Merge pull request #72 from scanoss/5.4.5

5.4.5

Author: mscasso-scanoss

inc/attributions.h

@@ -3,6 +3,6 @@
 
 #include "scanoss.h"
 
-int attribution_notices();
+int attribution_notices(char * components);
 
 #endif

inc/match_list.h

@@ -80,7 +80,6 @@
 
 #define MATCH_LIST_TOLERANCE 98.5
 typedef struct match_data_t match_data_t; /* Forward declaration */
-typedef struct scan_data_t scan_data_t; /* Forward declaration*/
 
 /**
  * @brief Define a list of component_data_t

inc/mz.h

@@ -3,6 +3,5 @@
 
 #include "scanoss.h"
 
-void mz_file_contents(char *key, char * dbtable);
-void mz_get_key(struct mz_job *job, char *key);
+void mz_get_key(struct ldb_table kb, char *key);
 #endif

inc/scan.h

@@ -62,6 +62,7 @@ typedef struct scan_data_t
 	int max_components_to_process; /* Max component to retrieve during snippet scanning */
 	int max_snippets_to_show; //TODO
 	int max_components_to_show; //TODO
+	int max_matchmap_size;
 	bool printed_succed;
 } scan_data_t;
 

inc/scanoss.h

@@ -40,7 +40,7 @@
 #define WFP_REC_LN 18
 
 /* Log files */
-#define SCANOSS_VERSION "5.4.4"
+#define SCANOSS_VERSION "5.4.5"
 #define SCAN_LOG "/tmp/scanoss_scan.log"
 #define MAP_DUMP "/tmp/scanoss_map.dump"
 #define SLOW_QUERY_LOG "/tmp/scanoss_slow_query.log"
@@ -119,10 +119,6 @@ extern long microseconds_start;
 extern int map_rec_len;
 extern bool match_extensions;
 
-/* File tracing -qi */
-extern uint8_t trace_id[MD5_LEN];
-extern bool trace_on;
-
 /*component hint hold the last component matched/guessed */
 extern char * component_hint;
 
@@ -141,6 +137,8 @@ extern struct ldb_table oss_license;
 extern struct ldb_table oss_attribution;
 extern struct ldb_table oss_cryptography;
 extern struct ldb_table oss_sources;
+extern struct ldb_table oss_notices;
+
 
 extern bool first_file;
 extern int max_vulnerabilities;

src/attributions.c

@@ -59,35 +59,14 @@ uint8_t *data, uint32_t datalen, int iteration, void *ptr)
 	memcpy(hexkey, data, MD5_LEN * 2);
 	hexkey[MD5_LEN * 2] = 0;
 
-	/* Define mz_job values */
-	char *src = calloc(MZ_MAX_FILE + 1, 1);
-	uint8_t *zsrc = calloc((MZ_MAX_FILE + 1) * 2, 1);
-	struct mz_job job;
-	sprintf(job.path, "%s/oss/notices", ldb_root);
-	memset(job.mz_id, 0, 2);
-	job.mz = NULL;
-	job.mz_ln = 0;
-	job.id = NULL;
-	job.ln = 0;
-	job.data = src;        // Uncompressed data
-	job.data_ln = 0;
-	job.zdata = zsrc;      // Compressed data
-	job.zdata_ln = 0;
-	job.md5[MD5_LEN] = 0;
-	job.key = NULL;
-
 	/* Print attribution notice header */
 	char *component = (char *) ptr;
 	printf("[%s]\n\n", component);
 
 	/* Print attribution notice */
-	//mz_cat(&job, hexkey);
-	mz_get_key(&job,hexkey);
+	mz_get_key(oss_notices, hexkey);
 	printf("\n");
 
-	free(src);
-	free(zsrc);
-
 	return false;
 }
 
@@ -304,11 +283,11 @@ void print_purl_attribution_notices(struct ldb_table oss_attributions, char * li
  * @brief //Validate the declared SBOM and print the attribution noticies in stdout
  * @return //TODO
  */
-int attribution_notices()
+int attribution_notices(char * components)
 {
 	char * licenses_json = notices_load_file();
 	/* Validate SBOM */
-	declared_components = get_components(optarg);
+	declared_components = get_components(components);
 	if (check_purl_attributions(oss_attribution, licenses_json) && !debug_on)
 		/* Print attribution notices */
 		print_purl_attribution_notices(oss_attribution, licenses_json);

src/help.c

@@ -65,7 +65,6 @@ Options:\n\
 -h  Display this help and exit.\n\
 -d  Save debugging information to disk (/tmp).\n\
 -q  Produces no JSON output. Only debugging info via STDERR.\n\
--i  Trace specific file id when debugging (requires -q).\n\
 \n\
 Enviroment variables:\n\
 SCANOSS_MATCHMAP_MAX: define the snippet scanning match map size, %d by default.\n\

src/license.c

@@ -117,7 +117,6 @@ bool osadl_load_file(void)
 		scanlog("Warning: Cannot find OSADL definition. Please check that %s is present\n", path);
 	else
 		result = true;
-
 	free(path);
 	return result;
 }
@@ -172,10 +171,14 @@ int osadl_print_license(char *output, const char *license, bool more_keys_after)
 void print_osadl_license_data(char *license)
 {
 	char output[MAX_FIELD_LN];
-	osadl_print_license(output, license, false);
-	printf("{\"%s\": {%s}}", license, output);
+	int len = osadl_print_license(output, license, false);
+	if (len >0)
+		printf("{\"%s\": {%s}}", license, output);
+	else
+		printf("{\"%s\": {}}", license);
 }
 
