From d48a87f6d85b309bfa6712c63c717a839273f048 Mon Sep 17 00:00:00 2001 From: Dmitry Maryushkin Date: Sun, 8 Dec 2024 22:08:14 +0300 Subject: [PATCH 1/4] Add files list in scorecard desc --- mobsf/StaticAnalyzer/views/common/appsec.py | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/mobsf/StaticAnalyzer/views/common/appsec.py b/mobsf/StaticAnalyzer/views/common/appsec.py index b94e106bc..c52b57975 100644 --- a/mobsf/StaticAnalyzer/views/common/appsec.py +++ b/mobsf/StaticAnalyzer/views/common/appsec.py @@ -38,6 +38,17 @@ def common_fields(findings, data): sev = cd['metadata']['severity'] desc = cd['metadata']['description'] ref = cd['metadata'].get('ref', '') + + files_dict = cd.get('files', {}) + files_lines = [f"{file}, line(s) {lines}" + for file, lines in files_dict.items()] + formated_files_str = '\n'.join(files_lines) + + if files_dict: + fdesc = f'{desc}\n{ref}\n\nFiles:\n{formated_files_str}' + else: + fdesc = f'{desc}\n{ref}' + findings[sev].append({ 'title': cd['metadata']['description'], 'description': f'{desc}\n{ref}', From 57eb8345c319737d30e65f659c048018652dceff Mon Sep 17 00:00:00 2001 From: Dmitry Maryushkin Date: Sun, 8 Dec 2024 22:35:43 +0300 Subject: [PATCH 2/4] Add files list in scorecard desc --- mobsf/StaticAnalyzer/views/common/appsec.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mobsf/StaticAnalyzer/views/common/appsec.py b/mobsf/StaticAnalyzer/views/common/appsec.py index c52b57975..1be1d8b84 100644 --- a/mobsf/StaticAnalyzer/views/common/appsec.py +++ b/mobsf/StaticAnalyzer/views/common/appsec.py @@ -51,7 +51,7 @@ def common_fields(findings, data): findings[sev].append({ 'title': cd['metadata']['description'], - 'description': f'{desc}\n{ref}', + 'description': fdesc, 'section': 'code', }) # Permissions From f193ee25095f93bb676bbab02d06850604e9c839 Mon Sep 17 00:00:00 2001 From: Dmitry Maryushkin Date: Sun, 8 Dec 2024 22:36:40 +0300 Subject: [PATCH 3/4] Add files list in scorecard desc --- mobsf/StaticAnalyzer/views/common/appsec.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mobsf/StaticAnalyzer/views/common/appsec.py b/mobsf/StaticAnalyzer/views/common/appsec.py index 1be1d8b84..8b27de1a2 100644 --- a/mobsf/StaticAnalyzer/views/common/appsec.py +++ b/mobsf/StaticAnalyzer/views/common/appsec.py @@ -42,10 +42,10 @@ def common_fields(findings, data): files_dict = cd.get('files', {}) files_lines = [f"{file}, line(s) {lines}" for file, lines in files_dict.items()] - formated_files_str = '\n'.join(files_lines) + all_files_str = '\n'.join(files_lines) if files_dict: - fdesc = f'{desc}\n{ref}\n\nFiles:\n{formated_files_str}' + fdesc = f'{desc}\n{ref}\n\nFiles:\n{all_files_str}' else: fdesc = f'{desc}\n{ref}' From 40c38e561b94c8ba8f17672f08e69fc470d56c75 Mon Sep 17 00:00:00 2001 From: Ajin Abraham Date: Tue, 17 Dec 2024 17:16:49 -0800 Subject: [PATCH 4/4] fix lint --- mobsf/StaticAnalyzer/views/common/appsec.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mobsf/StaticAnalyzer/views/common/appsec.py b/mobsf/StaticAnalyzer/views/common/appsec.py index 8b27de1a2..cb89fe56d 100644 --- a/mobsf/StaticAnalyzer/views/common/appsec.py +++ b/mobsf/StaticAnalyzer/views/common/appsec.py @@ -40,7 +40,7 @@ def common_fields(findings, data): ref = cd['metadata'].get('ref', '') files_dict = cd.get('files', {}) - files_lines = [f"{file}, line(s) {lines}" + files_lines = [f'{file}, line(s) {lines}' for file, lines in files_dict.items()] all_files_str = '\n'.join(files_lines)