Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Output SARIF format is confusing / broken #2608

Closed
2 tasks done
yuligesec opened this issue Sep 16, 2022 · 7 comments · Fixed by #2925
Closed
2 tasks done

Output SARIF format is confusing / broken #2608

yuligesec opened this issue Sep 16, 2022 · 7 comments · Fixed by #2925
Assignees
@tarunKoyalwar
Labels
Priority: High After critical issues are fixed, these should be dealt with before any further issues. Status: Completed Nothing further to be done with this issue. Awaiting to be closed. Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.
Milestone
nuclei v2.8.0

Comments

@yuligesec
Copy link

yuligesec commented Sep 16, 2022
edited by tarunKoyalwar
Loading

  • Format fix
  • Format test / validation
 -se, -sarif-export string     file to export results in SARIF format

Although nuclei supports exporting to sarif format, it does not conform to the rules of sarif format, and the output result should be placed in the results field. But not.

It is confusing, like this.

...
"results": [
        {
          "ruleId": "tech-detect-95410662745f9d47610c389af7d617774a98aa0c",
          "ruleIndex": 0,
          "level": "note",
          "message": {
            "text": "http://127.0.0.1:18080"
          },
          "locations": [
            {
              "physicalLocation": {
                "artifactLocation": {
                  "uri": "README.md"
                },
                "region": {
                  "startLine": 1,
                  "startColumn": 1,
                  "endLine": 1,
                  "endColumn": 1
                }
              },
              "message": {
                "text": "http://127.0.0.1:18080"
              }
            }
          ]
        },
...

Sarif Viewer can't view it and get any useful information!
image
@yuligesec yuligesec added the Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors. label Sep 16, 2022
@ehsandeep
Copy link
Member

@yuligesec thanks for reporting this. Could you also specify what tool you used to view/validate sarif format?

@ehsandeep ehsandeep added the Type: Question A query or seeking clarification on parts of the spec. Probably doesn't need the attention of all. label Sep 28, 2022
@ehsandeep ehsandeep added Priority: High After critical issues are fixed, these should be dealt with before any further issues. and removed Type: Question A query or seeking clarification on parts of the spec. Probably doesn't need the attention of all. labels Nov 3, 2022
@ehsandeep ehsandeep changed the title Output SARIF format is confusing Output SARIF format is confusing / broken Nov 3, 2022
@ehsandeep
Copy link
Member

From https://github.com/schniggie/vuln-mgmt/actions/runs/3383544249 (projectdiscovery/nuclei-action#43)

Unable to upload "nuclei.sarif" as it is not valid SARIF:
- instance.runs[0].tool.driver.rules[0].help requires property "text"
- instance.runs[0].tool.driver.rules[1].help requires property "text"
- instance.runs[0].tool.driver.rules[2].help requires property "text"
- instance.runs[0].tool.driver.rules[3].help requires property "text"
- instance.runs[0].tool.driver.rules[4].help requires property "text"
- instance.runs[0].tool.driver.rules[5].help requires property "text"
- instance.runs[0].tool.driver.rules[6].help requires property "text"
- instance.runs[0].tool.driver.rules[7].help requires property "text"
- instance.runs[0].tool.driver.rules[8].help requires property "text"
- instance.runs[0].tool.driver.rules[9].help requires property "text"
- instance.runs[0].tool.driver.rules[10].help requires property "text"

@ehsandeep ehsandeep mentioned this issue Nov 3, 2022
Closed
@yuligesec
Copy link
Author

@yuligesec thanks for reporting this. Could you also specify what tool you used to view/validate sarif format?

For example : vscode extension Sarif Viewer

@schniggie
Copy link

how can I assist here? really want this to work :)

@tarunKoyalwar
Copy link
Member

nuclei sarif is generated using https://github.com/owenrumney/go-sarif which seems to be the core problem .
This issue will be blocked until https://github.com/projectdiscovery/sarif is available

@tarunKoyalwar tarunKoyalwar added Status: Blocked There is some issue that needs to be resolved first. Status: In Progress This issue is being worked on, and has someone assigned. labels Nov 23, 2022
@tarunKoyalwar tarunKoyalwar mentioned this issue Nov 25, 2022
Merged
@tarunKoyalwar tarunKoyalwar removed the Status: Blocked There is some issue that needs to be resolved first. label Nov 25, 2022
tarunKoyalwar added a commit that referenced this issue Nov 29, 2022
@tarunKoyalwar
enhance sarif output (closes #2608)
0c882ce
@tarunKoyalwar tarunKoyalwar mentioned this issue Nov 29, 2022
Merged
@tarunKoyalwar tarunKoyalwar linked a pull request Nov 29, 2022 that will close this issue
enhance sarif output (closes #2608) #2925
Merged
@tarunKoyalwar
Copy link
Member

@schniggie , PR is in progress with lot of improvements . you can try it using https://github.com/projectdiscovery/nuclei/tree/issue-2608-fix-sarif branch

@ehsandeep ehsandeep added Status: Completed Nothing further to be done with this issue. Awaiting to be closed. and removed Status: In Progress This issue is being worked on, and has someone assigned. labels Nov 30, 2022
@ehsandeep
Copy link
Member

@schniggie @yuligesec this is now fixed in the dev version with #2925, next release of nuclei is planned for Monday.

@ehsandeep ehsandeep added this to the v2.8.0 milestone Nov 30, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tarunKoyalwar tarunKoyalwar

Labels
Priority: High After critical issues are fixed, these should be dealt with before any further issues. Status: Completed Nothing further to be done with this issue. Awaiting to be closed. Type: Bug Inconsistencies or issues which will cause an issue or problem for users or implementors.
Projects
None yet
Milestone
nuclei v2.8.0
Development

Successfully merging a pull request may close this issue.

enhance sarif output (closes #2608) projectdiscovery/nuclei
4 participants
@schniggie @ehsandeep @yuligesec @tarunKoyalwar