Skip to content

Commit

Permalink
Show message when no arguments and location when no codeflow when lis…
Browse files Browse the repository at this point in the history 
…ting results
  • Loading branch information
@radare
radare committed Jul 19, 2024
1 parent f602e02 commit 7bed40f
Show file tree
Hide file tree
Showing 2 changed files with 21 additions and 5 deletions.
25 changes: 20 additions & 5 deletions src/plugin.r2.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -275,11 +275,15 @@ class R2Sarif {
resultText += " :: " + desc;
}
r2.log(resultText);
if (res.message && res.message.arguments) {
const args = res.message.arguments;
const arg0 = args[0];
args.shift();
r2.log(" :: " + arg0 + " (" + args.join (", ") + ")");
if (res.message) {
if (res.message.arguments) {
const args = res.message.arguments;
const arg0 = args[0];
args.shift();
r2.log(" :: " + arg0 + " (" + args.join (", ") + ")");
} else if (res.message.text) {
r2.log(" :: " + res.message.text);
}
}
if (res.codeFlows !== undefined) {
for (const cf of res.codeFlows) {
Expand All @@ -297,6 +301,17 @@ class R2Sarif {
}
}
}
} else if (res.locations) {
for (const loc of res.locations) {
const bloc = loc as BinaryLocation;
let addr = "0x" + bloc.physicalLocation.address?.absoluteAddress.toString(16);
let relAddr = bloc.physicalLocation.region.byteOffset;
let text = " - " + addr + " module";
if (bloc.physicalLocation.region.byteOffset !== undefined) {
text += " +" + relAddr.toString();
}
r2.log(" - " + text);
}
}
}
}
Expand Down
1 change: 1 addition & 0 deletions test/db/cmd/sarif_flows
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ EXPECT=<<EOF
Selected driver:
* 0 NowSecure SARIF Findings0.0.1
EXAMPLE-VULN-001 :: Buffer Overflow
:: Buffer overflow vulnerability detected.
- 0x100ade70c app MyApp.app/MyApp +173836
- 0x1b4cdf090 system usr/lib/swift/libswift_Concurrency.dylib +192656
EOF
Expand Down

0 comments on commit 7bed40f

Please sign in to comment.