fix(codeqlExecuteScan): transforming querySuite to empty string (#4957)

* fixed transforming querySuite to empty string

* fixed error handling

---------

Co-authored-by: Vyacheslav Starostin <[email protected]>
Co-authored-by: Mihai Herda <[email protected]>

Author: 3 people

cmd/codeqlExecuteScan.go

@@ -62,17 +62,9 @@ func codeqlExecuteScan(config codeqlExecuteScanOptions, telemetryData *telemetry
 func appendCodeqlQuerySuite(utils codeqlExecuteScanUtils, cmd []string, querySuite, transformString string) []string {
 	if len(querySuite) > 0 {
 		if len(transformString) > 0 {
-			var bufferOut, bufferErr bytes.Buffer
-			utils.Stdout(&bufferOut)
-			defer utils.Stdout(log.Writer())
-			utils.Stderr(&bufferErr)
-			defer utils.Stderr(log.Writer())
-			if err := utils.RunExecutable("sh", []string{"-c", fmt.Sprintf("echo %s | sed -E \"%s\"", querySuite, transformString)}...); err != nil {
-				log.Entry().WithError(err).Error("failed to transform querySuite")
-				e := bufferErr.String()
-				log.Entry().Error(e)
-			} else {
-				querySuite = strings.TrimSpace(bufferOut.String())
+			querySuite = transformQuerySuite(utils, querySuite, transformString)
+			if len(querySuite) == 0 {
+				return cmd
 			}
 		}
 		cmd = append(cmd, querySuite)
@@ -81,6 +73,21 @@ func appendCodeqlQuerySuite(utils codeqlExecuteScanUtils, cmd []string, querySui
 	return cmd
 }
 
+func transformQuerySuite(utils codeqlExecuteScanUtils, querySuite, transformString string) string {
+	var bufferOut, bufferErr bytes.Buffer
+	utils.Stdout(&bufferOut)
+	defer utils.Stdout(log.Writer())
+	utils.Stderr(&bufferErr)
+	defer utils.Stderr(log.Writer())
+	if err := utils.RunExecutable("sh", []string{"-c", fmt.Sprintf("echo %s | sed -E \"%s\"", querySuite, transformString)}...); err != nil {
+		log.Entry().WithError(err).Error("failed to transform querySuite")
+		e := bufferErr.String()
+		log.Entry().Error(e)
+		return querySuite
+	}
+	return strings.TrimSpace(bufferOut.String())
+}
+
 func execute(utils codeqlExecuteScanUtils, cmd []string, isVerbose bool) error {
 	if isVerbose {
 		cmd = append(cmd, "-v")

