Exclude system generated files from `BA2004.EnableSecureSourceCodeHas…

…hing`. (#989)

* Exclude system generated files `AssemblyAttributes.obj`, `AssemblyInfo.obj`, `stdafx.obj` from `BA2004.EnableSecureSourceCodeHashing`.

* Update release note

---------

Co-authored-by: Michael C. Fanning <michael.fanning@microsoft.com>

ReleaseHistory.md

@@ -16,9 +16,10 @@
 - NEW => new feature 
 ## UNRELEASED
 * DEP: Update `Sarif.Sdk` submodule from [bc8cb57 to fd6e615](https://github.com/microsoft/sarif-sdk/compare/bc8cb57...fd6e615). Reference [SARIF SDK Release History](https://github.com/microsoft/sarif-sdk/blob/fd6e615/ReleaseHistory.md).
-* NEW: Add `--disable-telemetry` argument to disable telemetry collection.
-* NEW: `BA4002.ReportElfOrMachoCompilerData`, which collects telemetry data for Elf and Macho files, is now enabled by default.
+* BUG: Exclude system-generated files `AssemblyAttributes.obj`, `AssemblyInfo.obj`, `stdafx.obj` from `BA2004.EnableSecureSourceCodeHashing`. [989](https://github.com/microsoft/binskim/pull/989).
 * BUG: Fix `ERR998.ExceptionInAnalyze`: `InvalidOperationException: Unrecognized crypto HRESULT: 0x80096011` for check `BA2022.SignSecurely` when the signature is malformed, by adding missing error code to error description mappings. [969](https://github.com/microsoft/binskim/pull/969)
+* NEW: `BA4002.ReportElfOrMachoCompilerData`, which collects telemetry data for Elf and Macho files, is now enabled by default.
+* NEW: Add `--disable-telemetry` argument to disable telemetry collection.
 
 ## **v4.2.1**
 * FPS: `BA2004.EnableSecureSourceCodeHashing` now will no longer generate false positives on precompiled headers, they are always without hash. [#965](https://github.com/microsoft/binskim/pull/965)

src/BinSkim.Rules/PERules/BA2004.EnableSecureSourceCodeHashing.cs

@@ -25,6 +25,11 @@ public class EnableSecureSourceCodeHashing : WindowsBinaryAndPdbSkimmerBase, IOp
         /// BA2004
         /// </summary>
         public const string MSVCPredefinedTypesFileName = "predefined C++ types (compiler internal)";
+        public const string MSVCCliAttributeTypesFileName = "CLI attribute types (compiler internal)";
+        public const string MSVCStandardApplicationFrameworkFileName = "stdafx.obj";
+        public const string AssemblyAttributesObjFileName = "AssemblyAttributes.obj";
+        public const string AssemblyInfoObjFileName = "AssemblyInfo.obj";
+
 
         public override string Id => RuleIds.EnableSecureSourceCodeHashing;
 
@@ -124,6 +129,13 @@ public void AnalyzeNativeBinaryAndPdb(BinaryAnalyzerContext context)
                     continue;
                 }
 
+                if (omDetails.Name.EndsWith(MSVCStandardApplicationFrameworkFileName) ||
+                    omDetails.Name.EndsWith(AssemblyAttributesObjFileName) ||
+                    omDetails.Name.EndsWith(AssemblyInfoObjFileName))
+                {
+                    continue;
+                }
+
                 bool isMsvc = (omDetails.WellKnownCompiler == WellKnownCompilers.MicrosoftC ||
                                omDetails.WellKnownCompiler == WellKnownCompilers.MicrosoftCxx);
 
@@ -162,8 +174,9 @@ public void AnalyzeNativeBinaryAndPdb(BinaryAnalyzerContext context)
 
                             string sfName = Path.GetFileName(sf.FileName);
 
-                            // 1. Some compiler injected code that is listed as being in "predefined C++ types (compiler internal)"
-                            if (sfName == MSVCPredefinedTypesFileName)
+                            // 1. Some compiler injected code that is listed as being in
+                            // "predefined C++ types (compiler internal)" or "CLI attribute types(compiler internal)".
+                            if (sfName == MSVCPredefinedTypesFileName || sfName == MSVCCliAttributeTypesFileName)
                             {
                                 continue;
                             }

src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/Expected/MixedMode_x64_VS2013_Default.dll.sarif

