event in the format produced by `csgrep --embed-context`.

Related: https://issues.redhat.com/browse/OSH-9
Related: #98
  • Loading branch information
@kdudka
kdudka committed Mar 29, 2024
1 parent 1c3d4cb commit 73afae8
Show file tree
Hide file tree
Showing 2 changed files with 94 additions and 22 deletions.
50 changes: 50 additions & 0 deletions src/lib/finger-print.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,11 +21,58 @@

#include "hash-util.hh"
#include "msg-filter.hh"
#include "parser-common.hh" // for parseInt()
#include "regex.hh"

#include <cassert>

#include <boost/uuid/name_generator.hpp> // for boost::uuids::detail::sha1

static std::string findLineContent(const int lineNumber, const TEvtList &evts)
{
// line content for the key event as produced by `csgrep --embed-context`
static const RE reLineCont = RE("^ *([0-9]+) *\\|-> (.*)$");
assert(0 < lineNumber);

// go through all events
for (const DefEvent &evt : evts) {
if ("#" != evt.event)
// not a comment
continue;

boost::smatch sm;
if (!boost::regex_match(evt.msg, sm, reLineCont))
// not a line content
continue;

if (lineNumber != parseInt(sm[/* line number */ 1]))
// line number mismatch
continue;

// found!
return sm[/* line content */ 2];
}

return /* not found */ "";
}

static void getLineContent(std::string *pDst, const Defect &def)
{
const DefEvent &keyEvt = def.events[def.keyEventIdx];
if (keyEvt.line <= 0)
// no valid line number for the key event
return;

std::string content = findLineContent(keyEvt.line, def.events);
if (content.empty())
// no line content found
return;

// remove all white-spaces
static const RE reSpace = RE("\\s+");
*pDst = boost::regex_replace(content, reSpace, "");
}

/// return SHA1 hash of `str` as hex-encoded string
static std::string computeHexSHA1(const std::string &str)
{
Expand Down Expand Up @@ -59,6 +106,9 @@ FingerPrinter::FingerPrinter(const Defect &def):
/* file path */ path + sep +
/* key event */ keyEvt.event + sep +
/* message */ filt.filterMsg(keyEvt.msg, def.checker);

// try to read line content without white-spaces
getLineContent(&d->lineContent, def);
}

