sandbox-scan 0.1.0

Security scan pipeline (YARA + heuristics + compose + ClamAV) for the sandbox CLI.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158

//! ClamAV motor: parses `clamscan --no-summary --infected` output into
//! `Findings`.
//!
//! The actual scan happens in an ephemeral docker container driven by
//! `sandbox-docker::scanner`; this module is pure so it stays testable and
//! `sandbox-scan` keeps its no-docker invariant.
//!
//! Output format we consume (one line per infection):
//!   `/scan/<relpath>: <signature> FOUND`
//!
//! `/scan` is the bind-mount destination inside the scanner container — we
//! strip it so findings render with project-relative paths matching the
//! YARA/heuristic motors.

use std::path::{Path, PathBuf};

use crate::findings::{Finding, Findings, Severity};
use crate::{Error, Result};

const RULE_PREFIX: &str = "clamav";
const SCAN_PREFIX: &str = "/scan/";

/// The scanner Dockerfile bundled at build time. The CLI materializes this
/// into a host directory so `docker build` can read it.
pub const SCANNER_DOCKERFILE: &str = include_str!("../../scanner-image/Dockerfile");

/// Write the bundled `Dockerfile` into `target_dir` (creating it if missing)
/// and return the directory path for `docker build`. Idempotent: if a
/// Dockerfile already exists with the same content, this is a no-op write.
pub fn materialize_scanner_dockerfile(target_dir: &Path) -> Result<PathBuf> {
    std::fs::create_dir_all(target_dir).map_err(|source| Error::Io {
        path: target_dir.to_path_buf(),
        source,
    })?;
    let dockerfile = target_dir.join("Dockerfile");
    std::fs::write(&dockerfile, SCANNER_DOCKERFILE).map_err(|source| Error::Io {
        path: dockerfile,
        source,
    })?;
    Ok(target_dir.to_path_buf())
}

/// Parse a clamscan stdout buffer. Returns a `Findings` with one entry per
/// infected file. Lines that don't match the `<path>: <signature> FOUND`
/// shape are ignored silently — clamscan can emit progress noise even with
/// `--no-summary` (e.g. "LibClamAV Warning: ..."), and dropping them is
/// safer than over-flagging.
pub fn parse_output(stdout: &str) -> Findings {
    let mut out = Findings::new();
    for line in stdout.lines() {
        let trimmed = line.trim();
        let Some((left, signature)) = trimmed.rsplit_once(" FOUND") else {
            continue;
        };
        if !signature.is_empty() {
            // " FOUND" must be a suffix, not a substring — otherwise the
            // signature would have trailing text.
            continue;
        }
        let Some((raw_path, sig)) = left.rsplit_once(": ") else {
            continue;
        };
        let sig = sig.trim();
        if sig.is_empty() {
            continue;
        }
        let path = raw_path
            .strip_prefix(SCAN_PREFIX)
            .unwrap_or(raw_path)
            .to_string();
        out.push(Finding {
            rule_id: format!("{RULE_PREFIX}/{sig}"),
            severity: Severity::Critical,
            message: format!("ClamAV signature `{sig}` matched"),
            path: PathBuf::from(path),
            line: None,
            remediation: Some(
                "Verify against current AV reports. If it's a known false positive, \
                 suppress via ~/.config/sandbox/scan-ignore.toml; otherwise \
                 discard the project."
                    .into(),
            ),
        });
    }
    out
}

#[cfg(test)]
mod tests {
    use super::*;

    #[test]
    fn empty_output_yields_no_findings() {
        assert!(parse_output("").is_empty());
        assert!(parse_output("   \n  \n").is_empty());
    }

    #[test]
    fn single_infection_parses() {
        let raw = "/scan/server.js: Js.Trojan.BeaverTail-1 FOUND\n";
        let f = parse_output(raw);
        let summary: Vec<_> = f
            .iter()
            .map(|x| (x.rule_id.clone(), x.severity, x.path.clone()))
            .collect();
        assert_eq!(
            summary,
            vec![(
                "clamav/Js.Trojan.BeaverTail-1".into(),
                Severity::Critical,
                PathBuf::from("server.js"),
            )]
        );
    }

    #[test]
    fn multiple_infections_parse_in_order() {
        let raw = "\
/scan/a.js: Win.Eicar-Test FOUND
/scan/sub/b.js: Js.Webshell.X FOUND
";
        let paths: Vec<_> = parse_output(raw)
            .iter()
            .map(|f| f.path.to_string_lossy().into_owned())
            .collect();
        assert_eq!(paths, vec!["a.js", "sub/b.js"]);
    }

    #[test]
    fn libclamav_warning_lines_are_ignored() {
        let raw = "\
LibClamAV Warning: cli_pdf: cannot extract embedded file
/scan/payload.bin: Win.Trojan.Generic FOUND
";
        let ids: Vec<_> = parse_output(raw)
            .iter()
            .map(|f| f.rule_id.clone())
            .collect();
        assert_eq!(ids, vec!["clamav/Win.Trojan.Generic"]);
    }

    #[test]
    fn paths_outside_scan_prefix_are_preserved_verbatim() {
        // Defensive: if the bind path changes, we still report something.
        let raw = "/elsewhere/x.js: Sig FOUND\n";
        let paths: Vec<_> = parse_output(raw)
            .iter()
            .map(|f| f.path.to_string_lossy().into_owned())
            .collect();
        assert_eq!(paths, vec!["/elsewhere/x.js"]);
    }

    #[test]
    fn lines_without_found_suffix_are_ignored() {
        let raw = "/scan/x.js: Not a real entry\n";
        assert!(parse_output(raw).is_empty());
    }
}