using Semmle.Util;
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using Semmle.Extraction.CSharp.Standalone;
using System.Threading.Tasks;
using System.Collections.Concurrent;
using System.Text;
using System.Security.Cryptography;
using System.Text.RegularExpressions;
namespace Semmle.BuildAnalyser
{
///
/// Main implementation of the build analysis.
///
internal sealed partial class BuildAnalysis : IDisposable
{
private readonly AssemblyCache assemblyCache;
private readonly ProgressMonitor progressMonitor;
private readonly IDictionary usedReferences = new ConcurrentDictionary();
private readonly IDictionary sources = new ConcurrentDictionary();
private readonly IDictionary unresolvedReferences = new ConcurrentDictionary();
private int failedProjects;
private int succeededProjects;
private readonly string[] allSources;
private int conflictedReferences = 0;
private readonly Options options;
private readonly DirectoryInfo sourceDir;
private readonly DotNet dotnet;
///
/// Performs a C# build analysis.
///
/// Analysis options from the command line.
/// Display of analysis progress.
public BuildAnalysis(Options options, ProgressMonitor progressMonitor)
{
var startTime = DateTime.Now;
this.options = options;
this.progressMonitor = progressMonitor;
this.sourceDir = new DirectoryInfo(options.SrcDir);
try
{
this.dotnet = new DotNet(progressMonitor);
}
catch
{
progressMonitor.MissingDotNet();
throw;
}
this.progressMonitor.FindingFiles(options.SrcDir);
this.allSources = GetFiles("*.cs").ToArray();
var allProjects = GetFiles("*.csproj");
var solutions = options.SolutionFile is not null
? new[] { options.SolutionFile }
: GetFiles("*.sln");
var dllDirNames = options.DllDirs.Select(Path.GetFullPath).ToList();
// Find DLLs in the .Net Framework
if (options.ScanNetFrameworkDlls)
{
var runtimeLocation = Runtime.GetRuntime(options.UseSelfContainedDotnet);
progressMonitor.Log(Util.Logging.Severity.Debug, $"Runtime location selected: {runtimeLocation}");
dllDirNames.Add(runtimeLocation);
}
if (options.UseMscorlib)
{
UseReference(typeof(object).Assembly.Location);
}
packageDirectory = new TemporaryDirectory(ComputeTempDirectory(sourceDir.FullName));
if (options.UseNuGet)
{
dllDirNames.Add(packageDirectory.DirInfo.FullName);
try
{
var nuget = new NugetPackages(sourceDir.FullName, packageDirectory, progressMonitor);
nuget.InstallPackages();
}
catch (FileNotFoundException)
{
progressMonitor.MissingNuGet();
}
// TODO: remove the below when the required SDK is installed
using (new FileRenamer(sourceDir.GetFiles("global.json", SearchOption.AllDirectories)))
{
Restore(solutions);
Restore(allProjects);
DownloadMissingPackages(allProjects);
}
}
assemblyCache = new AssemblyCache(dllDirNames, progressMonitor);
AnalyseSolutions(solutions);
foreach (var filename in assemblyCache.AllAssemblies.Select(a => a.Filename))
{
UseReference(filename);
}
ResolveConflicts();
// Output the findings
foreach (var r in usedReferences.Keys)
{
progressMonitor.ResolvedReference(r);
}
foreach (var r in unresolvedReferences)
{
progressMonitor.UnresolvedReference(r.Key, r.Value);
}
progressMonitor.Summary(
AllSourceFiles.Count(),
ProjectSourceFiles.Count(),
MissingSourceFiles.Count(),
ReferenceFiles.Count(),
UnresolvedReferences.Count(),
conflictedReferences,
succeededProjects + failedProjects,
failedProjects,
DateTime.Now - startTime);
}
private IEnumerable GetFiles(string pattern)
{
return sourceDir.GetFiles(pattern, SearchOption.AllDirectories)
.Select(d => d.FullName)
.Where(d => !options.ExcludesFile(d));
}
///
/// Computes a unique temp directory for the packages associated
/// with this source tree. Use a SHA1 of the directory name.
///
///
/// The full path of the temp directory.
private static string ComputeTempDirectory(string srcDir)
{
var bytes = Encoding.Unicode.GetBytes(srcDir);
var sha = SHA1.HashData(bytes);
var sb = new StringBuilder();
foreach (var b in sha.Take(8))
sb.AppendFormat("{0:x2}", b);
return Path.Combine(Path.GetTempPath(), "GitHub", "packages", sb.ToString());
}
///
/// Resolves conflicts between all of the resolved references.
/// If the same assembly name is duplicated with different versions,
/// resolve to the higher version number.
///
private void ResolveConflicts()
{
var sortedReferences = new List();
foreach (var usedReference in usedReferences)
{
try
{
var assemblyInfo = assemblyCache.GetAssemblyInfo(usedReference.Key);
sortedReferences.Add(assemblyInfo);
}
catch (AssemblyLoadException)
{
progressMonitor.Log(Util.Logging.Severity.Warning, $"Could not load assembly information from {usedReference.Key}");
}
}
sortedReferences = sortedReferences.OrderBy(r => r.Version).ToList();
var finalAssemblyList = new Dictionary();
// Pick the highest version for each assembly name
foreach (var r in sortedReferences)
{
finalAssemblyList[r.Name] = r;
}
// Update the used references list
usedReferences.Clear();
foreach (var r in finalAssemblyList.Select(r => r.Value.Filename))
{
UseReference(r);
}
// Report the results
foreach (var r in sortedReferences)
{
var resolvedInfo = finalAssemblyList[r.Name];
if (resolvedInfo.Version != r.Version)
{
progressMonitor.ResolvedConflict(r.Id, resolvedInfo.Id);
++conflictedReferences;
}
}
}
///
/// Store that a particular reference file is used.
