diff --git a/docs/requirements-docs.txt b/docs/requirements-docs.txt index a95ae18..483a4e9 100644 --- a/docs/requirements-docs.txt +++ b/docs/requirements-docs.txt @@ -1 +1 @@ -furo +sphinx_rtd_theme diff --git a/docs/source/conf.py b/docs/source/conf.py index 3b9402e..9fc9dc7 100644 --- a/docs/source/conf.py +++ b/docs/source/conf.py @@ -13,7 +13,7 @@ # -- General configuration --------------------------------------------------- # https://www.sphinx-doc.org/en/master/usage/configuration.html#general-configuration -extensions = [] +extensions = ['sphinx_rtd_theme'] templates_path = ['_templates'] exclude_patterns = [] @@ -23,6 +23,6 @@ # -- Options for HTML output ------------------------------------------------- # https://www.sphinx-doc.org/en/master/usage/configuration.html#options-for-html-output -html_theme = 'furo' +html_theme = 'sphinx_rtd_theme' html_logo = 'scanosslogo.jpg' html_static_path = ['_static'] diff --git a/inc/file.h b/inc/file.h index 0c9d35f..0c06300 100644 --- a/inc/file.h +++ b/inc/file.h @@ -12,5 +12,5 @@ bool is_dir(char *path); void get_file_md5(char *filepath, uint8_t *md5_result); bool count_all_files(uint8_t *key, uint8_t *subkey, int subkey_ln, uint8_t *raw_data, uint32_t datalen, int iteration, void *ptr); char *get_file_extension(uint8_t *md5); - +char * path_query(uint8_t * file_id); #endif diff --git a/inc/limits.h b/inc/limits.h index b91dedd..69122a4 100644 --- a/inc/limits.h +++ b/inc/limits.h @@ -37,9 +37,9 @@ /* Snippets */ #define DEFAULT_MATCHMAP_FILES 10000 // Default number of files evaluated in snippet matching -#define MAX_MATCHMAP_FILES (DEFAULT_MATCHMAP_FILES * 5) // Max number of files evaluated in snippet matching to prevent performance issues +#define MAX_MATCHMAP_FILES (DEFAULT_MATCHMAP_FILES * 10) // Max number of files evaluated in snippet matching to prevent performance issues +#define MIN_LINES_COVERAGE 0.8 #define SKIP_SNIPPETS_IF_FILE_BIGGER (1024 * 1024 * 4) -#define SKIP_SNIPPETS_IF_STARTS_WITH (const char*[3]) {"{", "purls[0] = strdup(purl); component->purls_md5[0] = malloc(MD5_LEN); - MD5((uint8_t *)component->purls[0], strlen(component->purls[0]), component->purls_md5[0]); + oss_purl.hash_calc( (unsigned char *) component->purls[0], strlen(component->purls[0]), component->purls_md5[0]); } component->age = -1; return true; diff --git a/src/debug.c b/src/debug.c index a76ad05..040a267 100644 --- a/src/debug.c +++ b/src/debug.c @@ -210,7 +210,7 @@ void scan_benchmark() scan->hashes[i] = rand() % 256 + (rand() % 256) * 256 + (rand() % 256) * 256 * 256 + (rand() % 256) * 256 * 256 * 256; } scan->hash_count = total_hashes; - + scan->total_lines = 10; ldb_scan_snippets(scan); scan_data_free(scan); } diff --git a/src/file.c b/src/file.c index 35a9e0d..7525237 100644 --- a/src/file.c +++ b/src/file.c @@ -260,3 +260,32 @@ char *get_file_extension(uint8_t *md5) fetch_recordset(oss_file, md5, get_first_file, out); return out; } + +static bool path_query_handler(struct ldb_table * table, uint8_t * key, uint8_t * subkey, uint8_t * data, uint32_t datalen, int record_number, void * ptr) +{ + char **path = ptr; + /* Decrypt data */ + char * decrypted = decrypt_data(data, datalen, *table, key, subkey); + if (!decrypted || !