Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Release v0.2.19 #137

Merged
merged 10 commits into from
Oct 31, 2024
Merged

Release v0.2.19 #137

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
cfb6dee
Added basic Substrate pallets support.
Helios-vmg Oct 15, 2024
7101e05
Added support for non-dylint detectors.
Helios-vmg Oct 17, 2024
35f2fe9
Fixed handling of custom detector findings.
Helios-vmg Oct 21, 2024
115461e
Passed through Clippy and cargo fmt.
Helios-vmg Oct 24, 2024
d55dda9
Removed debugging code.
Helios-vmg Oct 24, 2024
44f9a89
Bump Scout version.
Helios-vmg Oct 24, 2024
fe0ead5
Debugging failing test.
Helios-vmg Oct 24, 2024
3d5a4e7
Shut up, cargo fmt.
Helios-vmg Oct 24, 2024
1dd9227
Fixed crate name collection.
Helios-vmg Oct 29, 2024
ee885d0
Merge pull request #136 from CoinFabrik/substrate-pallets
Helios-vmg Oct 30, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Passed through Clippy and cargo fmt.
  • Loading branch information
@Helios-vmg
Helios-vmg committed Oct 24, 2024
commit 115461e5ce0d5dc902b746b6c1b60fd84bb96034
37 changes: 19 additions & 18 deletions apps/cargo-scout-audit/src/startup.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ use crate::{
utils::{
config::{open_config_and_sync_detectors, profile_enabled_detectors},
detectors::{get_excluded_detectors, get_filtered_detectors, list_detectors},
detectors_info::{get_detectors_info, LintInfo, CustomLint},
detectors_info::{get_detectors_info, CustomLint, LintInfo},
print::{print_error, print_warning},
},
};
Expand All @@ -24,13 +24,10 @@ use clap::{Parser, Subcommand, ValueEnum};
use dylint::opts::{Check, Dylint, LibrarySelection, Operation};
use serde_json::{from_str, to_string_pretty, Value};
use std::{
collections::{
HashMap,
HashSet,
},
collections::{HashMap, HashSet},
fs,
io::Write,
path::PathBuf
path::PathBuf,
};
use tempfile::NamedTempFile;
use terminal_color_builder::OutputFormatter;
Expand Down Expand Up @@ -241,7 +238,7 @@ fn normalize_crate_name(s: String) -> String {
ret
}

fn get_crates_from_output(output: &Vec<Value>) -> HashMap<String, bool>{
fn get_crates_from_output(output: &Vec<Value>) -> HashMap<String, bool> {
let mut ret = HashMap::<String, bool>::new();

for val in output {
Expand All @@ -252,7 +249,7 @@ fn get_crates_from_output(output: &Vec<Value>) -> HashMap<String, bool>{
}
let message = message.unwrap();

let name = get_crate_from_finding(&val);
let name = get_crate_from_finding(val);
if name.is_none() {
continue;
}
Expand All @@ -270,10 +267,10 @@ fn get_crates_from_output(output: &Vec<Value>) -> HashMap<String, bool>{
ret
}

fn get_crates_from_findings(findings: &Vec<String>) -> HashSet<String>{
fn get_crates_from_findings(findings: &Vec<String>) -> HashSet<String> {
let mut ret = HashSet::<String>::new();

for s in findings{
for s in findings {
let value = from_str::<Value>(s).unwrap();
let krate = json_to_string(value.get("crate").unwrap());
ret.insert(krate);
Expand All @@ -285,10 +282,8 @@ fn get_crates_from_findings(findings: &Vec<String>) -> HashSet<String>{
fn get_crates(output: &Vec<Value>, findings: &Vec<String>) -> HashMap<String, bool> {
let mut ret = get_crates_from_output(output);
let krates = get_crates_from_findings(findings);
for krate in krates{
if !ret.contains_key(&krate){
ret.insert(krate, true);
}
for krate in krates {
ret.entry(krate).or_insert(true);
}

ret
Expand Down Expand Up @@ -469,8 +464,14 @@ pub fn run_scout(mut opts: Scout) -> Result<Vec<Value>> {