@@ -98,7 +98,7 @@
             "id": "Error_NativeWithInsecureDirectCompilands",
             "arguments": [
               "MixedMode_x64_VS2013_Default.dll",
-              "Microsoft (R) Optimizing Compiler : cxx : 18.0.21005.1 : [directly linked] [MD5] (.NETFramework,Version=v4.5.AssemblyAttributes.obj,AssemblyInfo.obj,MixedMode_x64_VS2013_Default.obj)\r\n"
+              "Microsoft (R) Optimizing Compiler : cxx : 18.0.21005.1 : [directly linked] [MD5] (MixedMode_x64_VS2013_Default.obj)\r\n"
             ]
           },
           "locations": [

src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/Expected/MixedMode_x64_VS2015_Default.exe.sarif

@@ -69,27 +69,6 @@
             }
           ]
         },
-        {
-          "ruleId": "BA2004",
-          "ruleIndex": 2,
-          "message": {
-            "id": "Warning_NativeWithInsecureStaticLibraryCompilands",
-            "arguments": [
-              "MixedMode_x64_VS2015_Default.exe",
-              "Microsoft (R) Optimizing Compiler : cxx : 19.0.24215.1 : [directly linked] [No hash value present] (.NETFramework,Version=v4.5.2.AssemblyAttributes.obj,stdafx.obj)\r\n"
-            ]
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "file:///Z:/src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/MixedMode_x64_VS2015_Default.exe",
-                  "index": 0
-                }
-              }
-            }
-          ]
-        },
         {
           "ruleId": "BA2004",
           "ruleIndex": 2,
@@ -98,7 +77,7 @@
             "id": "Error_NativeWithInsecureDirectCompilands",
             "arguments": [
               "MixedMode_x64_VS2015_Default.exe",
-              "Microsoft (R) Optimizing Compiler : cxx : 19.0.24215.1 : [directly linked] [MD5] (AssemblyInfo.obj,MixedMode_x64_VS2015_Default.obj)\r\n"
+              "Microsoft (R) Optimizing Compiler : cxx : 19.0.24215.1 : [directly linked] [MD5] (MixedMode_x64_VS2015_Default.obj)\r\n"
             ]
           },
           "locations": [

src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/Expected/MixedMode_x64_VS2019_CPlusPlus_DEBUG_DEFAULT.dll.sarif

@@ -69,27 +69,6 @@
             }
           ]
         },
-        {
-          "ruleId": "BA2004",
-          "ruleIndex": 2,
-          "message": {
-            "id": "Warning_NativeWithInsecureStaticLibraryCompilands",
-            "arguments": [
-              "MixedMode_x64_VS2019_CPlusPlus_DEBUG_DEFAULT.dll",
-              "Microsoft (R) Optimizing Compiler : cxx : 19.29.30133.0 : [directly linked] [No hash value present] (.NETFramework,Version=v4.0.AssemblyAttributes.obj)\r\n"
-            ]
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "file:///Z:/src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/MixedMode_x64_VS2019_CPlusPlus_DEBUG_DEFAULT.dll",
-                  "index": 0
-                }
-              }
-            }
-          ]
-        },
         {
           "ruleId": "BA2004",
           "ruleIndex": 2,

src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/Expected/MixedMode_x64_VS2019_CPlusPlus_DEBUG_FASTLINK.dll.sarif

@@ -69,27 +69,6 @@
             }
           ]
         },
-        {
-          "ruleId": "BA2004",
-          "ruleIndex": 2,
-          "message": {
-            "id": "Warning_NativeWithInsecureStaticLibraryCompilands",
-            "arguments": [
-              "MixedMode_x64_VS2019_CPlusPlus_DEBUG_FASTLINK.dll",
-              "Microsoft (R) Optimizing Compiler : cxx : 19.29.30133.0 : [directly linked] [No hash value present] (.NETFramework,Version=v4.0.AssemblyAttributes.obj)\r\n"
-            ]
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "file:///Z:/src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/MixedMode_x64_VS2019_CPlusPlus_DEBUG_FASTLINK.dll",
-                  "index": 0
-                }
-              }
-            }
-          ]
-        },
         {
           "ruleId": "BA2004",
           "ruleIndex": 2,

src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/Expected/MixedMode_x64_VS2019_CPlusPlus_DEBUG_FULL.dll.sarif

@@ -69,27 +69,6 @@
             }
           ]
         },
-        {
-          "ruleId": "BA2004",
-          "ruleIndex": 2,
-          "message": {
-            "id": "Warning_NativeWithInsecureStaticLibraryCompilands",
-            "arguments": [
-              "MixedMode_x64_VS2019_CPlusPlus_DEBUG_FULL.dll",
-              "Microsoft (R) Optimizing Compiler : cxx : 19.29.30133.0 : [directly linked] [No hash value present] (.NETFramework,Version=v4.0.AssemblyAttributes.obj)\r\n"
-            ]
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "file:///Z:/src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/MixedMode_x64_VS2019_CPlusPlus_DEBUG_FULL.dll",
-                  "index": 0
-                }
-              }
-            }
-          ]
-        },
         {
           "ruleId": "BA2004",
           "ruleIndex": 2,

src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/Expected/MixedMode_x86_VS2013_Default.exe.sarif