*decrypted) + return false; + + *path = decrypted; + return true; +} +/** + * @brief Get the file path from the path table. + * @param md5 input path md5 + * @return string with the path + */ +char * path_query(uint8_t * file_id) +{ + char * path = NULL; + if (!path_table_present) + { + scanlog("path_query: path table must be present to use this query\n"); + return NULL; + } + + fetch_recordset(oss_path, file_id, path_query_handler, (void *) &path); + return path; +} \ No newline at end of file diff --git a/src/help.c b/src/help.c index 8b3489d..712fc7c 100644 --- a/src/help.c +++ b/src/help.c @@ -38,10 +38,10 @@ */ void help () { - printf ("ScanOSS Engine v%s\n", SCANOSS_VERSION); - printf ("\n\ -This program performs an OSS inventory for the given TARGET comparing against the ScanOSS Knowledgebase.\n\ -Results are printed in STDOUT in JSON format\n\ + printf ("ScanOSS Engine v%s\n", SCANOSS_VERSION); + printf ("\n\ +This program performs an OSS inventory scan of the specified TARGET by comparing it against the ScanOSS Knowledgebase.\n\ +Results are displayed in JSON format through STDOUT.\n\ \n\ Syntax: scanoss [parameters] [TARGET]\n\ \n\ @@ -56,22 +56,23 @@ Configuration:\n\ -c HINT Provide a component HINT to influence scan results.\n\ -k KEY Displays contents of file KEY from MZ sources archive.\n\ -l LICENSE Displays OSADL metadata for the provided SPDX license ID.\n\ +-p URL_HASH Returns a list with the md5 and path for each project file (pivot table is requeried).\n\ \n\ Options:\n\ --t Tests engine performance.\n\ --v Display version and exit.\n\ --n Specify DB name (default: oss).\n\ --h Display this help and exit.\n\ --d Save debugging information to disk (/tmp).\n\ --q Produces no JSON output. Only debugging info via STDERR.\n\ +-t Run engine performance tests.\n\ +-v Show version information and exit.\n\ +-n Set database name (default: oss).\n\ +-h Display this help information and exit.\n\ +-d Store debugging information to disk (/tmp).\n\ +-q Suppress JSON output (show only debugging info via STDERR).\n\ \n\ -Enviroment variables:\n\ -SCANOSS_MATCHMAP_MAX: define the snippet scanning match map size, %d by default.\n\ -SCANOSS_API_URL: defines the API url, %s by default.\n\ +Environment variables:\n\ +SCANOSS_MATCHMAP_MAX: Set the snippet scanning match map size (default: %d).\n\ +SCANOSS_FILE_CONTENTS_URL: Define the API URL endpoint for sources. Source url wont be reported if it's not defined.\n\ \n\ Engine scanning flags:\n\ -The scanning engine can be configured by passing configuration flags with the -F parameter.\n\ -Alternatively, these value can be written in %s\n\ +Configure the scanning engine using flags with the -F parameter.\n\ +These settings can also be specified in %s\n\ +-------+-------------------------------------------------------+\n\ | Flag | Setting |\n\ +-------+-------------------------------------------------------+\n\ @@ -82,7 +83,7 @@ Alternatively, these value can be written in %s\n\ | 16 | Disable copyrights (default: enabled) |\n\ | 32 | Disable vulnerabilities (default: enabled) |\n\ | 64 | Disable quality (default: enabled) |\n\ -| 128 | Disable cryptography (defalt: enabled) |\n\ +| 128 | Disable cryptography (default: enabled) |\n\ | 256 | Disable best match only (default: enabled) |\n\ | 512 | Hide identified files (default: disabled) |\n\ | 1024 | Enable download_url (default: disabled) |\n\ @@ -91,8 +92,7 @@ Alternatively, these value can be written in %s\n\ | 8192 | Disable health layer (default: enabled) |\n\ | 16384 | Enable high accuracy, slower scan (default: disabled) |\n\ +-------+-------------------------------------------------------+\n\ -Example: scanoss -F 12 DIRECTORY (scans DIRECTORY disabling license and dependency data)\n\ +Example: scanoss -F 12 DIRECTORY (scan DIRECTORY without license and dependency data)\n\ \n\ -Copyright (C) 2018-2022 SCANOSS.COM\n", DEFAULT_MATCHMAP_FILES, API_URL, ENGINE_FLAGS_FILE); - +Copyright (C) 2018-2022 SCANOSS.COM\n", DEFAULT_MATCHMAP_FILES, ENGINE_FLAGS_FILE); } diff --git a/src/main.c b/src/main.c index fddea7b..37c4c6d 100644 --- a/src/main.c +++ b/src/main.c @@ -48,6 +48,7 @@ #include struct ldb_table oss_url; +struct ldb_table oss_pivot; struct ldb_table oss_file; struct ldb_table oss_path; struct ldb_table oss_wfp; @@ -199,6 +200,10 @@ void initialize_ldb_tables(char *name) oss_notices = ldb_read_cfg(dbtable); oss_notices.hash_calc = hash_function_select(oss_notices.key_ln); + snprintf(dbtable, MAX_ARGLN * 2, "%s/%s", oss_db_name, "pivot"); + oss_pivot = ldb_read_cfg(dbtable); + oss_pivot.hash_calc = hash_function_select(oss_pivot.key_ln); + kb_version_get(); osadl_load_file(); @@ -322,7 +327,7 @@ int main(int argc, char **argv) int option; bool invalid_argument = false; char * ldb_db_name = NULL; - while ((option = getopt(argc, argv, ":f:s:b:B:c:k:a:F:l:n:M:N:wtvhdqH")) != -1) + while ((option = getopt(argc, argv, ":p:T:s:b:B:c:k:a:F:l:n:M:N:wtvhedqH")) != -1) { /* Check valid alpha is entered */ if (optarg) @@ -386,6 +391,9 @@ int main(int argc, char **argv) case 'N': scan_max_components = atol(optarg); break; + case 'T': + match_list_tolerance_set(atof(optarg)); + break; case 'w': force_wfp = true; break; @@ -398,6 +406,11 @@ int main(int argc, char **argv) scan_benchmark(); exit(EXIT_SUCCESS); break; + case 'p': + initialize_ldb_tables(ldb_db_name); + get_project_files(optarg); + exit(EXIT_SUCCESS); + break; case 'v': printf("scanoss-%s\n", SCANOSS_VERSION); diff --git a/src/match.c b/src/match.c index 1c90cf9..83baefa 100644 --- a/src/match.c +++ b/src/match.c @@ -324,7 +324,7 @@ static bool component_hint_date_comparation(component_data_t *a, component_data_ if (!*a->release_date) return true; - if (!path_is_third_party(a->file) && path_is_third_party(b->file) && !(engine_flags & ENABLE_PATH_HINT)) + if (!path_is_third_party(a->file) && path_is_third_party(b->file)) { scanlog("Component rejected by third party filter\n"); return false; @@ -335,7 +335,7 @@ static bool component_hint_date_comparation(component_data_t *a, component_data_ { if (purl_source_check(a) > purl_source_check(b)) { - scanlog("Component prefered by vsource\n"); + scanlog("Component prefered by source\n"); return true; } @@ -436,24 +436,6 @@ bool add_component_from_urlid(component_list_t *component_list, uint8_t *url_id, return true; } -bool path_query_handler(struct ldb_table * table, uint8_t * key, uint8_t * subkey, uint8_t * data, uint32_t datalen, int record_number, void * ptr) -{ - char **path = ptr; - /* Decrypt data */ - char * decrypted = decrypt_data(data, datalen, *table, key, subkey); - if (!decrypted || !*decrypted) - return false; - - *path = decrypted; - return true; -} -static char * path_query(uint8_t * file_id) -{ - char * path = NULL; - fetch_recordset(oss_path, file_id, path_query_handler, (void *) &path); - return path; -} - /** * @brief Load componentes for a match processing the file recordset list. * For each file in the recordset we will query for the oldest url in the url table. @@ -517,41 +499,14 @@ bool component_from_file(struct ldb_table * table, uint8_t *key, uint8_t *subkey bool load_matches(match_data_t *match) { scanlog("Load matches\n"); - - /* Compile match ranges and fill up matched percent */ - int hits = 100; - int matched_percent = 100; - - /* Get matching line ranges (snippet match) */ - if (match->type == MATCH_SNIPPET) - { - scanlog("compile_ranges returns %d hits\n", hits); - - /* hits = compile_ranges(match); - - if (hits < min_match_hits) - { - match->type = MATCH_NONE; - return false; - } - - float percent = (hits * 100) / match->scan_ower->total_lines; - if (hits) - matched_percent = floor(percent); - if (matched_percent > 99) - matched_percent = 99; - if (matched_percent < 1) - matched_percent = 1; - - asprintf(&match->matched_percent, "%u%%", matched_percent);*/ - } - else if (match->type == MATCH_BINARY) + + if (match->type == MATCH_BINARY) { asprintf(&match->line_ranges, "n/a"); asprintf(&match->oss_ranges, "n/a"); asprintf(&match->matched_percent, "%d functions matched", match->hits); } - else + else if (match->type == MATCH_FILE) { asprintf(&match->line_ranges, "all"); asprintf(&match->oss_ranges, "all"); @@ -757,11 +712,13 @@ void match_select_best(scan_data_t *scan) break; } - if (!best_match_component->identified && match_component->identified) + if ((!best_match_component->identified && match_component->identified) || + (strcmp(best_match_component->vendor,best_match_component->component) && !strcmp(match_component->vendor, match_component->component)) || + (path_is_third_party(best_match_component->file) && !path_is_third_party(match_component->file))) { scanlog("Replacing best match for a prefered component\n"); scan->matches_list_array[i]->best_match = item->match; - } + } } } diff --git a/src/match_list.c b/src/match_list.c index 78eb696..60ef8ef 100644 --- a/src/match_list.c +++ b/src/match_list.c @@ -9,6 +9,7 @@ #include "component.h" int list_size = 0; +static float match_list_tolerance = MATCH_LIST_TOLERANCE; void component_list_destroy(component_list_t *list) { @@ -215,10 +216,19 @@ bool component_list_add_binary(component_list_t *list, component_data_t *new_com return false; } +void match_list_tolerance_set(float in) +{ + if (in > 99) + in = 99; + + match_list_tolerance = 100.0-in; + scanlog("setting match list tolerance to %.1f\n", match_list_tolerance); +} + bool tolerance_eval(int a, int b) { int relative_error = (abs(a - b) * 100) / ((a + b) / 2); - if (100 - relative_error >= MATCH_LIST_TOLERANCE) + if (100 - relative_error >= match_list_tolerance) return true; else return false; @@ -306,11 +316,11 @@ bool match_list_add(match_list_t *list, match_data_t *new_match, bool (*val)(mat } /* in autolimit mode the list doesnt have a fix size, it will accept all the matchest until a 75% of the fist element (the biggest) */ //TODO: this part of the code should be in the function pointer or I need to re-evaluate the archtecture of this function */ - if (list->autolimit && !tolerance_eval(list->headp.lh_first->match->hits, list->last_element->match->hits)) + if (list->autolimit && !tolerance_eval(list->headp.lh_first->match->lines_matched, list->last_element->match->lines_matched)) { np = list->headp.lh_first; /*We have to find and remove the unwanted elements */ - for (; np->entries.le_next != NULL && tolerance_eval(list->headp.lh_first->match->hits, np->entries.le_next->match->hits); np = np->entries.le_next) + for (; np->entries.le_next != NULL && tolerance_eval(list->headp.lh_first->match->lines_matched, np->entries.le_next->match->lines_matched); np = np->entries.le_next) { } diff --git a/src/pivot.c b/src/pivot.c new file mode 100644 index 0000000..ecc2584 --- /dev/null +++ b/src/pivot.c @@ -0,0 +1,82 @@ +#include "scanoss.h" +#include +#include "decrypt.h" +#include "debug.h" +#include "file.h" +struct out_buffer_s { + char * buffer; + int pos; +}; + +struct get_path_s { + char **paths; + uint8_t * url_key; + int paths_index; +}; + + +bool get_file_path_hash(struct ldb_table * table, uint8_t *key, uint8_t *subkey, uint8_t *data, uint32_t datalen, int iteration, void *ptr) +{ + if (datalen < table->key_ln) + return false; + struct get_path_s * get_path_url = ptr; + //if the url key is not the same is not a useful match + if (memcmp(get_path_url->url_key, data, table->key_ln)) + return false; + + char * decrypted = NULL; + + if (path_table_present) + { + decrypted = path_query(&data[table->key_ln]); + } + else + { + /* Decrypt data */ + decrypted = decrypt_data(data, datalen, *table, key, subkey); + } + + + get_path_url->paths = realloc(get_path_url->paths, (get_path_url->paths_index + 1) * sizeof(char*)); + get_path_url->paths[get_path_url->paths_index] = decrypted; + get_path_url->paths_index++; + return true; +} + + +bool get_project_hashes(struct ldb_table * table, uint8_t *key, uint8_t *subkey, uint8_t *data, uint32_t datalen, int iteration, void *ptr) +{ + uint8_t * file_key = data; + struct get_path_s get_path = {.url_key = key, .paths = NULL, .paths_index = 0}; + char key_hex[oss_url.key_ln*2+1]; + ldb_bin_to_hex(file_key,table->key_ln,key_hex); + + fetch_recordset(oss_file, file_key, get_file_path_hash, (void *)&get_path); + char * output = ptr; + char * line = NULL; + for (int i = 0; i < get_path.paths_index; i++) + { + asprintf(&line, "%s,%s\n", key_hex, get_path.paths[i]); + free(get_path.paths[i]); + strcat(output, line); + free(line); + } + + free(get_path.paths); + return false; +} + +void get_project_files(char * url_key_hex) +{ + uint8_t url_key[oss_url.key_ln]; + scanlog("Reconstructing project structure for url %s\n",url_key_hex); + if (!ldb_table_exists(oss_pivot.db, oss_pivot.table)) + { + printf("the pivot table must be present to use this functionality\n"); + exit(EXIT_FAILURE); + } + ldb_hex_to_bin(url_key_hex, oss_url.key_ln*2, url_key); + char * out = calloc(1,1024*1024*500); + fetch_recordset(oss_pivot, url_key, get_project_hashes, (void *)out); + printf("%s", out); +} \ No newline at end of file diff --git a/src/report.c b/src/report.c index 28e0ac5..df6ca96 100644 --- a/src/report.c +++ b/src/report.c @@ -326,18 +326,19 @@ bool print_json_match(struct match_data_t * match) printf(",\"source_hash\": \"%s\"", match->source_md5); /* Output file_url (same as url when match type = url) */ - char * file_url_enabled = getenv("SCANOSS_FILE_CONTENTS"); - if (!file_url_enabled || strcmp(file_url_enabled, "false")) + char * file_contents_url = getenv("SCANOSS_FILE_CONTENTS_URL"); + if (file_contents_url && *file_contents_url && strcmp(file_contents_url, "false")) { if (!match->component_list.headp.lh_first->component->url_match) { - char *custom_url = getenv("SCANOSS_API_URL"); - printf(",\"file_url\": \"%s/file_contents/%s\"", custom_url ? custom_url : API_URL, file_id); + printf(",\"file_url\": \"%s/%s\"", file_contents_url, file_id); } else printf(",\"file_url\": \"%s\"", match->component_list.headp.lh_first->component->url); } - + else //return an empty string + printf(",\"file_url\": \" \""); + if (!(engine_flags & DISABLE_QUALITY)) { print_quality(match); diff --git a/src/scan.c b/src/scan.c index 378e03e..32633ea 100644 --- a/src/scan.c +++ b/src/scan.c @@ -58,7 +58,7 @@ scan_data_t * scan_data_init(char *target, int max_snippets, int max_components) scan_data_t * scan = calloc(1, sizeof(*scan)); scan->file_path = strdup(target); scan->file_size = malloc(32); - scan->hashes = malloc(MAX_FILE_SIZE); + scan->hashes = calloc(MAX_FILE_SIZE,1); scan->lines = malloc(MAX_FILE_SIZE); scan->match_type = MATCH_NONE; diff --git a/src/snippets.c b/src/snippets.c index dd352d4..51d40a5 100644 --- a/src/snippets.c +++ b/src/snippets.c @@ -93,7 +93,7 @@ static bool hit_test(match_data_t *a, match_data_t *b) return false; } - bool ranges_intersection(match_data_t *a, match_data_t *b) +bool ranges_intersection(match_data_t *a, match_data_t *b) { for (int i = 0; i < a->matchmap_reg->ranges_number; i++) { @@ -119,7 +119,7 @@ void biggest_snippet(scan_data_t *scan) scan->matches_list_array_indirection[i] = -1; /*Fill the matches list with the files from the matchmap */ - for (int sector = 0; sector < 255; sector++) + for (int sector = 0; sector < 256; sector++) { int j = scan->matchmap_rank_by_sector[sector]; @@ -144,17 +144,21 @@ void biggest_snippet(scan_data_t *scan) continue; } - int hits = compile_ranges(match_new); - if (hits < min_match_hits) + int matched_lines = compile_ranges(match_new); + if (matched_lines < min_match_lines) { + match_data_free(match_new); continue; + } - float percent = (hits * 100) / match_new->scan_ower->total_lines; + float percent = (matched_lines * 100) / match_new->scan_ower->total_lines; int matched_percent = floor(percent); if (matched_percent > 99) matched_percent = 99; if (matched_percent < 1) matched_percent = 1; asprintf(&match_new->matched_percent, "%u%%", matched_percent); + match_new->lines_matched = matched_lines; + //match_new->hits = hits; do /*Check if there is already a list for this line ranges */ @@ -201,6 +205,7 @@ void biggest_snippet(scan_data_t *scan) } } + /** * @brief Handler function to collect all file ids. * Will be executed for the ldb_fetch_recordset function in each iteration. See LDB documentation for more details. @@ -376,6 +381,9 @@ matchmap_range * ranges_join_overlapping(matchmap_range *ranges, int size) { if(out_ranges_index >= 0 && (ranges[i].from - tolerance <= out_ranges[out_ranges_index].to)) { + if (out_ranges[out_ranges_index].to > ranges[i].to) + continue; + out_ranges[out_ranges_index].to = ranges[i].to; //scanlog("join range %d with %d\n", i, out_ranges_index); } @@ -425,35 +433,7 @@ uint32_t compile_ranges(match_data_t *match) return 0; } - uint16_t reported_hits = match->matchmap_reg->hits; int hits = 0; - /* Revise hits and decrease if needed */ - for (uint32_t i = 0; i < match->matchmap_reg->ranges_number; i++) - { - long from = match->matchmap_reg->range[i].from; - long to = match->matchmap_reg->range[i].to; - long delta = to - from; - - if (to < 1) - break; - - /* Ranges to be ignored (under min_match_lines) should decrease hits counter */ - if (delta < min_match_lines) - { - /* Single-line range decreases by 1, otherwise decrease by 2 (from and to) */ - reported_hits -= ((delta == 0) ? 1 : 2); - } - - /* Exit if hits is below two */ - if (reported_hits < min_match_hits) - { - scanlog("Discarted ranges brings hits count to %u (MIN MATCH HITS: %d)\n", reported_hits, min_match_hits); - return reported_hits; - } - - //scanlog("compile_ranges #%d = %ld to %ld - OSS from: %d\n", i, from, to, match->matchmap_reg->range[i].oss_line); - } - /* Add tolerances and assemble line ranges */ ranges_sort(match->matchmap_reg->range, match->matchmap_reg->ranges_number); @@ -722,6 +702,8 @@ int add_file_to_matchmap(scan_data_t *scan, matchmap_entry_t *item, uint8_t *md5 */ match_t ldb_scan_snippets(scan_data_t *scan) { + if (!ldb_table_exists(oss_wfp.db, oss_wfp.table)) //skip purl if the table is not present + return MATCH_NONE; scanlog("ldb_scan_snippets\n"); if (!scan->hash_count) @@ -840,7 +822,7 @@ match_t ldb_scan_snippets(scan_data_t *scan) } if (cat_limit > scan->max_matchmap_size) { - if ((hashes_to_process < scan->hash_count / 10 || (float) lines_coverage / scan->hash_count < 0.6) && cat_limit < MAX_MATCHMAP_FILES) + if ((hashes_to_process < scan->hash_count / 10 || (float) lines_coverage / scan->hash_count < MIN_LINES_COVERAGE) && cat_limit < MAX_MATCHMAP_FILES) { scan->max_matchmap_size += map[map_indirection[i][j]].size; } @@ -911,13 +893,16 @@ match_t ldb_scan_snippets(scan_data_t *scan) break; } - int pos = add_file_to_matchmap(scan, &map[i], &md5s[wfp_p], last_sector_aux, §or_max, &scan->matchmap_rank_by_sector[sector]); - /*if (pos >= 0 && debug_on) + add_file_to_matchmap(scan, &map[i], &md5s[wfp_p], last_sector_aux, §or_max, &scan->matchmap_rank_by_sector[sector]); + //uncomment for debugging + /*int pos = add_file_to_matchmap(scan, &map[i], &md5s[wfp_p], last_sector_aux, §or_max, &scan->matchmap_rank_by_sector[sector]); + if (pos >= 0 && debug_on) { char key_hex[(MD5_LEN+2)*2 + 1]; ldb_bin_to_hex(&md5s[wfp_p], MD5_LEN+2, key_hex); printf("%02x%02x%02x%02x,%s\n", map[i].wfp[0], map[i].wfp[1], map[i].wfp[2], map[i].wfp[3], key_hex); }*/ + } } diff --git a/src/util.c b/src/util.c index 0b6316a..a162359 100644 --- a/src/util.c +++ b/src/util.c @@ -296,62 +296,61 @@ void free_and_null(void * pr) bool path_is_third_party(const char *path) { - if (!path) - return true; - - // Array de patrones comunes - const char *patterns[] = { - "third_party", - "3rdparty", - "vendor", - "external", - "dependencies", - "ext", - "contrib", - "externals", - "third-party", - "node_modules", - "components", - "deps", - "modules", - "nuget", - "imported", - "foreign", - "extern", - "bundle", - "pip_packages", - "bower_components", - "jspm_packages", - "site-packages", - "jars", - "assemblies", - "assets/vendor", - "published", - "packages.lock", - "pod", - "Pods", - "cargo_home", - "gems", - "composer/vendor", - "_vendor", - "go/pkg", - "vendors", - "extern", - "extlib", - "local_packages", - "managed", - "3rd", - "thirdparty"}; - - // Número de patrones a verificar - const int numPatterns = sizeof(patterns) / sizeof(patterns[0]); - - // Verificar cada patrón - for (int i = 0; i < numPatterns; i++) - { - if (strstr(path, patterns[i]) != NULL) - return true; - } - - return false; + const char* patterns[] = { + "third_party", + "3rdparty", + "site-packages", + "vendor", + "external", + "dependencies", + "ext", + "contrib", + "externals", + "third-party", + "node_modules", + "components", + "deps", + "modules", + "nuget", + "imported", + "foreign", + "extern", + "bundle", + "pip_packages", + "bower_components", + "jspm_packages", + "site-packages", + "jars", + "assemblies", + "assets/vendor", + "published", + "packages.lock", + "pod", + "Pods", + "cargo_home", + "gems", + "composer/vendor", + "_vendor", + "go/pkg", + "vendors", + "extern", + "extlib", + "local_packages", + "managed", + "3rd", + "thirdparty", + "LibResources" + }; + + const int numPatterns = sizeof(patterns) / sizeof(patterns[0]); + + for (int i = 0; i < numPatterns; i++) + { + if (strstr(path, patterns[i]) != NULL) + { + return true; + } + } + + return false; } diff --git a/src/versions.c b/src/versions.c index 405beed..2639bf8 100644 --- a/src/versions.c +++ b/src/versions.c @@ -55,10 +55,10 @@ void normalise_version(char *version, char *component) return; char aux[MAX_FIELD_LN] = "\0"; + int compt_len = strlen(component); /* Remove leading component name from version */ - if ((version && component) && stristart(version, component)) + if ((version && component) && stristart(version, component) && strlen(version) > compt_len + 1) { - int compt_len = strlen(component); sprintf(aux, "%s",version + compt_len + 1); }