From d005521c78019976bb59e5ad506a6b93df2f42c3 Mon Sep 17 00:00:00 2001 From: tduhamel42 Date: Thu, 30 Oct 2025 10:57:56 +0100 Subject: [PATCH] fix: MobSF scanner now properly parses files dict structure MobSF returns 'files' as a dict (not list): {"filename": "line_numbers"} The parser was treating it as a list, causing zero findings to be extracted. Now properly iterates over the dict and creates one finding per affected file with correct line numbers and metadata (CWE, OWASP, MASVS, CVSS). Fixed in both code_analysis and behaviour sections. --- .../toolbox/modules/android/mobsf_scanner.py | 100 +++++++++++++----- 1 file changed, 72 insertions(+), 28 deletions(-) diff --git a/backend/toolbox/modules/android/mobsf_scanner.py b/backend/toolbox/modules/android/mobsf_scanner.py index 5586ca3..3b16e1b 100644 --- a/backend/toolbox/modules/android/mobsf_scanner.py +++ b/backend/toolbox/modules/android/mobsf_scanner.py @@ -329,23 +329,47 @@ class MobSFScanner(BaseModule): metadata_dict.get('severity', '').lower(), 'medium' ) - files_list = finding_data.get('files', []) - file_path = files_list[0] if files_list else None + # MobSF returns 'files' as a dict: {filename: line_numbers} + files_dict = finding_data.get('files', {}) - finding = self.create_finding( - title=finding_name, - description=metadata_dict.get('description', 'No description'), - severity=severity, - category="android-code-analysis", - file_path=file_path, - metadata={ - 'cwe': metadata_dict.get('cwe'), - 'owasp': metadata_dict.get('owasp'), - 'files': files_list, - 'tool': 'mobsf', - } - ) - findings.append(finding) + # Create a finding for each affected file + if isinstance(files_dict, dict) and files_dict: + for file_path, line_numbers in files_dict.items(): + finding = self.create_finding( + title=finding_name, + description=metadata_dict.get('description', 'No description'), + severity=severity, + category="android-code-analysis", + file_path=file_path, + line_number=line_numbers, # Can be string like "28" or "65,81" + metadata={ + 'cwe': metadata_dict.get('cwe'), + 'owasp': metadata_dict.get('owasp'), + 'masvs': metadata_dict.get('masvs'), + 'cvss': metadata_dict.get('cvss'), + 'ref': metadata_dict.get('ref'), + 'line_numbers': line_numbers, + 'tool': 'mobsf', + } + ) + findings.append(finding) + else: + # Fallback: create one finding without file info + finding = self.create_finding( + title=finding_name, + description=metadata_dict.get('description', 'No description'), + severity=severity, + category="android-code-analysis", + metadata={ + 'cwe': metadata_dict.get('cwe'), + 'owasp': metadata_dict.get('owasp'), + 'masvs': metadata_dict.get('masvs'), + 'cvss': metadata_dict.get('cvss'), + 'ref': metadata_dict.get('ref'), + 'tool': 'mobsf', + } + ) + findings.append(finding) # Parse behavior analysis if 'behaviour' in scan_data: @@ -359,19 +383,39 @@ class MobSFScanner(BaseModule): metadata_dict.get('severity', '').lower(), 'medium' ) - files_list = value.get('files', []) + # MobSF returns 'files' as a dict: {filename: line_numbers} + files_dict = value.get('files', {}) - finding = self.create_finding( - title=f"Behavior: {label}", - description=metadata_dict.get('description', 'No description'), - severity=severity, - category="android-behavior", - metadata={ - 'files': files_list, - 'tool': 'mobsf', - } - ) - findings.append(finding) + # Create a finding for each affected file + if isinstance(files_dict, dict) and files_dict: + for file_path, line_numbers in files_dict.items(): + finding = self.create_finding( + title=f"Behavior: {label}", + description=metadata_dict.get('description', 'No description'), + severity=severity, + category="android-behavior", + file_path=file_path, + line_number=line_numbers, + metadata={ + 'line_numbers': line_numbers, + 'behavior_key': key, + 'tool': 'mobsf', + } + ) + findings.append(finding) + else: + # Fallback: create one finding without file info + finding = self.create_finding( + title=f"Behavior: {label}", + description=metadata_dict.get('description', 'No description'), + severity=severity, + category="android-behavior", + metadata={ + 'behavior_key': key, + 'tool': 'mobsf', + } + ) + findings.append(finding) logger.debug(f"Parsed {len(findings)} findings from MobSF results") return findings