let (findings, (_failed_build, stdout)) = wrapper_function(|| {
// Run dylint
run_dylint(detectors_paths.clone(), &opts, &metadata, inside_vscode, &custom_detectors)
.map_err(|err| anyhow!("Failed to run dylint.\n\n → Caused by: {}", err))
run_dylint(
detectors_paths.clone(),
&opts,
&metadata,
inside_vscode,
&custom_detectors,
)
.map_err(|err| anyhow!("Failed to run dylint.\n\n → Caused by: {}", err))
})?;

let output_string = temp_file_to_string(stdout)?;
Expand Down Expand Up @@ -613,8 +614,8 @@ fn run_dylint(
crate::cleanup::clean_up_before_run(metadata);

let failure = dylint::run(&options).is_err();
if !failure{
for (_, lint) in custom_detectors.iter(){
if !failure {
for (_, lint) in custom_detectors.iter() {
lint.call();
}
}
Expand Down
33 changes: 14 additions & 19 deletions apps/cargo-scout-audit/src/utils/detectors_info.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
use anyhow::{anyhow, Result};
use libloading::{Library, Symbol};
use serde::Serialize;
use std::{collections::HashMap, ffi::CString, path::PathBuf};
use std::sync::Arc;
use std::{collections::HashMap, ffi::CString, path::PathBuf};

#[derive(Default, Debug, Clone)]
pub struct RawLintInfo {
Expand All @@ -26,15 +26,15 @@ pub struct LintInfo {
pub vulnerability_class: String,
}

pub struct CustomLint<'lib>{
pub struct CustomLint<'lib> {
pub lib: Arc<Library>,
pub custom_detector: Symbol<'lib, CustomLintFunc>,
}

impl TryFrom<&RawLintInfo> for LintInfo {
type Error = anyhow::Error;

fn try_from(info: &RawLintInfo) -> Result<Self, Self::Error>{
fn try_from(info: &RawLintInfo) -> Result<Self, Self::Error> {
Ok(LintInfo {
id: info.id.to_str()?.to_string(),
name: info.name.to_str()?.to_string(),
Expand All @@ -47,19 +47,16 @@ impl TryFrom<&RawLintInfo> for LintInfo {
}
}

impl<'lib> CustomLint<'lib>{
pub fn new(
lib: Arc<Library>,
custom_detector: Symbol<'lib, CustomLintFunc>,
) -> Self{
impl<'lib> CustomLint<'lib> {
pub fn new(lib: Arc<Library>, custom_detector: Symbol<'lib, CustomLintFunc>) -> Self {
CustomLint {
lib,
custom_detector,
}
}

pub fn call(&self){
unsafe{
pub fn call(&self) {
unsafe {
(self.custom_detector)();
}
}
Expand All @@ -69,7 +66,9 @@ type LintInfoFunc = unsafe fn(info: &mut RawLintInfo);
type CustomLintFunc = unsafe fn();

#[tracing::instrument(level = "debug", skip_all)]
pub fn get_detectors_info(detectors_paths: &[PathBuf]) -> Result<(HashMap<String, LintInfo>, HashMap<String, CustomLint<'_>>)> {
pub fn get_detectors_info(
detectors_paths: &[PathBuf],
) -> Result<(HashMap<String, LintInfo>, HashMap<String, CustomLint<'_>>)> {
let mut lint_store = HashMap::new();
let mut custom_dectectors = HashMap::new();

Expand All @@ -89,9 +88,8 @@ pub fn get_detectors_info(detectors_paths: &[PathBuf]) -> Result<(HashMap<String
)
})?
};
let custom_detector_func: Option<Symbol<CustomLintFunc>> = unsafe{
(*Arc::as_ptr(&lib)).get(b"custom_detector").ok()
};
let custom_detector_func: Option<Symbol<CustomLintFunc>> =
unsafe { (*Arc::as_ptr(&lib)).get(b"custom_detector").ok() };

let mut raw_info = RawLintInfo::default();
unsafe { lint_info_func(&mut raw_info) };
Expand All @@ -108,11 +106,8 @@ pub fn get_detectors_info(detectors_paths: &[PathBuf]) -> Result<(HashMap<String

lint_store.insert(id.clone(), lint_info);

if let Some(custom_detector_func) = custom_detector_func{
custom_dectectors.insert(id, CustomLint::new(
lib,
custom_detector_func,
));
if let Some(custom_detector_func) = custom_detector_func {
custom_dectectors.insert(id, CustomLint::new(lib, custom_detector_func));
}
}

Expand Down