增加C++示例规则

10 months ago · 1534e32307
parent c882780adf
commit 1534e32307
6 changed files with 159 additions and 7 deletions
--- a/sonar-keyware-plugins-cxx/pom.xml
+++ b/sonar-keyware-plugins-cxx/pom.xml
@ -37,7 +37,7 @@
        <mockito-all.version>1.10.19</mockito-all.version>
        <mockito-core.version>5.8.0</mockito-core.version>
        <assertj-core.version>3.24.2</assertj-core.version>
-        <junit-jupiter.version>5.10.1</junit-jupiter.version>
+        <junit-jupiter.version>5.9.1</junit-jupiter.version>
    </properties>

    <dependencies>
@ -80,33 +80,40 @@
        <dependency>
            <groupId>com.google.code.findbugs</groupId>
            <artifactId>jsr305</artifactId>
+            <version>${jsr305.version}</version>
        </dependency>
        <dependency>
            <groupId>com.google.guava</groupId>
            <artifactId>guava</artifactId>
+            <version>${guava.version}</version>
        </dependency>
        <dependency>
            <groupId>com.google.code.gson</groupId>
            <artifactId>gson</artifactId>
+            <version>${gson.version}</version>
        </dependency>
        <dependency>
            <groupId>org.mockito</groupId>
            <artifactId>mockito-core</artifactId>
+            <version>${mockito-core.version}</version>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.assertj</groupId>
            <artifactId>assertj-core</artifactId>
+            <version>${assertj-core.version}</version>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.junit.jupiter</groupId>
            <artifactId>junit-jupiter-engine</artifactId>
+            <version>${junit-jupiter.version}</version>
            <scope>test</scope>
        </dependency>
        <dependency>
            <groupId>org.junit.jupiter</groupId>
            <artifactId>junit-jupiter-api</artifactId>
+            <version>${junit-jupiter.version}</version>
            <scope>test</scope>
        </dependency>
    </dependencies>
--- a/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/ABCVarNameChecker.java
+++ b/sonar-keyware-plugins-cxx/src/main/java/com/keyware/sonar/cxx/rules/checkers/ABCVarNameChecker.java
@ -10,30 +10,47 @@ import com.sonar.cxx.sslr.api.AstNode;
 import com.sonar.cxx.sslr.api.Grammar;
 import org.sonar.check.Priority;
 import org.sonar.check.Rule;
+import org.sonar.check.RuleProperty;
 import org.sonar.cxx.parser.CxxGrammarImpl;
-import org.sonar.cxx.squidbridge.SquidAstVisitor;
 import org.sonar.cxx.squidbridge.annotations.ActivatedByDefault;
 import org.sonar.cxx.squidbridge.annotations.SqaleConstantRemediation;
+import org.sonar.cxx.squidbridge.checks.SquidCheck;
+
+import static com.sonar.cxx.sslr.api.GenericTokenType.IDENTIFIER;
+import static javax.swing.Action.DEFAULT;

 /**
- * TODO DemoChecker
+ * TODO ABCVarNameChecker
 *
 * @author GuoXin
 * @date 2024/1/6
 */
-@Rule(key = "DemoChecker", name = "DemoChecker", description = "DemoChecker", priority = Priority.INFO, tags = {"28Suo"})
+@Rule(key = "ABCVarNameChecker", name = "变量名称不可以是ABC", description = "变量名称不可以是ABC", priority = Priority.INFO, tags = {"28Suo"})
@ActivatedByDefault
@SqaleConstantRemediation("5min")
-public class DemoChecker extends SquidAstVisitor<Grammar> {
+public class ABCVarNameChecker extends SquidCheck<Grammar> {
+    /**
+     * format
+     */
+    @RuleProperty(
+            key = "format",
+            defaultValue = "" + DEFAULT)
+    public String format = DEFAULT;
    @Override
    public void init() {
        this.subscribeTo(
-                CxxGrammarImpl.functionDefinition
+                CxxGrammarImpl.declaratorId
        );
    }

