Skip to content

Commit cfe9b29

Browse files
rsendenrsenden
authored
Merge pull request #946 from ankit2995/ankit/D1999224
feat: Bug Fixes
2 parents d6ccd95 + e8d2bd9 commit cfe9b29

4 files changed

Lines changed: 89 additions & 21 deletions

File tree

fcli-core/fcli-aviator-common/src/main/java/com/fortify/cli/aviator/fpr/model/FPRInfo.java

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,7 @@ public class FPRInfo {
5252

5353
public FPRInfo(FprHandle fprHandle) {
5454
FPRName = String.valueOf(fprHandle.getFprPath().getFileName());
55+
buildId = "";
5556
try {
5657
extractInfoFromAuditFvdlStreaming(fprHandle);
5758
} catch (Exception e) {
@@ -151,6 +152,10 @@ private void extractInfoFromAuditFvdlStreaming(FprHandle fprHandle) throws Excep
151152
} catch (javax.xml.stream.XMLStreamException e) {
152153
throw new Exception("Failed to parse audit.fvdl using streaming parser", e);
153154
}
155+
156+
if (buildId == null) {
157+
buildId = "";
158+
}
154159
}
155160

156161
/**

fcli-core/fcli-aviator-common/src/main/java/com/fortify/cli/aviator/grpc/AviatorStreamProcessor.java

Lines changed: 17 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -53,6 +53,7 @@
5353
import com.fortify.cli.aviator.util.FileTypeLanguageMapperUtil;
5454
import com.fortify.cli.aviator.util.FileUtil;
5555
import com.fortify.cli.aviator.util.FprHandle;
56+
import com.fortify.cli.aviator.util.StringUtil;
5657

5758
import io.grpc.Status;
5859
import io.grpc.StatusRuntimeException;
@@ -506,19 +507,23 @@ public void onCompleted() {
506507

507508
private void sendInitRequest() throws Exception {
508509
String initRequestId = UUID.randomUUID().toString();
510+
StreamInitRequest.Builder initRequestBuilder = StreamInitRequest.newBuilder()
511+
.setStreamId(currentStreamState.streamId)
512+
.setRequestId(initRequestId)
513+
.setToken(currentStreamState.token)
514+
.setApplicationName(currentStreamState.projectName)
515+
.setSscApplicationName(currentStreamState.SSCApplicationName)
516+
.setSscApplicationVersion(currentStreamState.SSCApplicationVersion)
517+
.setTotalReportedIssues(currentStreamState.totalRequests)
518+
.setTotalIssuesToPredict(currentStreamState.totalRequests);
519+
520+
if (!StringUtil.isEmpty(currentStreamState.FPRBuildId)) {
521+
initRequestBuilder.setFprBuildId(currentStreamState.FPRBuildId);
522+
}
523+
509524
UserPromptRequest initRequest = UserPromptRequest.newBuilder()
510-
.setInit(StreamInitRequest.newBuilder()
511-
.setStreamId(currentStreamState.streamId)
512-
.setRequestId(initRequestId)
513-
.setToken(currentStreamState.token)
514-
.setApplicationName(currentStreamState.projectName)
515-
.setSscApplicationName(currentStreamState.SSCApplicationName)
516-
.setSscApplicationVersion(currentStreamState.SSCApplicationVersion)
517-
.setFprBuildId(currentStreamState.FPRBuildId)
518-
.setTotalReportedIssues(currentStreamState.totalRequests)
519-
.setTotalIssuesToPredict(currentStreamState.totalRequests)
520-
.build())
521-
.build();
525+
.setInit(initRequestBuilder.build())
526+
.build();
522527

523528
requestHandler.sendRequest(initRequest);
524529
LOG.info("Client Id for stream initialization {}", currentStreamState.streamId);

fcli-core/fcli-aviator-common/src/test/java/com/fortify/cli/aviator/audit/IssueAuditorTest.java

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -81,6 +81,37 @@ void tearDown() throws IOException {
8181
}
8282
}
8383

84+
@Test
85+
void testFprInfoMissingBuildIdDefaultsToEmptyString() throws Exception {
86+
if (fprHandle != null) {
87+
fprHandle.close();
88+
fprHandle = null;
89+
}
90+
if (tempFprFile != null) {
91+
Files.deleteIfExists(tempFprFile);
92+
}
93+
94+
tempFprFile = Files.createTempFile("test_aviator_missing_build", ".fpr");
95+
try (ZipOutputStream zos = new ZipOutputStream(Files.newOutputStream(tempFprFile))) {
96+
ZipEntry entry = new ZipEntry("audit.fvdl");
97+
zos.putNextEntry(entry);
98+
String minimalXml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><FVDL><UUID>test-uuid</UUID><Build></Build></FVDL>";
99+
zos.write(minimalXml.getBytes(StandardCharsets.UTF_8));
100+
zos.closeEntry();
101+
102+
ZipEntry indexEntry = new ZipEntry("src-archive/index.xml");
103+
zos.putNextEntry(indexEntry);
104+
String indexXml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?><index></index>";
105+
zos.write(indexXml.getBytes(StandardCharsets.UTF_8));
106+
zos.closeEntry();
107+
}
108+
109+
fprHandle = new FprHandle(tempFprFile);
110+
FPRInfo fprInfo = new FPRInfo(fprHandle);
111+
112+
assertEquals("", fprInfo.getBuildId());
113+
}
114+
84115
@Test
85116
void testFilterVulnerabilities_LegacySyntaxWithSpaces() throws Exception {
86117

fcli-core/fcli-aviator/src/main/java/com/fortify/cli/aviator/ssc/helper/AviatorSSCAuditHelper.java

