use of com.checkmarx.sdk.dto.filtering.EngineFilterConfiguration in project cx-flow by checkmarx-ltd.
the class OsaScannerService method cxOsaParseResults.
public void cxOsaParseResults(ScanRequest request, File file, File libs) throws ExitThrowable {
try {
List<Filter> simpleFilters = Optional.ofNullable(request).map(ScanRequest::getFilter).map(FilterConfiguration::getSastFilters).map(EngineFilterConfiguration::getSimpleFilters).orElse(null);
ScanResults results = cxService.getOsaReportContent(file, libs, simpleFilters);
resultsService.processResults(request, results, scanDetails);
if (flowProperties.isBreakBuild() && results != null && results.getXIssues() != null && !results.getXIssues().isEmpty()) {
log.error(ERROR_BREAK_MSG);
exit(ExitCode.BUILD_INTERRUPTED);
}
} catch (MachinaException | CheckmarxException e) {
log.error("Error occurred while processing results file(s)", e);
exit(3);
}
}
use of com.checkmarx.sdk.dto.filtering.EngineFilterConfiguration in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class CxService method getIssues.
/**
* @param filter determines which SAST findings will be mapped into XIssue-s.
* @param cxIssueList list that will be populated during this method execution.
* @param cxResults SAST-specific scan results based on SAST XML report.
*/
private Map<String, Integer> getIssues(FilterConfiguration filter, String session, List<ScanResults.XIssue> cxIssueList, CxXMLResultsType cxResults) {
Map<String, Integer> summary = new HashMap<>();
EngineFilterConfiguration sastFilters = Optional.ofNullable(filter).map(FilterConfiguration::getSastFilters).orElse(null);
for (QueryType result : cxResults.getQuery()) {
ScanResults.XIssue.XIssueBuilder xIssueBuilder = ScanResults.XIssue.builder();
/*Top node of each issue*/
for (ResultType resultType : result.getResult()) {
FilterInput filterInput = filterInputFactory.createFilterInputForCxSast(result, resultType);
if (filterValidator.passesFilter(filterInput, sastFilters)) {
boolean falsePositive = false;
if (!resultType.getFalsePositive().equalsIgnoreCase("FALSE")) {
falsePositive = true;
}
/*Map issue details*/
xIssueBuilder.cwe(result.getCweId());
xIssueBuilder.language(result.getLanguage());
xIssueBuilder.severity(result.getSeverity());
xIssueBuilder.vulnerability(result.getName());
xIssueBuilder.file(resultType.getFileName());
xIssueBuilder.severity(resultType.getSeverity());
xIssueBuilder.link(resultType.getDeepLink());
xIssueBuilder.vulnerabilityStatus(cxProperties.getStateFullName(resultType.getState()));
xIssueBuilder.queryId(result.getId());
xIssueBuilder.groupBySeverity(cxProperties.getGroupBySeverity());
// Add additional details
Map<String, Object> additionalDetails = getAdditionalIssueDetails(result, resultType);
xIssueBuilder.additionalDetails(additionalDetails);
Map<Integer, ScanResults.IssueDetails> details = new HashMap<>();
try {
/* Call the CX SOAP Service to get Issue Description*/
if (session != null) {
try {
xIssueBuilder.description(this.getIssueDescription(session, Long.parseLong(cxResults.getScanId()), Long.parseLong(resultType.getPath().getPathId())));
} catch (HttpStatusCodeException e) {
xIssueBuilder.description("");
}
} else {
xIssueBuilder.description("");
}
String snippet = resultType.getPath().getPathNode().get(0).getSnippet().getLine().getCode();
snippet = StringUtils.truncate(snippet, cxProperties.getCodeSnippetLength());
ScanResults.IssueDetails issueDetails = new ScanResults.IssueDetails().codeSnippet(snippet).comment(resultType.getRemark()).falsePositive(falsePositive);
details.put(Integer.parseInt(resultType.getPath().getPathNode().get(0).getLine()), issueDetails);
xIssueBuilder.similarityId(resultType.getPath().getSimilarityId());
} catch (NullPointerException e) {
log.warn("Problem grabbing snippet. Snippet may not exist for finding for Node ID");
/*Defaulting to initial line number with no snippet*/
ScanResults.IssueDetails issueDetails = new ScanResults.IssueDetails().codeSnippet(null).comment(resultType.getRemark()).falsePositive(falsePositive);
details.put(Integer.parseInt(resultType.getLine()), issueDetails);
}
xIssueBuilder.details(details);
ScanResults.XIssue issue = xIssueBuilder.build();
prepareIssuesRemoveDuplicates(cxIssueList, resultType, details, falsePositive, issue, summary);
}
}
}
return summary;
}
use of com.checkmarx.sdk.dto.filtering.EngineFilterConfiguration in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class FilterValidatorTest method verifySimpleFilterResult.
private static void verifySimpleFilterResult(List<Filter> filters, String severity, String status, String state, String name, String cweId, boolean expectedResult) {
ResultType finding = createFinding(status, state);
QueryType findingGroup = createFindingGroup(severity, name, cweId);
FilterValidator filterValidator = new FilterValidator();
EngineFilterConfiguration filterConfiguration = EngineFilterConfiguration.builder().simpleFilters(filters).build();
FilterInputFactory filterInputFactory = new FilterInputFactory(new CxProperties());
FilterInput filterInput = filterInputFactory.createFilterInputForCxSast(findingGroup, finding);
boolean passes = filterValidator.passesFilter(filterInput, filterConfiguration);
assertEquals(expectedResult, passes, "Unexpected simple filtering result.");
}
use of com.checkmarx.sdk.dto.filtering.EngineFilterConfiguration in project checkmarx-spring-boot-java-sdk by checkmarx-ltd.
the class ScaScanner method extractFilterConfigFrom.
private static EngineFilterConfiguration extractFilterConfigFrom(ScanParams scanParams) {
EngineFilterConfiguration result = Optional.ofNullable(scanParams).map(ScanParams::getFilterConfiguration).map(FilterConfiguration::getScaFilters).orElse(null);
String message = (result == null ? "No SCA filter configuration was found in {}" : "Found SCA filter configuration in {}");
log.debug(message, ScanParams.class.getSimpleName());
return result;
}
Aggregations