From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 2C956AC0FD5 for ; Wed, 15 Nov 2023 12:00:11 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=4KZPSlAn3MMXvUWs/4yFbH8PiQSoGIXt+3auenW7OVo=; c=relaxed/simple; d=groups.io; h=Message-ID:Date:MIME-Version:Subject:To:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1700049609; v=1; b=eHBum1bt8173MtgdMQTAxaJ5NnT0x4AFRECkdq5Wxjk1sI3ZKGpK5aM+TLHjB6RQmZD6yfhL zTjc3mUMIPh4m5IqGuB7tuVihNoqYNcya0fU2lOIRBNJf7XABUq7EcTHPlk0guR+YEH4yzeG+a8 SV02dD/BPy6gxaD5A3F0f3U8= X-Received: by 127.0.0.2 with SMTP id 6goPYY7687511xUtpUyHh9sb; Wed, 15 Nov 2023 04:00:09 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web10.11308.1700049609123669371 for ; Wed, 15 Nov 2023 04:00:09 -0800 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-88-SP6QeJi9O-eTdmHsPfsmxg-1; Wed, 15 Nov 2023 07:00:04 -0500 X-MC-Unique: SP6QeJi9O-eTdmHsPfsmxg-1 X-Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 49BFC811E8E; Wed, 15 Nov 2023 12:00:04 +0000 (UTC) X-Received: from [10.39.192.211] (unknown [10.39.192.211]) by smtp.corp.redhat.com (Postfix) with ESMTPS id D02C9C157EE; Wed, 15 Nov 2023 12:00:03 +0000 (UTC) Message-ID: <956d6718-41a0-9791-cca6-776376b6b046@redhat.com> Date: Wed, 15 Nov 2023 13:00:02 +0100 MIME-Version: 1.0 Subject: Re: [edk2-devel] CodeQL Analysis in edk2 To: devel@edk2.groups.io, mikuback@linux.microsoft.com References: <7c8e4787-74e4-f144-123f-9d44d094ce86@redhat.com> <80681e4d-e438-4d2e-be4f-5268920f6211@linux.microsoft.com> From: "Laszlo Ersek" In-Reply-To: <80681e4d-e438-4d2e-be4f-5268920f6211@linux.microsoft.com> X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.8 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,lersek@redhat.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: Fn8fAPemwz4OOWKu9LIv1PIcx7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=eHBum1bt; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=redhat.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io On 11/15/23 01:35, Michael Kubacki wrote: > On 11/13/2023 8:42 AM, Laszlo Ersek wrote: >> sorry, unfinished thought: >> >> On 11/13/23 14:39, Laszlo Ersek wrote: >> >>> - the "sarif emacs" output seems a bit broken, actually, so it's not >>> usable. Consider the following entry from the original JSON file: >>> >>>      }, { >>>        "ruleId" : "cpp/missing-null-test", >>>        "ruleIndex" : 0, >>>        "rule" : { >>>          "id" : "cpp/missing-null-test", >>>          "index" : 0 >>>        }, >>>        "message" : { >>>          "text" : "Value may be null; it should be checked before >>> dereferencing." >>>        }, >>>        "locations" : [ { >>>          "physicalLocation" : { >>>            "artifactLocation" : { >>>              "uri" : >>> "MdeModulePkg/Application/UiApp/FrontPageCustomizedUiSupport.c", >>>              "uriBaseId" : "%SRCROOT%", >>>              "index" : 0 >>>            }, >>>            "region" : { >>>              "startLine" : 355, >>>              "startColumn" : 48, >>>              "endColumn" : 52 >>>            } >>>          } >>>        } ], >>>        "partialFingerprints" : { >>>          "primaryLocationLineHash" : "f374f6e6dfc92010:1", >>>          "primaryLocationStartColumnFingerprint" : "43" >>>        } >>>      }, { >>> >>> In the "emacs" output, it appears as: >>> >>> -------- >>> ModulePkg/Application/UiApp/FrontPageCustomizedUiSupport.c:355: >>> cpp/missing-null-test Value may be null; it should be checked before >>> dereferencing. >>> -------- >>> >>> Note that the first three characters, "Mde" of "Mde" are lost. >> >> I meant '"Mde" of "ModulePkg"'. >> > I was able to reproduce this with sarif-tools version 2.0.0. > > It impacted other commands like "html" as well. > > Applying the "--no-autotrim" option appears to leave the path alone. Can > you please let me know if that works for you? Yes, it does! Thanks! Laszlo > > Also, yes, I can add this to the CodeQL GitHub workflow. > >>> >>> This issue (first three chars cut) affects all other pathnames in the >>> emacs output too. >> > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#111266): https://edk2.groups.io/g/devel/message/111266 Mute This Topic: https://groups.io/mt/102444916/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/xyzzy [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-