From 57e69dfc7e3da06087be054708a3c215f2bc2005 Mon Sep 17 00:00:00 2001
From: Keno Hassler <40292329+kenohassler@users.noreply.github.com>
Date: Thu, 7 Mar 2024 16:44:47 +0000
Subject: [PATCH] make source path relative for FlawFinder

---
 .../static_analysis/sast/src/sfa/analysis/tool_runner.py | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/sast-fuzz/static_analysis/sast/src/sfa/analysis/tool_runner.py b/sast-fuzz/static_analysis/sast/src/sfa/analysis/tool_runner.py
index 4662050..a80b891 100644
--- a/sast-fuzz/static_analysis/sast/src/sfa/analysis/tool_runner.py
+++ b/sast-fuzz/static_analysis/sast/src/sfa/analysis/tool_runner.py
@@ -207,7 +207,14 @@ def _sanity_checks(self, string: str) -> None:
         default_sarif_checks(string)
 
     def _format(self, string: str) -> SASTFlags:
-        return convert_sarif(string)
+        flags = SASTFlags()
+
+        # convert absolute paths to relative ones
+        for flag in convert_sarif(string):
+            file = str(Path(flag.file).relative_to(self._subject_dir))
+            flags.add(SASTFlag(flag.tool, file, flag.line, flag.vuln))
+
+        return flags
 
 
 class SemgrepRunner(SASTToolRunner):