///
/// The filename of the reference.
private void UseReference(string reference)
{
usedReferences[reference] = true;
}
///
/// Store that a particular source file is used (by a project file).
///
/// The source file.
private void UseSource(FileInfo sourceFile)
{
sources[sourceFile.FullName] = sourceFile.Exists;
}
///
/// The list of resolved reference files.
///
public IEnumerable ReferenceFiles => this.usedReferences.Keys;
///
/// The list of source files used in projects.
///
public IEnumerable ProjectSourceFiles => sources.Where(s => s.Value).Select(s => s.Key);
///
/// All of the source files in the source directory.
///
public IEnumerable AllSourceFiles => allSources;
///
/// List of assembly IDs which couldn't be resolved.
///
public IEnumerable UnresolvedReferences => this.unresolvedReferences.Select(r => r.Key);
///
/// List of source files which were mentioned in project files but
/// do not exist on the file system.
///
public IEnumerable MissingSourceFiles => sources.Where(s => !s.Value).Select(s => s.Key);
///
/// Record that a particular reference couldn't be resolved.
/// Note that this records at most one project file per missing reference.
///
/// The assembly ID.
/// The project file making the reference.
private void UnresolvedReference(string id, string projectFile)
{
unresolvedReferences[id] = projectFile;
}
private readonly TemporaryDirectory packageDirectory;
///
/// Reads all the source files and references from the given list of projects.
///
/// The list of projects to analyse.
private void AnalyseProjectFiles(IEnumerable projectFiles)
{
foreach (var proj in projectFiles)
{
AnalyseProject(proj);
}
}
private void AnalyseProject(FileInfo project)
{
if (!project.Exists)
{
progressMonitor.MissingProject(project.FullName);
return;
}
try
{
var csProj = new Extraction.CSharp.CsProjFile(project);
foreach (var @ref in csProj.References)
{
try
{
var resolved = assemblyCache.ResolveReference(@ref);
UseReference(resolved.Filename);
}
catch (AssemblyLoadException)
{
UnresolvedReference(@ref, project.FullName);
}
}
foreach (var src in csProj.Sources)
{
// Make a note of which source files the projects use.
// This information doesn't affect the build but is dumped
// as diagnostic output.
UseSource(new FileInfo(src));
}
++succeededProjects;
}
catch (Exception ex) // lgtm[cs/catch-of-all-exceptions]
{
++failedProjects;
progressMonitor.FailedProjectFile(project.FullName, ex.Message);
}
}
private bool Restore(string target)
{
return dotnet.RestoreToDirectory(target, packageDirectory.DirInfo.FullName);
}
private void Restore(IEnumerable targets)
{
foreach (var target in targets)
{
Restore(target);
}
}
private void DownloadMissingPackages(IEnumerable restoreTargets)
{
var alreadyDownloadedPackages = Directory.GetDirectories(packageDirectory.DirInfo.FullName).Select(d => Path.GetFileName(d).ToLowerInvariant()).ToHashSet();
var notYetDownloadedPackages = new HashSet();
var allFiles = GetFiles("*.*").ToArray();
foreach (var file in allFiles)
{
try
{
using var sr = new StreamReader(file);
ReadOnlySpan line;
while ((line = sr.ReadLine()) != null)
{
foreach (var valueMatch in PackageReference().EnumerateMatches(line))
{
// We can't get the group from the ValueMatch, so doing it manually:
var match = line.Slice(valueMatch.Index, valueMatch.Length);
var includeIndex = match.IndexOf("Include", StringComparison.InvariantCultureIgnoreCase);
if (includeIndex == -1)
{
continue;
}
match = match.Slice(includeIndex + "Include".Length + 1);
var quoteIndex1 = match.IndexOf("\"");
var quoteIndex2 = match.Slice(quoteIndex1 + 1).IndexOf("\"");
var packageName = match.Slice(quoteIndex1 + 1, quoteIndex2).ToString().ToLowerInvariant();
if (!alreadyDownloadedPackages.Contains(packageName))
{
notYetDownloadedPackages.Add(packageName);
}
}
}
}
catch (Exception ex)
{
progressMonitor.FailedToReadFile(file, ex);
continue;
}
}
foreach (var package in notYetDownloadedPackages)
{
progressMonitor.NugetInstall(package);
using var tempDir = new TemporaryDirectory(ComputeTempDirectory(package));
var success = dotnet.New(tempDir.DirInfo.FullName);
if (!success)
{
continue;
}
success = dotnet.AddPackage(tempDir.DirInfo.FullName, package);
if (!success)
{
continue;
}
success = Restore(tempDir.DirInfo.FullName);
// TODO: the restore might fail, we could retry with a prerelease (*-* instead of *) version of the package.
if (!success)
{
progressMonitor.FailedToRestoreNugetPackage(package);
}
}
}
private void AnalyseSolutions(IEnumerable solutions)
{
Parallel.ForEach(solutions, new ParallelOptions { MaxDegreeOfParallelism = 4 }, solutionFile =>
{
try
{
var sln = new SolutionFile(solutionFile);
progressMonitor.AnalysingSolution(solutionFile);
AnalyseProjectFiles(sln.Projects.Select(p => new FileInfo(p)).Where(p => p.Exists));
}
catch (Microsoft.Build.Exceptions.InvalidProjectFileException ex)
{
progressMonitor.FailedProjectFile(solutionFile, ex.BaseMessage);
}
});
}
public void Dispose()
{
packageDirectory?.Dispose();
}
[GeneratedRegex("", RegexOptions.IgnoreCase | RegexOptions.Compiled | RegexOptions.Singleline)]
private static partial Regex PackageReference();
}
}