work in progress on findings match improvements

veracode · Apr 11, 2024 · 4b9656d · 4b9656d
1 parent f048efa
commit 4b9656d
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 0 deletions.
diff --git a/localtests/test-findings-match.py b/localtests/test-findings-match.py
@@ -0,0 +1,19 @@
+from veracode_api_py import Applications, Findings
+
+findings = Findings().get_findings('0d782d22-a35f-4520-a07c-197facd98e01')
+otherfindings = Findings().get_findings('878e431e-3a1d-4e18-ae21-af59011e743c')
+Findings().match(origin_finding=otherfindings[0],potential_matches=findings,approved_matches_only=False)
+
+match_findings = Findings()._create_match_format_policy(findings,'STATIC')
+match_other_findings = Findings()._create_match_format_policy(otherfindings,'STATIC')
+
+match_findings_s = [{'cwe': pf['cwe'],
+        'source_file': pf['source_file'],
+        'line': pf['line']} for pf in match_findings]
+
+match_other_findings_s = [{'cwe': pf['cwe'],
+        'source_file': pf['source_file'],
+        'line': pf['line']} for pf in match_other_findings]
+
+print(match_findings_s)
+print(match_other_findings_s)
diff --git a/veracode_api_py/findings.py b/veracode_api_py/findings.py
@@ -120,6 +120,10 @@ def _match_static(self,origin_finding,potential_matches,allow_fuzzy_match=False)
     def _get_matched_static_finding_nondebug(self,origin_finding, potential_findings):
         match = None
 
+        #don't try to do fuzzy match if we don't have procedure data
+        if(origin_finding['procedure'] is None):
+           return match
+
         match = next((pf for pf in potential_findings if ((origin_finding['cwe'] == int(pf['cwe'])) & 
                     (origin_finding['procedure'].find(pf['procedure']) > -1 ) & 
                     (origin_finding['relative_location'] == pf['relative_location'] ))), None)
@@ -148,6 +152,7 @@ def _create_match_format_policy(self, policy_findings, finding_type):
                     'relative_location': pf['finding_details'].get('relative_location'),
                     'source_file': self.format_file_path(pf['finding_details'].get('file_path')),
                     'line': pf['finding_details'].get('file_line_number'),
+                    'description': pf['description'],
                     'finding': pf} for pf in policy_findings]
             findings.extend(thesefindings)
         elif finding_type == 'DYNAMIC':