microsoft · michaelcfanning · Jan 10, 2022 · Dec 16, 2021 · Dec 16, 2021 · Dec 17, 2021
@@ -116,6 +116,15 @@ public override void AnalyzePortableExecutableAndPdb(BinaryAnalyzerContext conte
                 Symbol om = omView.Value;
                 ObjectModuleDetails omDetails = om.GetObjectModuleDetails();
 
+                if (omDetails.WellKnownCompiler != WellKnownCompilers.MicrosoftC &&
+                    omDetails.WellKnownCompiler != WellKnownCompilers.MicrosoftCxx)
+                {
+                    // TODO: MikeFan (1/6/2022)
+                    // We need to take a step back and comprehensively review our compiler/language support.
+                    // https://github.com/Microsoft/binskim/issues/114
+                    continue;
+                }
+
                 switch (omDetails.Language)
                 {
                     case Language.LINK:
@@ -132,33 +141,43 @@ public override void AnalyzePortableExecutableAndPdb(BinaryAnalyzerContext conte
                         break;
                     }
 
-                    //case Language.MASM:
-                    //{
-                    //    minCompilerVersion =
-                    //        context.Policy.GetProperty(MinimumToolVersions)[nameof(Language.MASM)];
-                    //    break;
-                    //}
-
-                    //case Language.CVTRES:
-                    //{
-                    //    minCompilerVersion =
-                    //        context.Policy.GetProperty(MinimumToolVersions)[nameof(Language.CVTRES)];
-                    //    break;
-                    //}
-
-                    //case Language.CSharp:
-                    //{
-                    //    minCompilerVersion =
-                    //        context.Policy.GetProperty(MinimumToolVersions)[nameof(Language.CSharp)];
-                    //    break;
-                    //}
+                    /*
+                    TODO: MikeFan (1/6/2022)
+                    We need to take a step back and comprehensively review our compiler/language support.
+                    https://github.com/Microsoft/binskim/issues/114
+
+                    case Language.MASM:
+                    {
+                        minCompilerVersion =
+                            context.Policy.GetProperty(MinimumToolVersions)[nameof(Language.MASM)];
+                        break;
+                    }
+
+                    case Language.CVTRES:
+                    {
+                        minCompilerVersion =
+                            context.Policy.GetProperty(MinimumToolVersions)[nameof(Language.CVTRES)];
+                        break;
+                    }
+
+                    case Language.CSharp:
+                    {
+                        minCompilerVersion =
+                            context.Policy.GetProperty(MinimumToolVersions)[nameof(Language.CSharp)];
+                        break;
+                    }
 
+                    Language data is not always included if it is only compiled with SymTagCompiland without SymTagCompilandDetails
+                    https://docs.microsoft.com/en-us/visualstudio/debugger/debug-interface-access/compilanddetails?view=vs-2022
+                    Compiland information is split between symbols with a SymTagCompiland tag (low detail)
+                    and a SymTagCompilandDetails tag (high detail).
                     case Language.Unknown:
                     {
                         minCompilerVersion =
                             context.Policy.GetProperty(MinimumToolVersions)[nameof(Language.Unknown)];
                         break;
                     }
+                    */
 
                     default:
                     {

@@ -2,6 +2,7 @@
 
 ## Unreleased
 
+* BUGFIX: Fix incorrect analysis for non-Microsoft compiler on BA2006.BuildWithSecureTools [545](https://github.com/microsoft/binskim/pull/545)
 * BUGFIX: Fix `JsonSerializationException` that occurs when saving SARIF v1 with telemetry enabled. [#535](https://github.com/microsoft/binskim/pull/535)
 * BUGFIX: Fix `NullReferenceException` when `--Hashes` and telemetry rules are enabled. [#531](https://github.com/microsoft/binskim/pull/531)
 

@@ -428,13 +428,13 @@
         {
           "ruleId": "BA2006",
           "ruleIndex": 17,
-          "level": "error",
+          "kind": "pass",
+          "level": "none",
           "message": {
-            "id": "Error",
+            "id": "Pass",
             "arguments": [
               "clangcl.pe.cpp.codeview.exe",
-              "",
-              "clang version 13.0.0 : cxx : 13000.0.0.0 : [directly linked] (hello-d24821.obj)\r\n"
+              "Microsoft (R) Optimizing Compiler:C:19.26.28900.8, Microsoft (R) Optimizing Compiler:C:19.29.30034.2, Microsoft (R) Optimizing Compiler:Cxx:19.26.28900.8, Microsoft (R) Optimizing Compiler:Cxx:19.29.30034.2"
             ]
           },
           "locations": [
+1 −0		src/ReleaseHistory.md
+0 −2		src/Sarif.Driver/Sdk/MultithreadedAnalyzeCommandBase.cs
+18 −15		src/Sarif/Autogenerated/ReportingDescriptor.cs
+18 −15		src/Sarif/NotYetAutoGenerated/ReportingDescriptor.cs
+21 −8		src/Sarif/Writers/ResultLogJsonWriter.cs
+1 −1		...ests.Sarif/TestData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2012.ProvideRuleProperties_Invalid.sarif
+1 −1		...rif/TestData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2014.ProvideDynamicMessageContent_Invalid.sarif
+1 −1		...rif/TestData/Multitool/ValidateCommand/ExpectedOutputs/SARIF2015.EnquoteDynamicMessageContent_Invalid.sarif
+2 −2		...nctionalTests.Sarif/TestData/Multitool/ValidateCommand/Inputs/SARIF2012.ProvideRuleProperties_Invalid.sarif
+2 −2		...lTests.Sarif/TestData/Multitool/ValidateCommand/Inputs/SARIF2014.ProvideDynamicMessageContent_Invalid.sarif
+2 −2		...lTests.Sarif/TestData/Multitool/ValidateCommand/Inputs/SARIF2015.EnquoteDynamicMessageContent_Invalid.sarif
+44 −2		src/Test.UnitTests.Sarif.Driver/Sdk/AnalyzeCommandBaseTests.cs