CI/CD fixes (#24)

detectors/integer-overflow-or-underflow/src/lib.rs

@@ -4,7 +4,7 @@ extern crate rustc_hir;
 extern crate rustc_middle;
 extern crate rustc_span;
 
-use clippy_utils::diagnostics::span_lint_and_help;
+use clippy_wrappers::span_lint_and_help;
 use rustc_hir::{
     intravisit::{walk_expr, FnKind, Visitor},
     BinOpKind, Body, Expr, ExprKind, FnDecl, UnOp,
@@ -18,7 +18,7 @@ use utils::{match_type_to_str, ConstantAnalyzer};
 pub const LINT_MESSAGE: &str = "Potential for integer arithmetic overflow/underflow. Consider checked, wrapping or saturating arithmetic.";
 
 scout_audit_dylint_linting::declare_late_lint! {
-    pub INTEGER_OVERFLOW_UNDERFLOW,
+    pub INTEGER_OVERFLOW_OR_UNDERFLOW,
     Warn,
     LINT_MESSAGE,
     {
@@ -86,14 +86,14 @@ impl Finding {
         )
     }
 }
-pub struct IntegerOverflowUnderflowVisitor<'a, 'tcx> {
+pub struct IntegerOverflowOrUnderflowVisitor<'a, 'tcx> {
     cx: &'a LateContext<'tcx>,
     findings: Vec<Finding>,
     is_complex_operation: bool,
     constant_analyzer: ConstantAnalyzer<'a, 'tcx>,
 }
 
-impl<'tcx> IntegerOverflowUnderflowVisitor<'_, 'tcx> {
+impl<'tcx> IntegerOverflowOrUnderflowVisitor<'_, 'tcx> {
     pub fn check_pow(&mut self, expr: &Expr<'tcx>, base: &Expr<'tcx>, exponent: &Expr<'tcx>) {
         if self.constant_analyzer.is_constant(base) && self.constant_analyzer.is_constant(exponent)
         {
@@ -162,7 +162,7 @@ impl<'tcx> IntegerOverflowUnderflowVisitor<'_, 'tcx> {
     }
 }
 
-impl<'a, 'tcx> Visitor<'tcx> for IntegerOverflowUnderflowVisitor<'a, 'tcx> {
+impl<'a, 'tcx> Visitor<'tcx> for IntegerOverflowOrUnderflowVisitor<'a, 'tcx> {
     fn visit_expr(&mut self, expr: &'tcx Expr<'tcx>) {
         match expr.kind {
             ExprKind::Binary(op, lhs, rhs) | ExprKind::AssignOp(op, lhs, rhs) => {
@@ -188,7 +188,7 @@ impl<'a, 'tcx> Visitor<'tcx> for IntegerOverflowUnderflowVisitor<'a, 'tcx> {
     }
 }
 
-impl<'tcx> LateLintPass<'tcx> for IntegerOverflowUnderflow {
+impl<'tcx> LateLintPass<'tcx> for IntegerOverflowOrUnderflow {
     fn check_fn(
         &mut self,
         cx: &LateContext<'tcx>,
@@ -211,7 +211,7 @@ impl<'tcx> LateLintPass<'tcx> for IntegerOverflowUnderflow {
         constant_analyzer.visit_body(body);
 
         // Analyze the function for integer overflow/underflow
-        let mut visitor = IntegerOverflowUnderflowVisitor {
+        let mut visitor = IntegerOverflowOrUnderflowVisitor {
             cx,
             findings: Vec::new(),
             is_complex_operation: false,
@@ -223,7 +223,7 @@ impl<'tcx> LateLintPass<'tcx> for IntegerOverflowUnderflow {
         for finding in visitor.findings {
             span_lint_and_help(
                 cx,
-                INTEGER_OVERFLOW_UNDERFLOW,
+                INTEGER_OVERFLOW_OR_UNDERFLOW,
                 finding.span,
                 &finding.generate_message(),
                 None,

run-tests.sh

@@ -0,0 +1,2 @@
+#!/bin/sh
+python3 scripts/run-tests2.py

scripts/run-tests.py

@@ -1,6 +1,8 @@
 import os
 import argparse
 import time
+import tempfile
+import json
 
 from utils import (
     parse_json_from_string,
@@ -14,7 +16,6 @@
 GREEN = "\033[92m"
 ENDC = "\033[0m"
 
-
 def run_tests(detector):
     errors = []
     directory = os.path.join("test-cases", detector)
@@ -27,10 +28,12 @@ def run_tests(detector):
         if is_rust_project(root):
             if run_unit_tests(root):
                 errors.append(root)
-            if run_integration_tests(detector, root):
+            if not run_integration_tests(detector, root):
                 errors.append(root)
     return errors
 
+def convert_code(s):
+    return s.replace('_', '-')
 
 def run_unit_tests(root):
     start_time = time.time()
@@ -76,6 +79,8 @@ def run_integration_tests(detector, root):
     detector_key = detector.replace("-", "_")
     short_message = detector_metadata.get(detector_key, {}).get("short_message")
 
+    _, tempPath = tempfile.mkstemp(None, f'scout_{os.getpid()}_')
+
     returncode, _, stderr = run_subprocess(
         [
             "cargo",
@@ -84,13 +89,21 @@ def run_integration_tests(detector, root):
             detector,
             "--local-detectors",
             os.path.join(os.getcwd(), "detectors"),
+            "--output-format",
+            "raw-json",
+            "--output-path",
+            tempPath,
         ],
         root,
     )
 
-    should_lint = root.endswith("vulnerable-example")
-    if should_lint and short_message and short_message not in stderr:
-        returncode = 1
+    if returncode != 0:
+        return False
+
+    with open(tempPath) as file:
+        detectors_triggered = {convert_code(json.loads(line.rstrip())['code']['code']) for line in file}
+        if ("vulnerable" in root) != (detector in detectors_triggered):
+            return False
 
     print_results(
         returncode,
@@ -99,7 +112,7 @@ def run_integration_tests(detector, root):
         root,
         time.time() - start_time,
     )
-    return returncode != 0
+    return True
 
 
 if __name__ == "__main__":

scripts/run-tests2.py

@@ -0,0 +1,9 @@
+import os
+import stat
+
+def is_dir(path):
+    return stat.S_ISDIR(os.stat(path).st_mode)
+
+for name in os.listdir('test-cases'):
+    if is_dir('test-cases/' + name) and name[0:1] != '.' and name != 'target':
+        os.system(f'python3 scripts/run-tests.py --detector={name}')

test-cases/Cargo.toml

@@ -1,5 +1,9 @@
 [workspace]
-exclude = [".cargo", "target"]
+exclude = [
+    ".cargo",
+    "target",
+    "known-vulnerabilities",
+]
 members = ["*/remediated/remediated-*", "*/vulnerable/vulnerable-*"]
 
 [workspace.package]