Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
C
cwe_checker
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
fact-depend
cwe_checker
Commits
066be5de
Commit
066be5de
authored
Feb 21, 2019
by
Thomas Barabosch
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fixed many issues due to pre-commit
parent
75c0712e
Hide whitespace changes
Inline
Side-by-side
Showing
13 changed files
with
191 additions
and
67 deletions
+191
-67
config.json
src/config.json
+178
-56
test_cwe190.py
test/acceptance/test_cwe190.py
+1
-1
test_cwe215.py
test/acceptance/test_cwe215.py
+2
-1
test_cwe243.py
test/acceptance/test_cwe243.py
+1
-0
test_cwe248.py
test/acceptance/test_cwe248.py
+1
-1
test_cwe332.py
test/acceptance/test_cwe332.py
+1
-1
test_cwe367.py
test/acceptance/test_cwe367.py
+1
-1
test_cwe426.py
test/acceptance/test_cwe426.py
+1
-1
test_cwe457.py
test/acceptance/test_cwe457.py
+1
-1
test_cwe467.py
test/acceptance/test_cwe467.py
+1
-1
test_cwe476.py
test/acceptance/test_cwe476.py
+1
-1
test_cwe676.py
test/acceptance/test_cwe676.py
+1
-1
test_cwe782.py
test/acceptance/test_cwe782.py
+1
-1
No files found.
src/config.json
View file @
066be5de
{
"CWE190"
:
{
"symbols"
:
[
"xmalloc"
,
"malloc"
,
"realloc"
]
},
"CWE215"
:
{
"symbols"
:
[]
},
"CWE243"
:
{
"pairs"
:
[[
"chroot"
,
"chdir"
],
[
"chdir"
,
"chroot"
,
"setresuid"
],
[
"chdir"
,
"chroot"
,
"seteuid"
],
[
"chdir"
,
"chroot"
,
"setreuid"
],
[
"chdir"
,
"chroot"
,
"setuid"
]],
"_comment"
:
"valid chroot pathes according to http://www.unixwiz.net/techtips/chroot-practices.html"
},
"CWE248"
:
{
"symbols"
:
[]
},
"CWE332"
:
{
"pairs"
:
[[
"srand"
,
"rand"
]]
},
"CWE367"
:
{
"pairs"
:
[[
"access"
,
"open"
]]
},
"CWE426"
:
{
"symbols"
:
[
"setresgid"
,
"setresuid"
,
"setuid"
,
"setgid"
,
"seteuid"
,
"setegid"
],
"_comment"
:
"functions that change/drop privileges"
},
"CWE457"
:
{
"symbols"
:
[]
},
"CWE467"
:
{
"symbols"
:
[
"strncmp"
,
"malloc"
,
"alloca"
,
"_alloca"
,
"strncat"
,
"wcsncat"
,
"strncpy"
,
"wcsncpy"
,
"stpncpy"
,
"wcpncpy"
,
"memcpy"
,
"wmemcpy"
,
"memmove"
,
"wmemmove"
,
"memcmp"
,
"wmemcmp"
],
"_comment"
:
"any function that takes something of type size_t could be a possible candidate."
},
"CWE476"
:
{
"symbols"
:
[
"malloc"
,
"calloc"
,
"realloc"
,
"getenv"
,
"bsearch"
,
"setlocale"
,
"tmpfile"
,
"tmpnam"
,
"fopen"
,
"freopen"
,
"fgets"
,
"memchr"
,
"strchr"
,
"strpbrk"
,
"strrchr"
,
"strstr"
,
"strtok"
,
"fgetws"
,
"wcschr"
,
"wcspbrk"
,
"wcsrchr"
,
"wcsstr"
,
"wcstok"
,
"wmemchr"
],
"_comment"
:
"any function that possibly returns a NULL value."
