Add detection of CodeMeter obfuscation

checks/unwanted_files.go

@@ -17,6 +17,7 @@ func detectUnwantedFiles(r *report.Report) {
 	processUnwantedFiles(r, []string{"*.pyd"}, "Python-compiled DLL", []string{"Do not upload Python-compiled DLLs (.pyd files)."})
 	processUnwantedFiles(r, []string{"*.pyc"}, "compiled Python file", []string{"Veracode requires Python source code for analysis. Do not upload compiled Python files."})
 	processUnwantedFiles(r, []string{"*.deploy"}, "ClickOnce \".deploy\" files", []string{"Veracode does not support ClickOnce deployments."})
+	processUnwantedFiles(r, []string{"WibuCmNET.dll"}, "CodeMeter obfuscation file", []string{"Do not use code obfuscation tools other than Dotfuscator Community Edition. Using other code obfuscation tools may prevent the static binary scan from succeeding."})
 }
 
 func processUnwantedFiles(r *report.Report, filePatterns []string, fileType string, recommendations []string) {

checks/unwanted_files_test.go

@@ -59,4 +59,21 @@ func TestUnwantedFiles(t *testing.T) {
 		assert.Contains(t, testReport.Issues[1].Description, "A compiled Python file was uploaded: \"test.pyc\"")
 		assert.Equal(t, 3, len(testReport.Recommendations))
 	})
+
+	t.Run("Scan contains WibuCmNET.dll which is an indicator of CodeMeter obfuscation", func(t *testing.T) {
+		t.Parallel()
+		testReport := report.Report{
+			UploadedFiles: []report.UploadedFile{
+				{Id: 222222, Name: "WibucmNeT.dll", MD5: "hash2", IsIgnored: false, IsThirdParty: false},
+				{Id: 222222, Name: "app.dll", MD5: "hash2", IsIgnored: false, IsThirdParty: false},
+			},
+			Issues: []report.Issue{},
+		}
+
+		detectUnwantedFiles(&testReport)
+
+		assert.Equal(t, 1, len(testReport.Issues))
+		assert.Contains(t, testReport.Issues[0].Description, "CodeMeter obfuscation file")
+		assert.Equal(t, 2, len(testReport.Recommendations))
+	})
 }