hohn/sarif-cli
1
0
Fork 0
mirror of https://github.com/hohn/sarif-cli.git synced 2025-12-16 17:23:03 +01:00
Code Issues Packages Projects Releases Wiki Activity

Bugfix signature subset superset mismatch

Browse Source 
when the template signature portion contains
codeflows it was previously possible that a valid sarif
problem portion that contains extra fields
would be misdiagnosed as not parsable
This commit is contained in:
Kristen Newbury
2022-12-15 18:46:32 -05:00
parent dae6c50d5b
commit d602efd3f0
1 changed files with 8 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
sarif_cli/typegraph.py
View File

@@ -195,6 +195,11 @@ def _destructure_dict(typegraph: Typegraph, node, tree):
f"Check input file for the original signature." f"Check input file for the original signature."
) )
else:
# possibly looks like: (Struct9699)type_fields: [codeflows...] vs tree_fields: [...extra_properties]
# in that case we need to also try the Struct4055 signature here
if "codeFlows" in type_fields:
_destructure_dict(typegraph, "Struct4055", tree)
else: else:
status_writer.unknown_sarif_parsing_shape["extra_info"] = "type fields {} do not match tree fields {}.".format(type_fields, tree_fields) status_writer.unknown_sarif_parsing_shape["extra_info"] = "type fields {} do not match tree fields {}.".format(type_fields, tree_fields)
status_writer.csv_write(status_writer.unknown_sarif_parsing_shape) status_writer.csv_write(status_writer.unknown_sarif_parsing_shape)