Open quasarea opened 1 year ago
We should investigate this for 4.0.1, our next release.
@quasarea I am looking into this issue and trying to understand it better. From the outputs above, it does not seem like there is a problem: there is an aggregated error ER997.ExceptionLoadingPdb
while running the analysis on the library.dll
, instead of an ER997
error for every rule, as you showed in the output below it. I think this is by design. Could you please confirm if this is the problem you are reporting?
@suvamM I was not aware that ER997.ExceptionLoadingPdb is aggregated, is there documentation entry for what it aggregates? I need to convert this output to matrix, so need to know what fields I need to fill in. Personally would prefer an option to not aggregate such errors, are those showing in sarif files correctly? Will check tomorrow
@suvamM I was not aware that ER997.ExceptionLoadingPdb is agregated, is there documentation entry for what it agregates? I need to convert this output to matrix, so need to know what fields I need to fill in. Personally would prefer an option to not agregate such errors, are those showing in sarif files correctly? Will check tomorrow
OK, so I understood your problem correctly :) Let me check the aggregation logic.
I can confirm that sarif does not contain information about particular tests as well, just aggregation. I think sarif should contain complete information instead. I could add script that if ERR997.ExceptionLoadingPdb then BA2002, BA2006, BA2007, BA2011, BA2013, BA2014, BA2024 failed, but I will have to keep track on your documentation so when you add another test that depends on pdb, I will extend my script. It is not perfect solutions for me ;)
thanks for reporting, adding my input, This was actually implemented as a breaking change by request: https://github.com/microsoft/binskim/pull/465 the binary lacking of pdb is a single issue and can be fixed by a single action to add the missing pdb, and I believe most generic users of BinSkim as a tool would prefer not have the issue duplicated. This change however as a breaking change, will be inconvenient for advanced user that is looking for a complete list.
This looks like a by design for me.
Its all fine if you have documented what tests are aggregated into that error. Personally I dont think it should behave like that in sarif output.
Regards, J
On Fri, 5 May 2023, 19:14 Shaopeng, @.***> wrote:
thanks for reporting, adding my input, This was actually implemented as a breaking change by request:
465 https://github.com/microsoft/binskim/pull/465
the binary lacking of pdb is a single issue and can be fixed by a single action to add the missing pdb, and I believe most generic users of BinSkim as a tool would prefer not have the issue duplicated. This change however as a breaking change, will be inconvenient for advanced user that is looking for a complete list.
This looks like a by design for me.
— Reply to this email directly, view it on GitHub https://github.com/microsoft/binskim/issues/843#issuecomment-1536608373, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACO3GBX43VZB7GWAPJE47C3XEU7PZANCNFSM6AAAAAAWDYGLRM . You are receiving this because you were mentioned.Message ID: @.***>
Calling
results with:
there is no mention of number of tests, i.e. BA2011, while in past it was mentioned, in example here: https://github.com/Azure/azure-cosmos-dotnet-v3/issues/2821 where you clearly see what checks were skipped due to missing pdb: