use of com.mercedesbenz.sechub.commons.model.SecHubCodeCallStack in project sechub by mercedes-benz.
the class FalsePositiveMetaDataFactory method createCodeScan.
private FalsePositiveMetaData createCodeScan(SecHubFinding finding) {
FalsePositiveMetaData metaData = createCommonMetaDataWithCweIdEnsured(finding);
metaData.setScanType(ScanType.CODE_SCAN);
FalsePositiveCodeMetaData code = new FalsePositiveCodeMetaData();
SecHubCodeCallStack startCallStack = finding.getCode();
if (startCallStack == null) {
throw new IllegalStateException("Callstack must be given to create code scan meta data");
}
SecHubCodeCallStack endCallStack = startCallStack.getCalls();
while (endCallStack != null && endCallStack.getCalls() != null) {
endCallStack = endCallStack.getCalls();
}
code.setStart(importCallStackElement(startCallStack));
code.setEnd(importCallStackElement(endCallStack));
metaData.setCode(code);
return metaData;
}
use of com.mercedesbenz.sechub.commons.model.SecHubCodeCallStack in project sechub by mercedes-benz.
the class HTMLScanResultReportModelBuilderTest method code_scan_entries_set_and_right_amount_of_call_stacks_populated.
@Test
public void code_scan_entries_set_and_right_amount_of_call_stacks_populated() {
/* prepare */
SecHubFinding finding = mock(SecHubFinding.class);
SecHubCodeCallStack code1 = mock(SecHubCodeCallStack.class);
SecHubCodeCallStack subCode = mock(SecHubCodeCallStack.class);
when(scanSecHubReport.getTrafficLight()).thenReturn(TrafficLight.RED);
when(scanSecHubReport.getResult()).thenReturn(result);
when(result.getFindings()).thenReturn(Arrays.asList(finding));
when(finding.getCode()).thenReturn(code1);
when(code1.getCalls()).thenReturn(subCode);
/* execute */
Map<String, Object> buildResult = builderToTest.build(scanSecHubReport);
/* test */
assertNotNull(buildResult.get("codeScanEntries"));
assertTrue(buildResult.get("codeScanEntries") instanceof Map<?, ?>);
@SuppressWarnings("unchecked") Map<Integer, List<HTMLScanResultCodeScanEntry>> codeScanEntries = (Map<Integer, List<HTMLScanResultCodeScanEntry>>) buildResult.get("codeScanEntries");
assertNotNull(codeScanEntries.get(0));
List<HTMLScanResultCodeScanEntry> scanEntriesList = codeScanEntries.get(0);
assertTrue(scanEntriesList.size() == 2);
}
use of com.mercedesbenz.sechub.commons.model.SecHubCodeCallStack in project sechub by mercedes-benz.
the class HtmlCodeScanDescriptionSupportTest method test_is_code_scan_with_code_scan_finding.
@Test
void test_is_code_scan_with_code_scan_finding() {
/* prepare */
SecHubFinding finding = new SecHubFinding();
finding.setCode(new SecHubCodeCallStack());
/* test */
assertTrue(descriptionSupport.isCodeScan(finding));
}
use of com.mercedesbenz.sechub.commons.model.SecHubCodeCallStack in project sechub by mercedes-benz.
the class FalsePositiveMetaDataFactory method createMetaData.
/**
* Creates meta data for given finding
*
* @param finding
* @return meta data, never <code>null</code>
*/
public FalsePositiveMetaData createMetaData(SecHubFinding finding) {
ScanType type = finding.getType();
if (type == null) {
/* hmm.. maybe an old report where type was not set */
SecHubCodeCallStack callstack = finding.getCode();
if (callstack == null) {
throw new IllegalStateException("Sorry, cannot determine scan type which is necessary for false positive handling. Please start a new scanjob and use this job UUID and retry.");
}
type = ScanType.CODE_SCAN;
LOG.warn("scan type was not given - fallback to {}", type);
}
switch(type) {
case CODE_SCAN:
return createCodeScan(finding);
case WEB_SCAN:
return createWebScan(finding);
default:
throw new NotAcceptableException("A false positive handling for type " + type + " is currently not implemented!");
}
}
use of com.mercedesbenz.sechub.commons.model.SecHubCodeCallStack in project sechub by mercedes-benz.
the class FalsePositiveMetaDataFactoryTest method createCodeFinding.
private SecHubFinding createCodeFinding() {
SecHubFinding finding = createTestFinding();
SecHubCodeCallStack codeStart = new SecHubCodeCallStack();
codeStart.setRelevantPart("relevant-part-start");
codeStart.setLocation("location-start");
codeStart.setSource("source-start");
codeStart.setSource("source-start");
SecHubCodeCallStack codeMiddle = new SecHubCodeCallStack();
codeMiddle.setRelevantPart("relevant-part-middle");
SecHubCodeCallStack codeEnd = new SecHubCodeCallStack();
codeEnd.setRelevantPart("relevant-part-end");
codeEnd.setLocation("location-end");
codeEnd.setSource("source-end");
codeStart.setCalls(codeMiddle);
codeMiddle.setCalls(codeEnd);
finding.setCode(codeStart);
finding.setType(ScanType.CODE_SCAN);
return finding;
}
Aggregations