@@ -47,27 +47,6 @@
             }
           ]
         },
-        {
-          "ruleId": "BA2004",
-          "ruleIndex": 1,
-          "message": {
-            "id": "Warning_NativeWithInsecureStaticLibraryCompilands",
-            "arguments": [
-              "MixedMode_x86_VS2013_Default.exe",
-              "Microsoft (R) Optimizing Compiler : cxx : 18.0.21005.1 : [directly linked] [No hash value present] (stdafx.obj)\r\n"
-            ]
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "file:///Z:/src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/MixedMode_x86_VS2013_Default.exe",
-                  "index": 0
-                }
-              }
-            }
-          ]
-        },
         {
           "ruleId": "BA2004",
           "ruleIndex": 1,
@@ -76,7 +55,7 @@
             "id": "Error_NativeWithInsecureDirectCompilands",
             "arguments": [
               "MixedMode_x86_VS2013_Default.exe",
-              "Microsoft (R) Optimizing Compiler : cxx : 18.0.21005.1 : [directly linked] [MD5] (.NETFramework,Version=v4.5.AssemblyAttributes.obj,AssemblyInfo.obj,MixedMode_x86_VS2013_Default.obj)\r\n"
+              "Microsoft (R) Optimizing Compiler : cxx : 18.0.21005.1 : [directly linked] [MD5] (MixedMode_x86_VS2013_Default.obj)\r\n"
             ]
           },
           "locations": [

src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/Expected/MixedMode_x86_VS2015_Default.exe.sarif

@@ -47,27 +47,6 @@
             }
           ]
         },
-        {
-          "ruleId": "BA2004",
-          "ruleIndex": 1,
-          "message": {
-            "id": "Warning_NativeWithInsecureStaticLibraryCompilands",
-            "arguments": [
-              "MixedMode_x86_VS2015_Default.exe",
-              "Microsoft (R) Optimizing Compiler : cxx : 19.0.24215.1 : [directly linked] [No hash value present] (.NETFramework,Version=v4.5.2.AssemblyAttributes.obj,stdafx.obj)\r\n"
-            ]
-          },
-          "locations": [
-            {
-              "physicalLocation": {
-                "artifactLocation": {
-                  "uri": "file:///Z:/src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/MixedMode_x86_VS2015_Default.exe",
-                  "index": 0
-                }
-              }
-            }
-          ]
-        },
         {
           "ruleId": "BA2004",
           "ruleIndex": 1,
@@ -76,7 +55,7 @@
             "id": "Error_NativeWithInsecureDirectCompilands",
             "arguments": [
               "MixedMode_x86_VS2015_Default.exe",
-              "Microsoft (R) Optimizing Compiler : cxx : 19.0.24215.1 : [directly linked] [MD5] (AssemblyInfo.obj,MixedMode_x86_VS2015_Default.obj)\r\n"
+              "Microsoft (R) Optimizing Compiler : cxx : 19.0.24215.1 : [directly linked] [MD5] (MixedMode_x86_VS2015_Default.obj)\r\n"
             ]
           },
           "locations": [

src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/Expected/Native_x64_VS2013_Default.dll.sarif

@@ -77,7 +77,7 @@
             "id": "Error_NativeWithInsecureDirectCompilands",
             "arguments": [
               "Native_x64_VS2013_Default.dll",
-              "Microsoft (R) Optimizing Compiler : cxx : 18.0.21005.1 : [directly linked] [MD5] (dllmain.obj,Native_x64_VS2013_Default.obj,stdafx.obj)\r\n"
+              "Microsoft (R) Optimizing Compiler : cxx : 18.0.21005.1 : [directly linked] [MD5] (dllmain.obj,Native_x64_VS2013_Default.obj)\r\n"
             ]
           },
           "locations": [

src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/Expected/Native_x64_VS2015_Default.dll.sarif

@@ -77,7 +77,7 @@
             "id": "Error_NativeWithInsecureDirectCompilands",
             "arguments": [
               "Native_x64_VS2015_Default.dll",
-              "Microsoft (R) Optimizing Compiler : cxx : 19.0.23026.0 : [directly linked] [MD5] (dllmain.obj,Native_x64_VS2015_Default.obj,stdafx.obj)\r\n"
+              "Microsoft (R) Optimizing Compiler : cxx : 19.0.23026.0 : [directly linked] [MD5] (dllmain.obj,Native_x64_VS2015_Default.obj)\r\n"
             ]
           },
           "locations": [

src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/Expected/Native_x86_VS2013_Default.exe.sarif