Lines changed: 36 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -196,28 +196,33 @@ public static String getProgressMessage(FPRAuditResult auditResult) {
196196
public static long getAuditableIssueCount(UnirestInstance unirest, SSCAppVersionDescriptor av, AviatorLoggerImpl logger, boolean noFilterSet, SSCIssueFilterSetOptionMixin filterSetOptions, List<String> folderNames) {
197197
logger.progress("Status: Checking for auditable issues...");
198198

199-
GetRequest request = unirest.get(SSCUrls.PROJECT_VERSION_ISSUES(av.getVersionId()))
200-
.queryString("limit", PAGE_LIMIT)
201-
.queryString("embed", "auditValues")
202-
.queryString("qm", "issues")
203-
.queryString("q", "audited:false");
199+
LOG.debug("Starting auditable issue count for SSC version {} (application='{}', version='{}') with pageLimit={}, noFilterSet={}",
200+
av.getVersionId(), av.getApplicationName(), av.getVersionName(), PAGE_LIMIT, noFilterSet);
204201

205202
// Apply filter set if specified
206203
SSCIssueFilterSetDescriptor filterSetDescriptor = null;
204+
String filterSetGuid = null;
207205
if (!noFilterSet) {
208206
SSCIssueFilterSetHelper filterSetHelper = new SSCIssueFilterSetHelper(unirest, av.getVersionId());
209207
filterSetDescriptor = filterSetHelper.getDescriptorByTitleOrId(filterSetOptions.getFilterSetTitleOrId(), false);
210208
if (filterSetDescriptor != null) {
211209
logger.progress("Status: Applying filter set '%s' for issue count check", filterSetDescriptor.getTitle());
212-
request.queryString("filterset", filterSetDescriptor.getGuid());
210+
filterSetGuid = filterSetDescriptor.getGuid();
211+
LOG.debug("Applied SSC filter set '{}' with guid {} while counting auditable issues for version {}",
212+
filterSetDescriptor.getTitle(), filterSetGuid, av.getVersionId());
213+
} else {
214+
LOG.debug("No SSC filter set resolved from options while counting auditable issues for version {}",
215+
av.getVersionId());
213216
}
214217
}
215218

216219
// Apply folder filter if specified
220+
String folderFilter = null;
217221
if (folderNames != null && !folderNames.isEmpty()) {
218-
String folderFilter = getFolderFilter(noFilterSet, filterSetDescriptor, folderNames);
219-
request.queryString("filter", folderFilter);
222+
folderFilter = getFolderFilter(noFilterSet, filterSetDescriptor, folderNames);
220223
logger.progress("Status: Applying folder filter for: %s", String.join(", ", folderNames));
224+
LOG.debug("Applied folder filter '{}' for folders {} while counting auditable issues for version {}",
225+
folderFilter, folderNames, av.getVersionId());
221226
}
222227

223228
long totalAuditableCount = 0;
@@ -226,14 +231,30 @@ public static long getAuditableIssueCount(UnirestInstance unirest, SSCAppVersion
226231

227232
try {
228233
do {
229-
JsonNode response = request.queryString("start", start).asObject(JsonNode.class).getBody();
234+
GetRequest request = unirest.get(SSCUrls.PROJECT_VERSION_ISSUES(av.getVersionId()))
235+
.queryString("limit", PAGE_LIMIT)
236+
.queryString("embed", "auditValues")
237+
.queryString("qm", "issues")
238+
.queryString("q", "audited:false")
239+
.queryString("start", start);
240+
if (filterSetGuid != null) {
241+
request.queryString("filterset", filterSetGuid);
242+
}
243+
if (folderFilter != null) {
244+
request.queryString("filter", folderFilter);
245+
}
246+
LOG.debug("Requesting SSC issues page for version {} with start={} and limit={}",
247+
av.getVersionId(), start, PAGE_LIMIT);
248+
JsonNode response = request.asObject(JsonNode.class).getBody();
230249
if (response == null || !response.has("data")) {
231250
LOG.warn("Invalid response received from issue check; proceeding with FPR download.");
232251
logger.progress("WARN: Invalid response from issue check. Proceeding with FPR download.");
233252
return -1;
234253
}
235254
if (totalFromServer == -1) {
236255
totalFromServer = response.get("count").asLong(0);
256+
LOG.debug("SSC reported {} total issues matching the initial auditable count query for version {}",
257+
totalFromServer, av.getVersionId());
237258
}
238259

239260
ArrayNode issues = (ArrayNode) response.get("data");
@@ -242,12 +263,18 @@ public static long getAuditableIssueCount(UnirestInstance unirest, SSCAppVersion
242263
.filter(issue -> !isProcessedByAviator(issue))
243264
.count();
244265
totalAuditableCount += auditableOnPage;
266+
LOG.debug("Processed SSC issues page for version {}: pageStart={}, pageSize={}, auditableOnPage={}, cumulativeAuditableCount={}, totalFromServer={}",
267+
av.getVersionId(), start, issues.size(), auditableOnPage, totalAuditableCount, totalFromServer);
245268
start += issues.size();
246269
} else {
270+
LOG.debug("SSC returned no more issues for version {} at start={}; stopping pagination with cumulativeAuditableCount={} and totalFromServer={}",
271+
av.getVersionId(), start, totalAuditableCount, totalFromServer);
247272
break; // No more issues
248273
}
249274
} while (start < totalFromServer);
250275

276+
LOG.debug("Completed auditable issue count for version {}: totalAuditableCount={}, totalFromServer={}",
277+
av.getVersionId(), totalAuditableCount, totalFromServer);
251278
logger.progress("Status: Found %d auditable issues.", totalAuditableCount);
252279
return totalAuditableCount;
253280
} catch (UnexpectedHttpResponseException e) {

0 commit comments

Comments
 (0)