cmd/codeqlExecuteScan_test.go

@@ -656,7 +656,8 @@ func TestAppendCodeqlQuerySuite(t *testing.T) {
 		utils := codeqlExecuteScanMockUtils{
 			ExecMockRunner: &mock.ExecMockRunner{
 				Stub: func(call string, stdoutReturn map[string]string, shouldFailOnCommand map[string]error, stdout io.Writer) error {
-					return fmt.Errorf("error")
+					stdout.Write([]byte("php-security-extended.qls"))
+					return nil
 				},
 			},
 		}
@@ -666,6 +667,101 @@ func TestAppendCodeqlQuerySuite(t *testing.T) {
 		assert.Equal(t, 3, len(cmd))
 		assert.Equal(t, "php-security-extended.qls", cmd[2])
 	})
+
+	t.Run("Error while transforming querySuite", func(t *testing.T) {
+		utils := codeqlExecuteScanMockUtils{
+			ExecMockRunner: &mock.ExecMockRunner{
+				Stub: func(call string, stdoutReturn map[string]string, shouldFailOnCommand map[string]error, stdout io.Writer) error {
+					return fmt.Errorf("error")
+				},
+			},
+		}
+		cmd := []string{"database", "analyze"}
+		querySuite := "php-security-extended.qls"
+		cmd = appendCodeqlQuerySuite(utils, cmd, querySuite, `s/^(java|python)-(security-extended\.qls|security-and-quality\.qls)`)
+		assert.Equal(t, 3, len(cmd))
+		assert.Equal(t, "php-security-extended.qls", cmd[2])
+	})
+
+	t.Run("Empty transformed querySuite", func(t *testing.T) {
+		utils := codeqlExecuteScanMockUtils{
+			ExecMockRunner: &mock.ExecMockRunner{
+				Stub: func(call string, stdoutReturn map[string]string, shouldFailOnCommand map[string]error, stdout io.Writer) error {
+					stdout.Write([]byte(""))
+					return nil
+				},
+			},
+		}
+		cmd := []string{"database", "analyze"}
+		querySuite := "python-security-extended.qls"
+		cmd = appendCodeqlQuerySuite(utils, cmd, querySuite, `s/^(java|python)-(security-extended\.qls|security-and-quality\.qls)//`)
+		assert.Equal(t, 2, len(cmd))
+	})
+}
+
+func TestTransformQuerySuite(t *testing.T) {
+	t.Run("Add prefix to querySuite", func(t *testing.T) {
+		utils := codeqlExecuteScanMockUtils{
+			ExecMockRunner: &mock.ExecMockRunner{
+				Stub: func(call string, stdoutReturn map[string]string, shouldFailOnCommand map[string]error, stdout io.Writer) error {
+					stdout.Write([]byte("test-java-security-extended.qls"))
+					return nil
+				},
+			},
+		}
+		input := "java-security-extended.qls"
+		transformString := `s/^(java|python)-(security-extended.qls|security-and-quality.qls)/test-\1-\2/`
+		expect := "test-java-security-extended.qls"
+		result := transformQuerySuite(utils, input, transformString)
+		assert.Equal(t, expect, result)
+	})
+
+	t.Run("Don't add prefix to querySuite", func(t *testing.T) {
+		utils := codeqlExecuteScanMockUtils{
+			ExecMockRunner: &mock.ExecMockRunner{
+				Stub: func(call string, stdoutReturn map[string]string, shouldFailOnCommand map[string]error, stdout io.Writer) error {
+					stdout.Write([]byte("php-security-extended.qls"))
+					return nil
+				},
+			},
+		}
+		input := "php-security-extended.qls"
+		transformString := `s/^(java|python)-(security-extended.qls|security-and-quality.qls)/test-\1-\2/`
+		expected := "php-security-extended.qls"
+		result := transformQuerySuite(utils, input, transformString)
+		assert.Equal(t, expected, result)
+
+	})
+
+	t.Run("Failed running transform cmd", func(t *testing.T) {
+		utils := codeqlExecuteScanMockUtils{
+			ExecMockRunner: &mock.ExecMockRunner{
+				Stub: func(call string, stdoutReturn map[string]string, shouldFailOnCommand map[string]error, stdout io.Writer) error {
+					return fmt.Errorf("error")
+				},
+			},
+		}
+		input := "php-security-extended.qls"
+		transformString := `s//test-\1-\2/`
+		result := transformQuerySuite(utils, input, transformString)
+		assert.Equal(t, input, result)
+	})
+
+	t.Run("Transform querySuite to empty string", func(t *testing.T) {
+		utils := codeqlExecuteScanMockUtils{
+			ExecMockRunner: &mock.ExecMockRunner{
+				Stub: func(call string, stdoutReturn map[string]string, shouldFailOnCommand map[string]error, stdout io.Writer) error {
+					stdout.Write([]byte(""))
+					return nil
+				},
+			},
+		}
+		input := "java-security-extended.qls"
+		transformString := `s/^(java|python)-(security-extended.qls|security-and-quality.qls)//`
+		expect := ""
+		result := transformQuerySuite(utils, input, transformString)
+		assert.Equal(t, expect, result)
+	})
 }
 
 func TestGetLangFromBuildTool(t *testing.T) {