Skip to content

Commit

Permalink
Merge pull request #386 from DataDog/s.obregoso/fix_bundled_binary
Browse files Browse the repository at this point in the history
Bugfix Bundled binary rule
  • Loading branch information
sobregosodd authored Jun 19, 2024
2 parents 5f27b11 + ea45764 commit a795108
Show file tree
Hide file tree
Showing 2 changed files with 75 additions and 19 deletions.
3 changes: 1 addition & 2 deletions guarddog/analyzer/metadata/bundled_binary.py
Original file line number Diff line number Diff line change
Expand Up @@ -35,9 +35,8 @@ def detect(
if not path:
raise ValueError("path is needed to run heuristic " + self.get_name())

bin_files = []
for root, _, files in os.walk(path):
bin_files = []

for f in files:
kind = self.is_binary(os.path.join(root, f))
if kind:
Expand Down
91 changes: 74 additions & 17 deletions tests/analyzer/metadata/test_bundled_binary.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,52 +3,109 @@

import pytest

from guarddog.analyzer.metadata.bundled_binary import BundledBinary
from guarddog.analyzer.metadata.npm import NPMBundledBinary
from guarddog.analyzer.metadata.pypi import PypiBundledBinary
from tests.analyzer.metadata.resources.sample_project_info import (
PYPI_PACKAGE_INFO,
generate_pypi_project_info,
)
PYPI_PACKAGE_INFO, generate_pypi_project_info)

pypi_detector = PypiBundledBinary()
npm_detector = NPMBundledBinary()


class TestBundleBinary:
pypi_detector = PypiBundledBinary()
npm_detector = NPMBundledBinary()
nonempty_information = PYPI_PACKAGE_INFO

binary_sample_exe = b"\x4D\x5A" + b"0x90" * 10 # exe magic number plus nop sled
binary_sample_elf = (
b"\x7F\x45\x4C\x46" + b"0x90" * 10
) # elf magic number plus nop sled

def test_exe_npm(self):
@pytest.mark.parametrize(
"detector",
[
(pypi_detector),
(npm_detector),
],
)
def test_exe(self, detector: BundledBinary):
with tempfile.TemporaryDirectory() as dir:
full_path = os.path.join(dir, "package")
os.mkdir(full_path)
with open(os.path.join(full_path, "windows.txt"), "wb") as f:
f.write(b"\x4D\x5A" + b"0x90"*10) # exe plus nop sled
matches, _ = self.npm_detector.detect({}, dir)
f.write(self.binary_sample_exe)
matches, _ = detector.detect({}, dir)
assert matches

def test_elf_pypi(self):
@pytest.mark.parametrize(
"detector",
[
(pypi_detector),
(npm_detector),
],
)
def test_elf(self, detector: BundledBinary):
with tempfile.TemporaryDirectory() as dir:
full_path = os.path.join(dir, "package")
os.mkdir(full_path)
with open(os.path.join(full_path, "linux.txt"), "wb") as f:
f.write(b"\x7F\x45\x4C\x46" + b"0x90"*10)
matches, _ = self.pypi_detector.detect({}, dir)
f.write(self.binary_sample_elf)
matches, _ = detector.detect({}, dir)
assert matches

def test_plain(self):
@pytest.mark.parametrize(
"detector",
[
(pypi_detector),
(npm_detector),
],
)
def test_plain(self, detector: BundledBinary):
with tempfile.TemporaryDirectory() as dir:
full_path = os.path.join(dir, "package")
os.mkdir(full_path)
with open(os.path.join(full_path, "file.exe"), "w") as f:
f.write("Hello world")
matches, _ = self.npm_detector.detect({}, dir)
matches, _ = detector.detect({}, dir)
assert not matches

def test_empty(self):
@pytest.mark.parametrize(
"detector",
[
(pypi_detector),
(npm_detector),
],
)
def test_empty(self, detector: BundledBinary):
with tempfile.TemporaryDirectory() as dir:
full_path = os.path.join(dir, "package")
os.mkdir(full_path)
with open(os.path.join(full_path, "some_file"), "w") as f:
pass
matches, _ = self.pypi_detector.detect({}, dir)
assert not matches
matches, _ = detector.detect({}, dir)
assert not matches

@pytest.mark.parametrize(
"detector",
[
(pypi_detector),
(npm_detector),
],
)
def test_multiplebinaries(self, detector: BundledBinary):
with tempfile.TemporaryDirectory() as dir:
full_path1 = os.path.join(dir, "package")
os.mkdir(full_path1)
with open(os.path.join(full_path1, "file1"), "wb") as f:
f.write(self.binary_sample_elf)
full_path2 = os.path.join(full_path1, "nested")
os.mkdir(full_path2)
with open(os.path.join(full_path2, "file2"), "wb") as f:
f.write(self.binary_sample_exe)

matches, msg = detector.detect({}, dir)

assert matches
assert "file1" in msg
assert "exe" in msg
assert "file2" in msg
assert "elf" in msg

0 comments on commit a795108

Please sign in to comment.