Skip to content

Commit bbae9bf

Browse files
authored
feat: No-Scan for binary checker pipeline (not complete)
Currently if we use `--no-scan` flag in the CLI the language parser pipeline is skipped and the binary checker scan is run without any interaction from the database.
1 parent aa72abd commit bbae9bf

File tree

2 files changed

+22
-2
lines changed

2 files changed

+22
-2
lines changed

cve_bin_tool/cli.py

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -353,6 +353,9 @@ def main(argv=None):
353353
help="strip scan directory from sbom evidence location paths and CVE paths (useful with a firmware dump)",
354354
default=False,
355355
)
356+
output_group.add_argument(
357+
"--no-scan", action="store_true", help="No-Scan Mode", default=False
358+
)
356359
vex_output_group = parser.add_argument_group(
357360
"Vex Output", "Arguments related to Vex output document."
358361
)
@@ -1121,6 +1124,7 @@ def main(argv=None):
11211124
error_mode=error_mode,
11221125
validate=not args["disable_validation_check"],
11231126
sources=enabled_sources,
1127+
no_scan=args["no_scan"],
11241128
)
11251129
version_scanner.remove_skiplist(skips)
11261130
LOGGER.info(f"Number of checkers: {version_scanner.number_of_checkers()}")
@@ -1137,19 +1141,24 @@ def main(argv=None):
11371141
for scan_info in version_scanner.recursive_scan(args["directory"]):
11381142
if scan_info:
11391143
product_info, path = scan_info
1140-
LOGGER.debug(f"{product_info}: {path}")
1144+
LOGGER.debug(f"Product Info: {product_info}, Path: {path}")
11411145
# add product_info to parsed_data to check for with vex file
11421146
if product_info in parsed_data:
11431147
# update the paths in triage_data with the new path
11441148
triage_data = parsed_data[product_info]
1149+
LOGGER.debug("Product info in parsed data")
1150+
LOGGER.debug(f"Triage Data: {triage_data}")
11451151
triage_data["paths"].add(path)
11461152
else:
11471153
# create a new entry if product_info not in parsed_data
1154+
LOGGER.debug("Product info not in parsed data")
11481155
triage_data = {"default": {}, "paths": {path}}
1156+
LOGGER.debug(f"Triage Data: {triage_data}")
11491157
parsed_data[product_info] = triage_data
11501158

11511159
cve_scanner.get_cves(product_info, triage_data)
11521160
total_files = version_scanner.total_scanned_files
1161+
LOGGER.info(f"Total files: {total_files}")
11531162

11541163
if args["merge"]:
11551164
cve_scanner = merge_cve_scanner

cve_bin_tool/version_scanner.py

Lines changed: 12 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -44,7 +44,9 @@ def __init__(
4444
score: int = 0,
4545
validate: bool = True,
4646
sources=None,
47+
no_scan=False,
4748
):
49+
self.no_scan = no_scan
4850
self.logger = logger or LOGGER.getChild(self.__class__.__name__)
4951
# Update egg if installed in development mode
5052
if IS_DEVELOP():
@@ -68,7 +70,7 @@ def __init__(
6870
self.error_mode = error_mode
6971
self.cve_db = CVEDB(sources=sources)
7072
self.validate = validate
71-
# self.logger.info("Checkers loaded: %s" % (", ".join(self.checkers.keys())))
73+
self.logger.info("Checkers loaded: %s" % (", ".join(self.checkers.keys())))
7274
self.language_checkers = valid_files
7375
self.language_checkers_names = self.available_language_checkers()
7476

@@ -260,6 +262,10 @@ def scan_file(self, filename: str) -> Iterator[ScanInfo]:
260262
# parse binary file's strings
261263
lines = parse_strings(filename)
262264

265+
if self.no_scan:
266+
yield from self.run_checkers(filename, lines)
267+
return
268+
263269
if output:
264270
valid_file = False
265271
for file in list(self.language_checkers.keys()):
@@ -334,6 +340,11 @@ def scan_and_or_extract_file(
334340

335341
def recursive_scan(self, scan_path: str) -> Iterator[ScanInfo]:
336342
"""Recursively scan files and directories, extracting information, and yielding the results using a generator."""
343+
if self.no_scan:
344+
LOGGER.info("No Scan Mode: No CVE Scanning")
345+
LOGGER.info(
346+
"Currently the No Scan Mode is being built, and we will release a beta version soon"
347+
)
337348
with Extractor(logger=self.logger, error_mode=self.error_mode) as ectx:
338349
if Path(scan_path).is_dir():
339350
for filepath in self.walker([scan_path]):

0 commit comments

Comments
 (0)