+
 static char *json_from_license(uint32_t *crclist, char *buffer, char *license, int src, bool *first_record)
 {
 	clean_license(license);

src/main.c

@@ -59,13 +59,10 @@ struct ldb_table oss_license;
 struct ldb_table oss_attribution;
 struct ldb_table oss_cryptography;
 struct ldb_table oss_sources;
-
+struct ldb_table oss_notices;
 component_item *ignore_components;
 component_item *declared_components;
 
-/* File tracing -qi */
-uint8_t trace_id[MD5_LEN];
-bool trace_on;
 bool lib_encoder_present = false;
 #define LDB_VER_MIN "4.1.0"
 
@@ -168,6 +165,9 @@ void initialize_ldb_tables(char *name)
 	snprintf(dbtable, MAX_ARGLN * 2, "%s/%s", oss_db_name, "sources");
 	oss_sources = ldb_read_cfg(dbtable);
 
+	snprintf(dbtable, MAX_ARGLN * 2, "%s/%s", oss_db_name, "notices");
+	oss_notices = ldb_read_cfg(dbtable);
+
 	kb_version_get();
 	osadl_load_file();
 
@@ -272,10 +272,6 @@ int main(int argc, char **argv)
 	//global var initialization - it must be improved
 	debug_on = false;
 	quiet = false;
-
-	/* File tracing with -qi */
-	trace_on = false;
-	memset(trace_id, 0 ,16);
 
 	if (argc <= 1)
 	{
@@ -295,7 +291,7 @@ int main(int argc, char **argv)
 	int option;
 	bool invalid_argument = false;
 	char * ldb_db_name = NULL;
-	while ((option = getopt(argc, argv, ":f:s:b:B:c:k:a:F:l:n:i:M:N:wtvhedqH")) != -1)
+	while ((option = getopt(argc, argv, ":f:s:b:B:c:k:a:F:l:n:M:N:wtvhedqH")) != -1)
 	{
 		/* Check valid alpha is entered */
 		if (optarg)
@@ -325,12 +321,17 @@ int main(int argc, char **argv)
 
 			case 'k':
 				initialize_ldb_tables(ldb_db_name);
-				mz_file_contents(optarg, oss_file.db);
+				mz_get_key(oss_sources, optarg);
 				exit(EXIT_SUCCESS);
 				break;
 
 			case 'a':
-				if (declared_components) printf("Cannot combine -s and -a\n");
+				if (declared_components) 
+				{
+					printf("Cannot combine -s and -a\n");
+					break;
+				}
+				initialize_ldb_tables(ldb_db_name);
 				exit(attribution_notices(optarg));
 				break;
 
@@ -340,6 +341,7 @@ int main(int argc, char **argv)
 				break;
 
 			case 'l':
+				initialize_ldb_tables(ldb_db_name);
 				print_osadl_license_data(optarg);
 				exit(EXIT_SUCCESS);
 				break;
@@ -353,15 +355,6 @@ int main(int argc, char **argv)
 			case 'N':
 				scan_max_components = atol(optarg);
 				break;
-			case 'i':
-				if (strlen(optarg) == (MD5_LEN * 2))
-				{
-					ldb_hex_to_bin(optarg, MD5_LEN * 2, trace_id);
-					trace_on = true;
-				}
-				else fprintf(stderr, "Ignoring -i due to invalid length\n");
-				break;
-
 			case 'w':
 				force_wfp = true;
 				break;
@@ -370,6 +363,7 @@ int main(int argc, char **argv)
 				force_snippet_scan = true;
 				break;
 			case 't':
+				initialize_ldb_tables(ldb_db_name);
 				scan_benchmark();
 				exit(EXIT_SUCCESS);
 				break;
@@ -417,7 +411,7 @@ int main(int argc, char **argv)
 				else
 				{
 					printf("'libhpsm.so' must be present in the system to execute this command\n");
-					exit(1);
+					exit(EXIT_FAILURE);
 				}
 				break;
 		}

src/match.c

@@ -399,7 +399,7 @@ bool add_component_from_urlid(component_list_t *component_list, uint8_t *url_id,
  * @return false
  */
 
-file_recordset *files = NULL;
+static file_recordset *files = NULL;
 
 bool component_from_file(uint8_t *key, uint8_t *subkey, int subkey_ln, uint8_t *raw_data, uint32_t datalen, int iteration, void *ptr)
 {