@@ -33,7 +33,7 @@
             "id": "Warning_NativeWithInsecureStaticLibraryCompilands",
             "arguments": [
               "Native_x86_VS2013_Default.exe",
-              "Microsoft (R) Optimizing Compiler : c : 18.0.20806.0 : MSVCRTD.lib [MD5] (_newmode.obj,atonexit.obj,chandler4gs.obj,cinitexe.obj,fp8.obj,gs_cookie.obj,gs_report.obj,gs_support.obj,loadcfg.obj,merr.obj,natstart.obj,pesect.obj,secchk.obj,wcrtexew.obj,wdllargv.obj,wildcard.obj,xncommod.obj,xthdloc.obj,xtxtmode.obj)\r\nMicrosoft (R) Optimizing Compiler : cxx : 18.0.20806.0 : atls.lib [MD5] (atlbase.obj,stdafx.obj)\r\nMicrosoft (R) Optimizing Compiler : cxx : 18.0.20806.0 : MSVCRTD.lib [MD5] (ehvecdtr.obj,error.obj,init.obj,initsect.obj,pdblkup.obj,stack.obj,ti_inst.obj,unhandld.obj,userapi.obj)\r\n"
+              "Microsoft (R) Optimizing Compiler : c : 18.0.20806.0 : MSVCRTD.lib [MD5] (_newmode.obj,atonexit.obj,chandler4gs.obj,cinitexe.obj,fp8.obj,gs_cookie.obj,gs_report.obj,gs_support.obj,loadcfg.obj,merr.obj,natstart.obj,pesect.obj,secchk.obj,wcrtexew.obj,wdllargv.obj,wildcard.obj,xncommod.obj,xthdloc.obj,xtxtmode.obj)\r\nMicrosoft (R) Optimizing Compiler : cxx : 18.0.20806.0 : atls.lib [MD5] (atlbase.obj)\r\nMicrosoft (R) Optimizing Compiler : cxx : 18.0.20806.0 : MSVCRTD.lib [MD5] (ehvecdtr.obj,error.obj,init.obj,initsect.obj,pdblkup.obj,stack.obj,ti_inst.obj,unhandld.obj,userapi.obj)\r\n"
             ]
           },
           "locations": [
@@ -55,7 +55,7 @@
             "id": "Error_NativeWithInsecureDirectCompilands",
             "arguments": [
               "Native_x86_VS2013_Default.exe",
-              "Microsoft (R) Optimizing Compiler : cxx : 18.0.21005.1 : [directly linked] [MD5] (Native_x86_VS2013_Default.obj,stdafx.obj)\r\n"
+              "Microsoft (R) Optimizing Compiler : cxx : 18.0.21005.1 : [directly linked] [MD5] (Native_x86_VS2013_Default.obj)\r\n"
             ]
           },
           "locations": [

src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/Expected/Native_x86_VS2015_Default.exe.sarif

@@ -55,7 +55,7 @@
             "id": "Error_NativeWithInsecureDirectCompilands",
             "arguments": [
               "Native_x86_VS2015_Default.exe",
-              "Microsoft (R) Optimizing Compiler : cxx : 19.0.23026.0 : [directly linked] [MD5] (Native_x86_VS2015_Default.obj,stdafx.obj)\r\n"
+              "Microsoft (R) Optimizing Compiler : cxx : 19.0.23026.0 : [directly linked] [MD5] (Native_x86_VS2015_Default.obj)\r\n"
             ]
           },
           "locations": [

src/Test.FunctionalTests.BinSkim.Driver/BaselineTestData/Expected/Native_x86_VS2015_Default_Debug.dll.sarif

@@ -55,7 +55,7 @@
             "id": "Error_NativeWithInsecureDirectCompilands",
             "arguments": [
               "Native_x86_VS2015_Default_Debug.dll",
-              "Microsoft (R) Optimizing Compiler : cxx : 19.0.24215.1 : [directly linked] [MD5] (dllmain.obj,Native_x86_VS2015_Default_Debug.obj,stdafx.obj)\r\n"
+              "Microsoft (R) Optimizing Compiler : cxx : 19.0.24215.1 : [directly linked] [MD5] (dllmain.obj,Native_x86_VS2015_Default_Debug.obj)\r\n"
             ]
           },
           "locations": [