格式化规则
(self, work_dir, rule_list)
| 82 | return regexes |
| 83 | |
| 84 | def __format_rules(self, work_dir, rule_list): |
| 85 | """格式化规则 |
| 86 | """ |
| 87 | rules = {"rules": []} |
| 88 | no_params_rules = [] |
| 89 | for rule in rule_list: |
| 90 | rule_name = rule['name'] |
| 91 | if not rule.get('params'): |
| 92 | logger.error(f"{rule_name} rule parameter is empty, check for existing rules.") |
| 93 | rules["rules"].append({"name":rule_name}) |
| 94 | no_params_rules.append(rule_name) |
| 95 | continue |
| 96 | if "[regexcheck]" in rule['params']: |
| 97 | rule_params = rule['params'] |
| 98 | else: |
| 99 | rule_params = "[regexcheck]\r\n" + rule['params'] |
| 100 | rule_params_dict = ConfigReader(cfg_string=rule_params).read('regexcheck') |
| 101 | |
| 102 | regex = rule_params_dict.get("regex", "") |
| 103 | regex_not = rule_params_dict.get("regex_not", "") |
| 104 | if not regex: |
| 105 | rules["rules"].append({"name":rule_name}) |
| 106 | continue |
| 107 | regexes = self.__get_regexes_exp("regex", rule_params_dict) |
| 108 | regexes_not = self.__get_regexes_exp("regex_not", rule_params_dict) |
| 109 | |
| 110 | # 规则的过滤路径(正则表达式) |
| 111 | exclude_paths = rule_params_dict.get('exclude', '') |
| 112 | exclude_paths = [p.strip() for p in exclude_paths.split(';') if p.strip()] if exclude_paths else [] |
| 113 | include_paths = rule_params_dict.get('include', '') |
| 114 | include_paths = [p.strip() for p in include_paths.split(';') if p.strip()] if include_paths else [] |
| 115 | |
| 116 | # 大小写不敏感,可以支持True|true|False|false等 |
| 117 | ignore_comment = True if rule_params_dict.get('ignore_comment', 'False').lower() == 'true' else False |
| 118 | file_scan = True if rule_params_dict.get('file_scan', 'False').lower() == 'true' else False |
| 119 | msg = rule_params_dict.get('msg', "Irregular codes found: %s") |
| 120 | match_group = rule_params_dict.get('match_group', 0) |
| 121 | entropy = rule_params_dict.get('entropy', 0.0) |
| 122 | rule = { |
| 123 | "name": rule_name, |
| 124 | "regex": regex, |
| 125 | "regexes": regexes, |
| 126 | "regex-not": regex_not, |
| 127 | "regexes-not": regexes_not, |
| 128 | "message": msg, |
| 129 | "ignore-comment": ignore_comment, |
| 130 | "filescan": file_scan, |
| 131 | "severity": "error", |
| 132 | "excludes": exclude_paths, |
| 133 | "includes": include_paths, |
| 134 | "match-group": match_group, |
| 135 | "entropy": entropy, |
| 136 | } |
| 137 | rules["rules"].append(rule) |
| 138 | config_rules_path = self.__add_rules(work_dir, no_params_rules) |
| 139 | rules_path = os.path.join(config_rules_path, "regexscanner_rules.yaml") |
| 140 | with open(rules_path, "w", encoding="utf-8") as f: |
| 141 | yaml.dump(rules, f) |
no test coverage detected