Skip to content

Commit

Permalink
review comments
Browse files Browse the repository at this point in the history
  • Loading branch information
@danmar
danmar committed Oct 9, 2024
1 parent 5d76a94 commit fb9ca69
Show file tree
Hide file tree
Showing 2 changed files with 17 additions and 14 deletions.
24 changes: 11 additions & 13 deletions cli/cppcheckexecutor.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,6 +104,16 @@ namespace {
picojson::object properties;
properties["precision"] = picojson::value(sarifPrecision(finding));
properties["problem.severity"] = picojson::value(sarifSeverity(finding));
double securitySeverity = 0;
if (finding.severity == Severity::error && !ErrorLogger::isCriticalErrorId(finding.id))
securitySeverity = 9.9; // We see undefined behavior
//else if (finding.severity == Severity::warning)
// securitySeverity = 5.1; // We see potential undefined behavior
if (securitySeverity > 0) {
properties["security-severity"] = picojson::value(securitySeverity);
const picojson::array tags{picojson::value("security")};
properties["tags"] = picojson::value(tags);
}
rule["properties"] = picojson::value(properties);

ret.emplace_back(rule);
Expand Down Expand Up @@ -145,10 +155,6 @@ namespace {
message["text"] = picojson::value(finding.shortMessage());
res["message"] = picojson::value(message);
res["ruleId"] = picojson::value(finding.id);
// partialFingerprints.hash
picojson::object partialFingerprints;
partialFingerprints["hash"] = picojson::value(getHash(finding));
res["partialFingerprints"] = picojson::value(partialFingerprints);
results.emplace_back(res);
}
return results;
Expand Down Expand Up @@ -206,18 +212,10 @@ namespace {

static std::string sarifPrecision(const ErrorMessage& errmsg) {
if (errmsg.certainty == Certainty::inconclusive)
return "normal";
return "medium";
return "high";
}

static std::string getHash(const ErrorMessage& errmsg) {
const std::string s = errmsg.toString(false, "{file}:{line}:{column}: {message} {id} {code}", "{file}:{line}:{column} {info} {code}");
std::ostringstream os;
//std::cout << s << std::endl;
os << std::hex << std::hash<std::string> {}(s);
return os.str();
}

std::vector<ErrorMessage> mFindings;
};

Expand Down
7 changes: 6 additions & 1 deletion test/cli/helloworld_test.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -333,4 +333,9 @@ def test_sarif():
assert res['version'] == '2.1.0'
assert res['runs'][0]['results'][0]['locations'][0]['physicalLocation']['artifactLocation']['uri'] == 'helloworld/main.c'
assert res['runs'][0]['results'][0]['ruleId'] == 'zerodiv'
assert res['runs'][0]['results'][0]['message']['text'] == 'Division by zero.'
assert res['runs'][0]['tool']['driver']['rules'][0]['id'] == 'zerodiv'
assert res['runs'][0]['tool']['driver']['rules'][0]['properties']['precision'] == 'high'
assert res['runs'][0]['tool']['driver']['rules'][0]['properties']['problem.severity'] == 'warning'
assert res['runs'][0]['tool']['driver']['rules'][0]['properties']['security-severity'] > 9.5
assert 'security' in res['runs'][0]['tool']['driver']['rules'][0]['properties']['tags']
assert re.match(r'[0-9]+(.[0-9]+)+', res['runs'][0]['tool']['driver']['semanticVersion'])

0 comments on commit fb9ca69

Please sign in to comment.