audit, advisories and doctors/setup work

2026-01-13 18:53:39 +02:00
parent 9ca7cb183e
commit d7be6ba34b
811 changed files with 54242 additions and 4056 deletions
--- a/src/Scanner/StellaOps.Scanner.Worker/Processing/NativeAnalyzerExecutor.cs
+++ b/src/Scanner/StellaOps.Scanner.Worker/Processing/NativeAnalyzerExecutor.cs
@@ -9,6 +9,7 @@
 using System.Diagnostics;
 using Microsoft.Extensions.Logging;
 using Microsoft.Extensions.Options;
+using StellaOps.Scanner.Analyzers.Native;
 using StellaOps.Scanner.Core.Contracts;
 using StellaOps.Scanner.Emit.Native;
 using StellaOps.Scanner.Worker.Diagnostics;
@@ -25,6 +26,7 @@ public sealed class NativeAnalyzerExecutor
 {
    private readonly NativeBinaryDiscovery _discovery;
    private readonly INativeComponentEmitter _emitter;
+    private readonly IElfSectionHashExtractor _sectionHashExtractor;
    private readonly NativeAnalyzerOptions _options;
    private readonly ILogger<NativeAnalyzerExecutor> _logger;
    private readonly ScannerWorkerMetrics _metrics;
@@ -32,12 +34,14 @@ public sealed class NativeAnalyzerExecutor
    public NativeAnalyzerExecutor(
        NativeBinaryDiscovery discovery,
        INativeComponentEmitter emitter,
+        IElfSectionHashExtractor sectionHashExtractor,
        IOptions<NativeAnalyzerOptions> options,
        ILogger<NativeAnalyzerExecutor> logger,
        ScannerWorkerMetrics metrics)
    {
        _discovery = discovery ?? throw new ArgumentNullException(nameof(discovery));
        _emitter = emitter ?? throw new ArgumentNullException(nameof(emitter));
+        _sectionHashExtractor = sectionHashExtractor ?? throw new ArgumentNullException(nameof(sectionHashExtractor));
        _options = options?.Value ?? throw new ArgumentNullException(nameof(options));
        _logger = logger ?? throw new ArgumentNullException(nameof(logger));
        _metrics = metrics ?? throw new ArgumentNullException(nameof(metrics));
@@ -148,20 +152,26 @@ public sealed class NativeAnalyzerExecutor
            using var cts = CancellationTokenSource.CreateLinkedTokenSource(cancellationToken);
            cts.CancelAfter(_options.SingleBinaryTimeout);

-            return await Task.Run(() =>
-            {
-                // Read binary header to extract Build-ID and other metadata
-                var buildId = ExtractBuildId(binary);
+            var sectionHashes = binary.Format == BinaryFormat.Elf
+                ? await _sectionHashExtractor.ExtractAsync(binary.AbsolutePath, cts.Token).ConfigureAwait(false)
+                : null;

-                return new NativeBinaryMetadata
-                {
-                    Format = binary.Format.ToString().ToLowerInvariant(),
-                    FilePath = binary.RelativePath,
-                    BuildId = buildId,
-                    Architecture = DetectArchitecture(binary),
-                    Platform = DetectPlatform(binary)
-                };
-            }, cts.Token).ConfigureAwait(false);
+            cts.Token.ThrowIfCancellationRequested();
+
+            // Read binary header to extract Build-ID and other metadata
+            var buildId = ExtractBuildId(binary) ?? sectionHashes?.BuildId;
+
+            return new NativeBinaryMetadata
+            {
+                Format = binary.Format.ToString().ToLowerInvariant(),
+                FilePath = binary.RelativePath,
+                BuildId = buildId,
+                Architecture = DetectArchitecture(binary),
+                Platform = DetectPlatform(binary),
+                FileDigest = sectionHashes?.FileHash,
+                FileSize = binary.SizeBytes,
+                ElfSectionHashes = sectionHashes
+            };
        }
        catch (OperationCanceledException)
        {