Skip to content
This repository was archived by the owner on Nov 28, 2023. It is now read-only.

Commit 475c49c

Browse files
committed
解决了单个文件无法扫描的bug, fix #583
1 parent 446a5a8 commit 475c49c

File tree

3 files changed

+13
-5
lines changed

3 files changed

+13
-5
lines changed

cobra/cli.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -69,6 +69,7 @@ def start(target, formatter, output, special_rules, a_sid=None):
6969
# target directory
7070
try:
7171
target_directory = pa.target_directory(target_mode)
72+
target_directory = target_directory.rstrip("/")
7273
logger.info('[CLI] Target directory: {d}'.format(d=target_directory))
7374

7475
# static analyse files info
@@ -86,7 +87,6 @@ def start(target, formatter, output, special_rules, a_sid=None):
8687

8788
if pa.special_rules is not None:
8889
logger.info('[CLI] [SPECIAL-RULE] only scan used by {r}'.format(r=','.join(pa.special_rules)))
89-
9090
# scan
9191
scan(target_directory=target_directory, a_sid=a_sid, s_sid=s_sid, special_rules=pa.special_rules,
9292
language=main_language, framework=main_framework, file_count=file_count, extension_count=len(files))

cobra/engine.py

+10-3
Original file line numberDiff line numberDiff line change
@@ -161,7 +161,10 @@ def scan(target_directory, a_sid=None, s_sid=None, special_rules=None, language=
161161
def store(result):
162162
if result is not None and isinstance(result, list) is True:
163163
for res in result:
164-
res.file_path = res.file_path.replace(target_directory, '')
164+
if os.path.isdir(target_directory):
165+
res.file_path = res.file_path.replace(target_directory, '')
166+
else:
167+
res.file_path = res.file_path.replace(os.path.dirname(target_directory), '')
165168
find_vulnerabilities.append(res)
166169
else:
167170
logger.debug('[SCAN] [STORE] Not found vulnerabilities on this rule!')
@@ -363,8 +366,12 @@ def parse_match(self, single_match):
363366
# v.php:2:$password 2017:01:01
364367
# v.exe Binary file
365368
try:
366-
mr.line_number, mr.code_content = re.findall(r':(\d+):(.*)', single_match)[0]
367-
mr.file_path = single_match.split(u':{n}:'.format(n=mr.line_number))[0]
369+
if os.path.isdir(self.target_directory):
370+
mr.line_number, mr.code_content = re.findall(r':(\d+):(.*)', single_match)[0]
371+
mr.file_path = single_match.split(u':{n}:'.format(n=mr.line_number))[0]
372+
else:
373+
mr.line_number, mr.code_content = re.findall(r'(\d+):(.*)', single_match)[0]
374+
mr.file_path = self.target_directory
368375
except Exception:
369376
logger.warning('match line parse exception')
370377
mr.file_path = ''

cobra/pickup.py

+2-1
Original file line numberDiff line numberDiff line change
@@ -530,7 +530,8 @@ def committer(directory, file_path, line_number, length=1):
530530
:param length:
531531
:return: group#1, group#2
532532
"""
533-
os.chdir(directory)
533+
if os.path.isdir(directory):
534+
os.chdir(directory)
534535
cmd = "git blame -L{0},+{1} -- {2}".format(line_number, length, file_path.replace(directory, ''))
535536
p = subprocess.Popen(cmd, shell=True, stderr=subprocess.PIPE, stdout=subprocess.PIPE)
536537
checkout_out, checkout_err = p.communicate()

0 commit comments

Comments
 (0)