,
"_comment1"
:
"included functions of the following libs: stdlib.h, locale.h, stdio.h, cstring.h, wchar.h"
},
"CWE676"
:
{
"_comment"
:
"https://github.com/01org/safestringlib/wiki/SDL-List-of-Banned-Functions"
,
"symbols"
:
[
"alloca"
,
"_alloca"
,
"scanf"
,
"wscanf"
,
"sscanf"
,
"swscanf"
,
"vscanf"
,
"vsscanf"
,
"strlen"
,
"wcslen"
,
"strtok"
,
"strtok_r"
,
"wcstok"
,
"strcat"
,
"strncat"
,
"wcscat"
,
"wcsncat"
,
"strcpy"
,
"strncpy"
,
"wcscpy"
,
"wcsncpy"
,
"stpcpy"
,
"stpncpy"
,
"wcpcpy"
,
"wcpncpy"
,
"memcpy"
,
"wmemcpy"
,
"memmove"
,
"wmemmove"
,
"memcmp"
,
"wmemcmp"
,
"memset"
,
"wmemset"
,
"gets"
,
"sprintf"
,
"vsprintf"
,
"swprintf"
,
"vswprintf"
,
"snprintf"
,
"vsnprintf"
,
"realpath"
,
"getwd"
,
"wctomb"
,
"wcrtomb"
,
"wcstombs"
,
"wcsrtombs"
,
"wcsnrtombs"
]
},
"CWE782"
:
{
"symbols"
:
[]
}
"CWE190"
:
{
"symbols"
:
[
"xmalloc"
,
"malloc"
,
"realloc"
]
},
"CWE215"
:
{
"symbols"
:
[]
},
"CWE243"
:
{
"_comment"
:
"valid chroot pathes according to http://www.unixwiz.net/techtips/chroot-practices.html"
,
"pairs"
:
[
[
"chroot"
,
"chdir"
],
[
"chdir"
,
"chroot"
,
"setresuid"
],
[
"chdir"
,
"chroot"
,
"seteuid"
],
[
"chdir"
,
"chroot"
,
"setreuid"
],
[
"chdir"
,
"chroot"
,
"setuid"
]
]
},
"CWE248"
:
{
"symbols"
:
[]
},
"CWE332"
:
{
"pairs"
:
[
[
"srand"
,
"rand"
]
]
},
"CWE367"
:
{
"pairs"
:
[
[
"access"
,
"open"
]
]
},
"CWE426"
:
{
"_comment"
:
"functions that change/drop privileges"
,
"symbols"
:
[
"setresgid"
,
"setresuid"
,
"setuid"
,
"setgid"
,
"seteuid"
,
"setegid"
]
},
"CWE457"
:
{
"symbols"
:
[]
},
"CWE467"
:
{
"_comment"
:
"any function that takes something of type size_t could be a possible candidate."
,
"symbols"
:
[
"strncmp"
,
"malloc"
,
"alloca"
,
"_alloca"
,
"strncat"
,
"wcsncat"
,
"strncpy"
,
"wcsncpy"
,
"stpncpy"
,
"wcpncpy"
,
"memcpy"
,
"wmemcpy"
,
"memmove"
,
"wmemmove"
,
"memcmp"
,
"wmemcmp"
]
},
"CWE476"
:
{
"_comment"
:
"any function that possibly returns a NULL value."
,
"_comment1"
:
"included functions of the following libs: stdlib.h, locale.h, stdio.h, cstring.h, wchar.h"
,
"symbols"
:
[
"malloc"
,
"calloc"
,
"realloc"
,
"getenv"
,
"bsearch"
,
"setlocale"
,
"tmpfile"
,
"tmpnam"
,
"fopen"
,
"freopen"
,
"fgets"
,
"memchr"
,
"strchr"
,
"strpbrk"
,
"strrchr"
,
"strstr"
,
"strtok"
,
"fgetws"
,
"wcschr"
,
"wcspbrk"
,
"wcsrchr"
,
"wcsstr"
,
"wcstok"
,
"wmemchr"
]
},
"CWE676"
:
{
"_comment"
:
"https://github.com/01org/safestringlib/wiki/SDL-List-of-Banned-Functions"
,
"symbols"
:
[
"alloca"
,
"_alloca"
,
"scanf"
,
"wscanf"
,
"sscanf"
,
"swscanf"
,
"vscanf"
,
"vsscanf"
,
"strlen"
,
"wcslen"
,
"strtok"
,
"strtok_r"
,
"wcstok"
,
"strcat"
,
"strncat"
,
"wcscat"
,
"wcsncat"
,
"strcpy"
,
"strncpy"
,
"wcscpy"
,
"wcsncpy"
,
"stpcpy"
,
"stpncpy"
,
"wcpcpy"
,
"wcpncpy"
,
"memcpy"
,
"wmemcpy"
,
"memmove"
,
"wmemmove"
,
"memcmp"
,
"wmemcmp"
,
"me
\u
200bmset"
,
"wmemset"
,
"gets"
,
"sprintf
\u
200b"
,
"vsprintf"
,
"swprintf"
,
"vswprintf"
,
"snprintf"
,
"vsnprintf"
,
"realpath"
,
"getwd"
,
"wctomb"
,
"wcrtomb"
,
"wcstombs"
,
"wcsrtombs"
,
"wcsnrtombs"
]
},
"CWE782"
:
{
"symbols"
:
[]
}
}
test/acceptance/test_cwe190.py
View file @
066be5de
import
unittest
import
cwe_checker_testlib
class
TestCwe190
(
unittest
.
TestCase
):
def
setUp
(
self
):
...
...
@@ -32,4 +33,3 @@ class TestCwe190(unittest.TestCase):
expect_res
=
3
res
=
cwe_checker_testlib
.
execute_and_check_occurence
(
self
.
target
,
self
.
target
,
'ppc'
,
self
.
string
)
assert
res
==
expect_res
test/acceptance/test_cwe215.py
View file @
066be5de
import
unittest
import
cwe_checker_testlib
class
TestCwe215
(
unittest
.
TestCase
):
def
setUp
(
self
):
...
...