    @Override
    public void visitNode(AstNode astNode) {
-        super.visitNode(astNode);
+        var idNode = astNode.getLastChild(IDENTIFIER);
+        if (idNode != null) {
+            String identifier = idNode.getTokenValue();
+            if ("ABC".equals(identifier)) {
+                getContext().createLineViolation(this, "变量名称不可以是ABC", idNode);
+            }
+        }
    }
 }
--- a/sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/CxxFileTester.java
+++ b/sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/CxxFileTester.java
@ -0,0 +1,21 @@
+/*
+ * Copyright (c) 2023 - 2024. KeyWare.Co.Ltd All rights reserved.
+ * 项目名称：C++ 信息安全性设计准则
+ * 项目描述：用于检查C++源代码的安全性设计准则的Sonarqube插件
+ * 版权说明：本软件属北京关键科技股份有限公司所有，在未获得北京关键科技股份有限公司正式授权情况下，任何企业和个人，不能获取、阅读、安装、传播本软件涉及的任何受知识产权保护的内容。
+ */
+package com.keyware.sonar.cxx;
+
+import org.sonar.api.batch.fs.InputFile;
+import org.sonar.api.batch.sensor.internal.SensorContextTester;
+
+public class CxxFileTester {
+
+  public InputFile cxxFile;
+  public SensorContextTester context;
+
+  public InputFile asInputFile() {
+    return cxxFile;
+  }
+
+}
--- a/sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/CxxFileTesterHelper.java
+++ b/sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/CxxFileTesterHelper.java
@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 2023 - 2024. KeyWare.Co.Ltd All rights reserved.
+ * 项目名称：C++ 信息安全性设计准则
+ * 项目描述：用于检查C++源代码的安全性设计准则的Sonarqube插件
+ * 版权说明：本软件属北京关键科技股份有限公司所有，在未获得北京关键科技股份有限公司正式授权情况下，任何企业和个人，不能获取、阅读、安装、传播本软件涉及的任何受知识产权保护的内容。
+ */
+package com.keyware.sonar.cxx;
+
+import org.apache.commons.io.ByteOrderMark;
+import org.apache.commons.io.input.BOMInputStream;
+import org.sonar.api.batch.fs.internal.DefaultInputFile;
+import org.sonar.api.batch.fs.internal.TestInputFileBuilder;
+import org.sonar.api.batch.sensor.internal.SensorContextTester;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.UnsupportedEncodingException;
+import java.nio.charset.Charset;
+import java.nio.file.Path;
+
+public class CxxFileTesterHelper {
+
+    private CxxFileTesterHelper() {
+        // utility class
+    }
+
+    public static CxxFileTester create(String fileName)
+            throws UnsupportedEncodingException, IOException {
+        var path = "src/test/resources/com/keyware/sonar/cxx/rules/checkers/" + fileName;
+        return create(path, ".", Charset.defaultCharset());
+    }
+
+    public static CxxFileTester create(String fileName, String basePath, Charset charset)
+            throws UnsupportedEncodingException, IOException {
+        var tester = new CxxFileTester();
+
+        tester.context = SensorContextTester.create(new File(basePath));
+        tester.cxxFile = createInputFile(fileName, basePath, charset);
+        tester.context.fileSystem().add(tester.cxxFile);
+
+        return tester;
+    }
+
+    private static DefaultInputFile createInputFile(String fileName, String basePath, Charset charset) throws IOException {
+        var fb = TestInputFileBuilder.create("", fileName);
+
+        fb.setCharset(charset);
+        fb.setProjectBaseDir(Path.of(basePath));
+        fb.setContents(getSourceCode(Path.of(basePath, fileName).toFile(), charset));
+
+        return fb.build();
+    }
+
+    private static String getSourceCode(File filename, Charset defaultCharset) throws IOException {
+        try (var bomInputStream = new BOMInputStream(new FileInputStream(filename),
+                ByteOrderMark.UTF_8,
+                ByteOrderMark.UTF_16LE,
+                ByteOrderMark.UTF_16BE,
+                ByteOrderMark.UTF_32LE,
+                ByteOrderMark.UTF_32BE)) {
+            ByteOrderMark bom = bomInputStream.getBOM();
+            Charset charset = bom != null ? Charset.forName(bom.getCharsetName()) : defaultCharset;
+            byte[] bytes = bomInputStream.readAllBytes();
+            return new String(bytes, charset);
+        }
+    }
+}
--- a/sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/rules/checkers/ABCVarNameCheckerTest.java
+++ b/sonar-keyware-plugins-cxx/src/test/java/com/keyware/sonar/cxx/rules/checkers/ABCVarNameCheckerTest.java
@ -0,0 +1,33 @@
+/*
+ * Copyright (c) 2023 - 2024. KeyWare.Co.Ltd All rights reserved.
+ * 项目名称：C++ 信息安全性设计准则
+ * 项目描述：用于检查C++源代码的安全性设计准则的Sonarqube插件
+ * 版权说明：本软件属北京关键科技股份有限公司所有，在未获得北京关键科技股份有限公司正式授权情况下，任何企业和个人，不能获取、阅读、安装、传播本软件涉及的任何受知识产权保护的内容。
+ */
+package com.keyware.sonar.cxx.rules.checkers;
+
+import org.junit.jupiter.api.Test;
+import org.sonar.cxx.CxxAstScanner;
+import com.keyware.sonar.cxx.CxxFileTesterHelper;
+import org.sonar.cxx.squidbridge.api.SourceFile;
+import org.sonar.cxx.squidbridge.checks.CheckMessagesVerifier;
+
+import java.io.IOException;
+
+/**
+ * TODO ABCVarNameCheckerTest
+ *
+ * @author GuoXin
+ * @date 2024/1/8
+ */
+public class ABCVarNameCheckerTest {
+    @Test
+    public void checkTest() throws IOException {
+        var checker = new ABCVarNameChecker();
+        var tester = CxxFileTesterHelper.create("ABCVarNameChecker.cc");
+        SourceFile file = CxxAstScanner.scanSingleInputFile(tester.asInputFile(), checker);
+        CheckMessagesVerifier.verify(file.getCheckMessages())
+                .next().atLine(3).withMessage("变量名称不可以是ABC")
+                .noMore();
+    }
+}
--- a/sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/ABCVarNameChecker.cc
+++ b/sonar-keyware-plugins-cxx/src/test/resources/com/keyware/sonar/cxx/rules/checkers/ABCVarNameChecker.cc
@ -0,0 +1,6 @@
+// ABCVarNameChecker
+int main(void){
+    int ABC = 1; // error
+    int abc = 2;
+    return 0;
+}