Skip to content

Commit

Permalink
Match limits (#202)
Browse files Browse the repository at this point in the history 
* Better handling for project default name when source path is current or .\

* Fix for #179 to add check for existing log config

* Fix #200
  • Loading branch information
@guyacosta
guyacosta authored May 6, 2020
1 parent 7599d8f commit 4ab3098
Show file tree
Hide file tree
Showing 5 changed files with 57 additions and 6 deletions.
2 changes: 1 addition & 1 deletion AppInspector.CLI/CLICmdOptions.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ public class CLIAnalyzeCmdOptions : CLICommandOptions
[Option('c', "confidence-filters", Required = false, HelpText = "Output only matches with specified confidence <value>,<value> [high|medium|low]", Default = "high,medium")]
public string ConfidenceFilters { get; set; } = "high,medium";

[Option('k', "file-path-exclusions", Required = false, HelpText = "Exclude source files (none|default: sample,example,test,docs,.vs,.git)", Default = "sample,example,test,docs,.vs,.git")]
[Option('k', "file-path-exclusions", Required = false, HelpText = "Exclude source files (none|default: sample,example,test,docs,lib,.vs,.git)", Default = "sample,example,test,docs,lib,.vs,.git")]
public string FilePathExclusions { get; set; } = "sample,example,test,docs,.vs,.git";

[Option('f', "output-file-format", Required = false, HelpText = "Output format [html|json|text]", Default = "html")]
Expand Down
22 changes: 18 additions & 4 deletions AppInspector/Commands/AnalyzeCommand.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -317,7 +317,7 @@ public AnalyzeResult GetResult()
}
else
{
UnZipAndProcess(filename, archiveFileType);
UnZipAndProcess(filename, archiveFileType, _srcfileList.Count() == 1);
}
}

Expand Down Expand Up @@ -595,7 +595,7 @@ private string ExtractDependency(string text, int startIndex, SearchPattern patt

#endregion ProcessingAssist

private void UnZipAndProcess(string filename, ArchiveFileType archiveFileType)
private void UnZipAndProcess(string filename, ArchiveFileType archiveFileType, bool topLevel = true)
{
// zip itself may be in excluded list i.e. sample, test or similar unless ignore filter requested
if (_fileExclusionList != null && _fileExclusionList.Any(v => filename.ToLower().Contains(v)))
Expand All @@ -608,11 +608,25 @@ private void UnZipAndProcess(string filename, ArchiveFileType archiveFileType)
//zip itself may be too huge for timely processing
if (new FileInfo(filename).Length > WARN_ZIP_FILE_SIZE)
{
WriteOnce.General(MsgHelp.FormatString(MsgHelp.ID.ANALYZE_COMPRESSED_FILESIZE_WARN));
if (topLevel)
{
WriteOnce.General(MsgHelp.GetString(MsgHelp.ID.ANALYZE_COMPRESSED_FILESIZE_WARN));
}
else
{
WriteOnce.SafeLog("Decompressing large file " + filename, LogLevel.Warn);
}
}
else
{
WriteOnce.General(MsgHelp.FormatString(MsgHelp.ID.ANALYZE_COMPRESSED_PROCESSING));
if (topLevel)
{
WriteOnce.General(MsgHelp.GetString(MsgHelp.ID.ANALYZE_COMPRESSED_PROCESSING));
}
else
{
WriteOnce.SafeLog("Decompressing file " + filename, LogLevel.Warn);
}
}

LastUpdated = File.GetLastWriteTime(filename);
Expand Down
2 changes: 1 addition & 1 deletion AppInspector/rules/default/os/acl.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -178,7 +178,7 @@
"severity": "moderate",
"patterns": [
{
"pattern": "WindowsImpersonationContext|WindowsIdentity\\.Impersonate|WindowsIdentity\\.RunImpersonated||ImpersonateIdentity",
"pattern": "WindowsImpersonationContext|WindowsIdentity\\.Impersonate|WindowsIdentity\\.RunImpersonated|ImpersonateIdentity",
"type": "regex-word",
"scopes": [
"code"
Expand Down
27 changes: 27 additions & 0 deletions MultiExtractor/Extractor.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
using SharpCompress.Archives.Rar;
using SharpCompress.Compressors.BZip2;
using SharpCompress.Compressors.Xz;
using System;
using System.Collections.Generic;
using System.IO;

Expand All @@ -22,12 +23,38 @@ public static bool IsSupportedFormat(string filename)

public static IEnumerable<FileEntry> ExtractFile(string filename)
{
try
{
if (!File.OpenRead(filename).CanRead)
{
throw new IOException($"ExtractFile called, but {filename} cannot be read.");
}
}
catch (Exception)
{
//Logger.Trace("File {0} cannot be read, ignoring.", filename);
return Array.Empty<FileEntry>();
}

using var memoryStream = new MemoryStream(File.ReadAllBytes(filename));
return ExtractFile(new FileEntry(filename, "", memoryStream));
}

public static IEnumerable<FileEntry> ExtractFile(string filename, ArchiveFileType archiveFileType)
{
try
{
if (!File.OpenRead(filename).CanRead)
{
throw new IOException($"ExtractFile called, but {filename} cannot be read.");
}
}
catch (Exception)
{
//Logger.Trace("File {0} cannot be read, ignoring.", filename);
return Array.Empty<FileEntry>();
}

using var memoryStream = new MemoryStream(File.ReadAllBytes(filename));
return ExtractFile(new FileEntry(filename, "", memoryStream), archiveFileType);
}
Expand Down
10 changes: 10 additions & 0 deletions RulesEngine/TextContainer.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ namespace Microsoft.ApplicationInspector.RulesEngine
/// </summary>
internal class TextContainer
{
private static readonly int MAX_PATTERN_MATCHES = 10;
/// <summary>
/// Creates new instance
/// </summary>
Expand Down Expand Up @@ -161,6 +162,7 @@ private List<Boundary> MatchPattern(SearchPattern pattern, string text)
MatchCollection matches = patRegx.Matches(text);
if (matches.Count > 0)
{
int matchCount = 0;
foreach (Match m in matches)
{
Boundary bound = new Boundary() { Index = m.Index, Length = m.Length };
Expand All @@ -173,7 +175,15 @@ private List<Boundary> MatchPattern(SearchPattern pattern, string text)
{
break;
}

//firewall in case the pattern match count is exceedingly high
if (matchCount++ > MAX_PATTERN_MATCHES)
{
break;
}
}


}

return matchList;
Expand Down

0 comments on commit 4ab3098

Please sign in to comment.