Merge pull request #44 from mitre/fortifyFixes

Make sure the fields we are looking for in Fortify exist before we parse the element
mitre · Apr 16, 2020 · c646a34 · c646a34
2 parents d0b9899 + 758f110
commit c646a34
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/lib/heimdall_tools/fortify_mapper.rb b/lib/heimdall_tools/fortify_mapper.rb
@@ -43,7 +43,11 @@ def primaries(classid)
         traces.each do |trace|
           entries = trace['Primary']['Entry']
           entries = [entries] unless entries.is_a?(Array)
-          entries = entries.reject { |x| x['Node'].nil? }
+          # This is just regular array access, it is just written in a manner that allows us
+          # to use Ruby's safe navigation operator. We rely on
+          # entry['Node']['SourceLocation']['snippet'] to exist on all of our entries, so if any
+          # of those are empty we reject that element.
+          entries = entries.reject { |x| x&.[]('Node')&.[]('SourceLocation')&.[]('snippet').nil? }
           entries.each do |entry|
             findings << process_entry(entry)
           end