microsoft · michaelcfanning · Mar 29, 2024 · Feb 29, 2024 · Feb 29, 2024 · Mar 29, 2024
@@ -17,7 +17,8 @@
 ## UNRELEASED
 * DEP: Update `Sarif.Sdk` submodule from [bc8cb57 to fd6e615](https://github.com/microsoft/sarif-sdk/compare/bc8cb57...fd6e615). Reference [SARIF SDK Release History](https://github.com/microsoft/sarif-sdk/blob/fd6e615/ReleaseHistory.md).
 * NEW: Add `--disable-telemetry` argument to disable telemetry collection.
-* BUG: Fix `ERR998.ExceptionInAnalyze`: `InvalidOperationException: Unrecognized crypto HRESULT: 0x80096011` for check `BA2022.SignSecurely` when the signature is malformed, by adding missing error code to error description mappings. [969](https://github.com/microsoft/binskim/pull/969)
+* BUG: Fix `ERR998.ExceptionInAnalyze`: `InvalidOperationException: Unrecognized crypto HRESULT: 0x80096011` for check `BA2022.SignSecurely` when the signature is malformed, by adding missing error code to error description mappings. [969](https://github.com/microsoft/binskim/pull/969).
+* BUG: Fix `BA2027.EnableSourceLink` unexpectedly causes `ExceptionLoadingPdb` error when the PDB file is missing. [988](https://github.com/microsoft/binskim/pull/988).
 
 ## **v4.2.1**
 * FPS: `BA2004.EnableSecureSourceCodeHashing` now will no longer generate false positives on precompiled headers, they are always without hash. [#965](https://github.com/microsoft/binskim/pull/965)

@@ -1,7 +1,6 @@
 // Copyright (c) Microsoft. All rights reserved.
 // Licensed under the MIT license. See LICENSE file in the project root for full license information.
 
-using System;
 using System.Collections.Generic;
 using System.Composition;
 using System.Linq;
@@ -22,6 +21,8 @@ public class EnableSourceLink : WindowsBinaryAndPdbSkimmerBase
         /// </summary>
         public override string Id => RuleIds.EnableSourceLink;
 
+        public override bool LogPdbLoadException => false;
+
         /// <summary>
         /// Enable SourceLink.
         /// </summary>
@@ -66,6 +67,14 @@ public override AnalysisApplicability CanAnalyzePE(PEBinary target, BinaryAnalyz
 
         public override void AnalyzePortableExecutableAndPdb(BinaryAnalyzerContext context)
         {
+            PEBinary target = context.PEBinary();
+            Pdb pdb = target.Pdb;
+
+            if (pdb == null)
+            {
+                return;
+            }
+
             if (!HasSourceLink(context))
             {
                 // The PDB for '{0}' does not contain SourceLink information, compromising

@@ -111,7 +111,7 @@ public void AnalyzeCommand_DeterminismTest()
 
             WindowsBinaryAndPdbSkimmerBase.s_PdbExceptions.Clear();
             string fileName = Path.Combine(Path.GetTempPath(), "AnalyzeCommand_DeterminismTest.sarif");
-            string pathDeterminismTest = Path.Combine(PEBinaryTests.TestData, "PE", "Determinism", "*.dll");
+            string pathDeterminismTest = Path.Combine(PEBinaryTests.TestData, "PE", "Determinism", "*.exe");
             var options = new AnalyzeOptions
             {
                 TargetFileSpecifiers = new string[] {

@@ -0,0 +1,66 @@
+// Copyright (c) Microsoft. All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information.
+
+using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Linq;
+using System.Reflection;
+
+using FluentAssertions;
+
+using Xunit;
+
+namespace Microsoft.CodeAnalysis.IL.Rules
+{
+    public class RulePropertyTests
+    {
+        private static readonly string[] ExpectedLogPdbLoadExceptionRules = new string[]
+        {
+            "BA2002.DoNotIncorporateVulnerableDependencies",
+            "BA2006.BuildWithSecureTools",
+            "BA2007.EnableCriticalCompilerWarnings",
+            "BA2011.EnableStackProtection",
+            "BA2013.InitializeStackProtection",
+            "BA2014.DoNotDisableStackProtectionForFunctions",
+            "BA2024.EnableSpectreMitigations",
+            "BA2025.EnableShadowStack",
+            "BA2026.EnableMicrosoftCompilerSdlSwitch",
+            "BA6001.DisableIncrementalLinkingInReleaseBuilds",
+            "BA6002.EliminateDuplicateStrings",
+            "BA6004.EnableComdatFolding",
+            "BA6005.EnableOptimizeReferences",
+            "BA6006.EnableLinkTimeCodeGeneration"
+        };
+
+        [Fact]
+        public void RulePropertyTests_LogPdbLoadException()
+        {
+            WindowsBinaryAndPdbSkimmerBase[] skimmers =
+                GetAllWindowsBinaryAndPdbSkimmers("BinSkim.Rules.dll");
+            IEnumerable<WindowsBinaryAndPdbSkimmerBase> actualLogPdbLoadExceptionRules =
+                skimmers.Where(s => s.LogPdbLoadException);
+            IEnumerable<WindowsBinaryAndPdbSkimmerBase> unexpectedLogPdbLoadExceptionRules =
+                actualLogPdbLoadExceptionRules.Where(s => !ExpectedLogPdbLoadExceptionRules.Contains(s.Moniker));
+
+            if (unexpectedLogPdbLoadExceptionRules.Any())
+            {
+                Assert.Fail(string.Format("Please examine if the following rules should enable 'LogPdbLoadException': {0}",
+                                          string.Join(", ", unexpectedLogPdbLoadExceptionRules.Select(skimmer => skimmer.Moniker))));
+            }
+        }
+
+        private static WindowsBinaryAndPdbSkimmerBase[] GetAllWindowsBinaryAndPdbSkimmers(string rulesAssemblyName)
+        {
+            string directory = AppDomain.CurrentDomain.BaseDirectory;
+            string assemblyPath = Path.Combine(directory, rulesAssemblyName);
+            var assembly = Assembly.LoadFrom(assemblyPath);
+            Type[] assemblyTypes = assembly.GetTypes();
+            IEnumerable<Type> inheritanceTypes =
+                assemblyTypes.Where(t => t.BaseType == typeof(WindowsBinaryAndPdbSkimmerBase));
+            IEnumerable<WindowsBinaryAndPdbSkimmerBase> instances =
+                inheritanceTypes.Select(t => (WindowsBinaryAndPdbSkimmerBase)Activator.CreateInstance(t));
+            return instances.ToArray();
+        }
+    }
+}