FingerPrinter::~FingerPrinter() = default;
Expand Down
66 changes: 44 additions & 22 deletions tests/csgrep/0085-sarif-writer-stdout.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -209,7 +209,8 @@
}
],
"fingerprints": {
"csdiff/v0": "331bc2faa0da89f8b1cb20b9f8801b713507c2e8"
"csdiff/v0": "331bc2faa0da89f8b1cb20b9f8801b713507c2e8",
"csdiff/v1": "f75915548d17ebc31e35ad7c4f34514688703109"
}
},
{
Expand Down Expand Up @@ -359,7 +360,8 @@
}
],
"fingerprints": {
"csdiff/v0": "f59c1912fd29eb253b012ca95e9d81288ff8cf71"
"csdiff/v0": "f59c1912fd29eb253b012ca95e9d81288ff8cf71",
"csdiff/v1": "f751115465d08a034db0c47d3bdda83d544dc285"
}
},
{
Expand Down Expand Up @@ -509,7 +511,8 @@
}
],
"fingerprints": {
"csdiff/v0": "4a549b06007dd9da520c76392e42e5e06296ab2b"
"csdiff/v0": "4a549b06007dd9da520c76392e42e5e06296ab2b",
"csdiff/v1": "ffed405bfb4ef75b9de1588f2ae94661db90cb8f"
}
},
{
Expand Down Expand Up @@ -659,7 +662,8 @@
}
],
"fingerprints": {
"csdiff/v0": "ef272f478b9a26e2ba37ad890dce8735aa2d720e"
"csdiff/v0": "ef272f478b9a26e2ba37ad890dce8735aa2d720e",
"csdiff/v1": "b59a6dfe30dd990e93bc2ff51b9a61e1fc3b0926"
}
},
{
Expand Down Expand Up @@ -809,7 +813,8 @@
}
],
"fingerprints": {
"csdiff/v0": "81aee04efa5b65ea3a3cbe55e22f0f71233ab2fe"
"csdiff/v0": "81aee04efa5b65ea3a3cbe55e22f0f71233ab2fe",
"csdiff/v1": "2b94655ac88de81e21564d68ba609c967257d460"
}
},
{
Expand Down Expand Up @@ -959,7 +964,8 @@
}
],
"fingerprints": {
"csdiff/v0": "7083c037648d1d3cba7cb247d39ad3c421b5f560"
"csdiff/v0": "7083c037648d1d3cba7cb247d39ad3c421b5f560",
"csdiff/v1": "3489908a33d71933646018c6af1d99654c12f995"
}
},
{
Expand Down Expand Up @@ -1109,7 +1115,8 @@
}
],
"fingerprints": {
"csdiff/v0": "70b741bfb443d61d1d1583bf99e6fc669b462765"
"csdiff/v0": "70b741bfb443d61d1d1583bf99e6fc669b462765",
"csdiff/v1": "05bc362f71d27e6caca89cb7eaed08720379622e"
}
},
{
Expand Down Expand Up @@ -1259,7 +1266,8 @@
}
],
"fingerprints": {
"csdiff/v0": "21b929e63590f6a96487999653666e603c08a421"
"csdiff/v0": "21b929e63590f6a96487999653666e603c08a421",
"csdiff/v1": "8f8bd8e7bc4b3458dddeb917207831b973ff44d0"
}
},
{
Expand Down Expand Up @@ -1409,7 +1417,8 @@
}
],
"fingerprints": {
"csdiff/v0": "2abe618dd474b397e7475b8e4fee78a4d6dee514"
"csdiff/v0": "2abe618dd474b397e7475b8e4fee78a4d6dee514",
"csdiff/v1": "58e1f662e974930637555fd08b0d7bc584eb389c"
}
},
{
Expand Down Expand Up @@ -1559,7 +1568,8 @@
}
],
"fingerprints": {
"csdiff/v0": "93c9a4a35ccfce9a9a5a37c55c31dd1bc111aa21"
"csdiff/v0": "93c9a4a35ccfce9a9a5a37c55c31dd1bc111aa21",
"csdiff/v1": "1ceac5351bf27c316a7317f1d5ae782890a489ca"
}
},
{
Expand Down Expand Up @@ -1709,7 +1719,8 @@
}
],
"fingerprints": {
"csdiff/v0": "c7734c1f84b997e073cb216f71a577b35596de99"
"csdiff/v0": "c7734c1f84b997e073cb216f71a577b35596de99",
"csdiff/v1": "63ae1429f2f7edeea500344b6181c2a426f13b8c"
}
},
{
Expand Down Expand Up @@ -1859,7 +1870,8 @@
}
],
"fingerprints": {
"csdiff/v0": "96e8196380dc2b91199586fa792863f54aea189f"
"csdiff/v0": "96e8196380dc2b91199586fa792863f54aea189f",
"csdiff/v1": "aac84c26219cc0e4ae0b0e916ea65a0a897ea5cb"
}
},
{
Expand Down Expand Up @@ -2009,7 +2021,8 @@
}
],
"fingerprints": {
"csdiff/v0": "3e98237f8c7d0a9949e5bccecc5300fb5e886288"
"csdiff/v0": "3e98237f8c7d0a9949e5bccecc5300fb5e886288",
"csdiff/v1": "abd11bd54a40383a913a850e6cba5634d404134a"
}
},
{
Expand Down Expand Up @@ -2159,7 +2172,8 @@
}
],
"fingerprints": {
"csdiff/v0": "97b39635ea28ffb7eafa21270e3412860ff0ee7f"
"csdiff/v0": "97b39635ea28ffb7eafa21270e3412860ff0ee7f",
"csdiff/v1": "9afea3c68ec0867020943d0343b5c46fc63cd38a"
}
},
{
Expand Down Expand Up @@ -2309,7 +2323,8 @@
}
],
"fingerprints": {
"csdiff/v0": "2544171905ccc384f42027ffe2b53de9901c2d72"
"csdiff/v0": "2544171905ccc384f42027ffe2b53de9901c2d72",
"csdiff/v1": "7277dca5030b5230bd7279fbd4d2da5d9f2dfd2a"
}
},
{
Expand Down Expand Up @@ -2459,7 +2474,8 @@
}
],
"fingerprints": {
"csdiff/v0": "b5486234172f719db8663adb23c067c5f97e37bb"
"csdiff/v0": "b5486234172f719db8663adb23c067c5f97e37bb",
"csdiff/v1": "3a30dc31a50e73377464370e31ef610d45e459e2"
}
},
{
Expand Down Expand Up @@ -2609,7 +2625,8 @@
}
],
"fingerprints": {
"csdiff/v0": "55f0bbcd69c0283eb1e2a6fbebda9ba8b015faf4"
"csdiff/v0": "55f0bbcd69c0283eb1e2a6fbebda9ba8b015faf4",
"csdiff/v1": "fb0aa5afe7e8d70ebfc6069c2acc185d3c97b941"
}
},
{
Expand Down Expand Up @@ -2759,7 +2776,8 @@
}
],
"fingerprints": {
"csdiff/v0": "8fe2e571a1d0cc0e2e6dbdb34e814cae4fb2ee90"
"csdiff/v0": "8fe2e571a1d0cc0e2e6dbdb34e814cae4fb2ee90",
"csdiff/v1": "e0c742d03cd6f29e0611b4992b1292dade93ec5c"
}
},
{
Expand Down Expand Up @@ -2909,7 +2927,8 @@
}
],
"fingerprints": {
"csdiff/v0": "cc73bf64e5cb8020e229b110e848cee36dfb4742"
"csdiff/v0": "cc73bf64e5cb8020e229b110e848cee36dfb4742",
"csdiff/v1": "4184f94fe78777e886108f7cda4b64c1ab380c6a"
}
},
{
Expand Down Expand Up @@ -3059,7 +3078,8 @@
}
],
"fingerprints": {
"csdiff/v0": "0056285c1413be3a89937ba4ac6532986fbafaae"
"csdiff/v0": "0056285c1413be3a89937ba4ac6532986fbafaae",
"csdiff/v1": "3ddf218d4bfcbcc00ddb78214866ea90daff11f4"
}
},
{
Expand Down Expand Up @@ -3209,7 +3229,8 @@
}
],
"fingerprints": {
"csdiff/v0": "d9200fd6787236411e63888611e05dd26b511f53"
"csdiff/v0": "d9200fd6787236411e63888611e05dd26b511f53",
"csdiff/v1": "4b7e4e2caa66077653924005972f710a5cb6d400"
}
},
{
Expand Down Expand Up @@ -3359,7 +3380,8 @@
}
],
"fingerprints": {
"csdiff/v0": "2b9194f9d9e81b1b7ae597f87d9a966258ef94b2"
"csdiff/v0": "2b9194f9d9e81b1b7ae597f87d9a966258ef94b2",
"csdiff/v1": "eb2f4311ffbce9e44a3814d2dec6a85853e9992f"
}
}
]
Expand Down

0 comments on commit 73afae8

Please sign in to comment.