@@ -31,4 +32,4 @@ class TestCwe215(unittest.TestCase):
def
test_cwe215_01_mips
(
self
):
expect_res
=
1
res
=
cwe_checker_testlib
.
execute_and_check_occurence
(
self
.
filename
,
self
.
target
,
'mips'
,
self
.
string
)
assert
res
==
expect_res
assert
res
==
expect_res
test/acceptance/test_cwe243.py
View file @
066be5de
import
unittest
import
cwe_checker_testlib
class
TestCwe243
(
unittest
.
TestCase
):
def
setUp
(
self
):
...
...
test/acceptance/test_cwe248.py
View file @
066be5de
import
unittest
import
cwe_checker_testlib
class
TestCwe248
(
unittest
.
TestCase
):
def
setUp
(
self
):
...
...
@@ -33,4 +34,3 @@ class TestCwe248(unittest.TestCase):
expect_res
=
2
res
=
cwe_checker_testlib
.
execute_and_check_occurence
(
self
.
target
,
self
.
target
,
'ppc'
,
self
.
string
)
assert
res
==
expect_res
test/acceptance/test_cwe332.py
View file @
066be5de
import
unittest
import
cwe_checker_testlib
class
TestCwe332
(
unittest
.
TestCase
):
def
setUp
(
self
):
...
...
@@ -32,4 +33,3 @@ class TestCwe332(unittest.TestCase):
expect_res
=
1
res
=
cwe_checker_testlib
.
execute_and_check_occurence
(
self
.
target
,
self
.
target
,
'ppc'
,
self
.
string
)
assert
res
==
expect_res
test/acceptance/test_cwe367.py
View file @
066be5de
import
unittest
import
cwe_checker_testlib
class
TestCwe367
(
unittest
.
TestCase
):
def
setUp
(
self
):
...
...
@@ -32,4 +33,3 @@ class TestCwe367(unittest.TestCase):
expect_res
=
1
res
=
cwe_checker_testlib
.
execute_and_check_occurence
(
self
.
target
,
self
.
target
,
'ppc'
,
self
.
string
)
assert
res
==
expect_res
test/acceptance/test_cwe426.py
View file @
066be5de
import
unittest
import
cwe_checker_testlib
class
TestCwe426
(
unittest
.
TestCase
):
def
setUp
(
self
):
...
...
@@ -33,4 +34,3 @@ class TestCwe426(unittest.TestCase):
expect_res
=
1
res
=
cwe_checker_testlib
.
execute_and_check_occurence
(
self
.
target
,
self
.
target
,
'ppc'
,
self
.
string
)
assert
res
==
expect_res
test/acceptance/test_cwe457.py
View file @
066be5de
import
unittest
import
cwe_checker_testlib
class
TestCwe457
(
unittest
.
TestCase
):
def
setUp
(
self
):
...
...
@@ -36,4 +37,3 @@ class TestCwe457(unittest.TestCase):
expect_res
=
1
res
=
cwe_checker_testlib
.
execute_and_check_occurence
(
self
.
target
,
self
.
target
,
'ppc'
,
self
.
string
)
assert
res
==
expect_res
test/acceptance/test_cwe467.py
View file @
066be5de
import
unittest
import
cwe_checker_testlib
class
TestCwe467
(
unittest
.
TestCase
):
def
setUp
(
self
):
...
...
@@ -33,4 +34,3 @@ class TestCwe467(unittest.TestCase):
expect_res
=
2
res
=
cwe_checker_testlib
.
execute_and_check_occurence
(
self
.
target
,
self
.
target
,
'ppc'
,
self
.
string
)
assert
res
==
expect_res
test/acceptance/test_cwe476.py
View file @
066be5de
import
unittest
import
cwe_checker_testlib
class
TestCwe476
(
unittest
.
TestCase
):
def
setUp
(
self
):
...
...
@@ -33,4 +34,3 @@ class TestCwe476(unittest.TestCase):
expect_res
=
1
res
=
cwe_checker_testlib
.
execute_and_check_occurence
(
self
.
target
,
self
.
target
,
'ppc'
,
self
.
string
)
assert
res
==
expect_res
test/acceptance/test_cwe676.py
View file @
066be5de
import
unittest
import
cwe_checker_testlib
class
TestCwe676
(
unittest
.
TestCase
):
def
setUp
(
self
):
...
...
@@ -32,4 +33,3 @@ class TestCwe676(unittest.TestCase):
expect_res
=
1
res
=
cwe_checker_testlib
.
execute_and_check_occurence
(
self
.
target
,
self
.
target
,
'ppc'
,
self
.
string
)
assert
res
==
expect_res
test/acceptance/test_cwe782.py
View file @
066be5de
import
unittest
import
cwe_checker_testlib
class
TestCwe782
(
unittest
.
TestCase
):
def
setUp
(
self
):
...
...
@@ -11,4 +12,3 @@ class TestCwe782(unittest.TestCase):
expect_res
=
1
res
=
cwe_checker_testlib
.
execute_and_check_occurence
(
self
.
target
,
self
.
target
,
'x64'
,
self
.
string
)
assert
res
==
expect_res
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment