Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
C
cwe_checker
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
fact-depend
cwe_checker
Commits
31d8a219
Unverified
Commit
31d8a219
authored
Feb 14, 2020
by
Melvin Klimke
Committed by
GitHub
Feb 14, 2020
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
switched from readelf to objdump in cwe_215.ml and cconv.ml. (#51)
parent
f2aa97ea
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
13 additions
and
9 deletions
+13
-9
cwe_215.ml
src/checkers/cwe_215.ml
+2
-2
cconv.ml
src/utils/cconv.ml
+11
-7
No files found.
src/checkers/cwe_215.ml
View file @
31d8a219
...
@@ -23,11 +23,11 @@ let version = "0.1"
...
@@ -23,11 +23,11 @@ let version = "0.1"
let
check_cwe
_
project
_
_
_
=
let
check_cwe
_
project
_
_
_
=
match
Project
.
get
project
filename
with
match
Project
.
get
project
filename
with
|
Some
fname
->
begin
|
Some
fname
->
begin
let
cmd
=
Format
.
sprintf
"
readelf --debug-dump
=decodedline %s | grep CU"
fname
in
let
cmd
=
Format
.
sprintf
"
objdump --dwarf
=decodedline %s | grep CU"
fname
in
try
try
let
in_chan
=
Unix
.
open_process_in
cmd
in
let
in_chan
=
Unix
.
open_process_in
cmd
in
In_channel
.
input_lines
in_chan
|>
List
.
iter
~
f
:
(
fun
l
->
In_channel
.
input_lines
in_chan
|>
List
.
iter
~
f
:
(
fun
l
->
let
description
=
sprintf
"(Information Exposure Through Debug Information) %s"
l
in
let
description
=
sprintf
"(Information Exposure Through Debug Information) %s"
l
in
let
cwe_warning
=
cwe_warning_factory
name
version
description
~
symbols
:
[
l
]
in
let
cwe_warning
=
cwe_warning_factory
name
version
description
~
symbols
:
[
l
]
in
collect_cwe_warning
cwe_warning
)
collect_cwe_warning
cwe_warning
)
...
...
src/utils/cconv.ml
View file @
31d8a219
...
@@ -94,7 +94,7 @@ let is_return_register (var: Var.t) (project: Project.t) : Bool.t =
...
@@ -94,7 +94,7 @@ let is_return_register (var: Var.t) (project: Project.t) : Bool.t =
Option
.
is_some
(
List
.
find
ret_register
~
f
:
(
String
.
equal
(
Var
.
name
var
)))
Option
.
is_some
(
List
.
find
ret_register
~
f
:
(
String
.
equal
(
Var
.
name
var
)))
(** Parse a line from the dyn-syms output table of readelf. Return the name of a symbol if the symbol is an extern function name. *)
(** Parse a line from the dyn-syms output table of readelf. Return the name of a symbol if the symbol is an extern function name. *)
let
parse_dyn_sym_line
line
=
let
parse_dyn_sym_line
(
line
:
string
)
:
string
option
=
let
line
=
ref
(
String
.
strip
line
)
in
let
line
=
ref
(
String
.
strip
line
)
in
let
str_list
=
ref
[]
in
let
str_list
=
ref
[]
in
while
Option
.
is_some
(
String
.
rsplit2
!
line
~
on
:
'
'
)
do
while
Option
.
is_some
(
String
.
rsplit2
!
line
~
on
:
'
'
)
do
...
@@ -104,10 +104,14 @@ let parse_dyn_sym_line line =
...
@@ -104,10 +104,14 @@ let parse_dyn_sym_line line =
done
;
done
;
str_list
:=
!
line
::
!
str_list
;
str_list
:=
!
line
::
!
str_list
;
match
!
str_list
with
match
!
str_list
with
|
_
::
value
::
_
::
"FUNC"
::
_
::
_
::
_
::
name
::
_
->
begin
|
value
::
func1
::
func2
::
_
->
begin
match
(
String
.
strip
~
drop
:
(
fun
x
->
x
=
'
0
'
)
value
,
String
.
lsplit2
name
~
on
:
'
@
'
)
with
match
(
String
.
strip
~
drop
:
(
fun
x
->
x
=
'
0
'
)
value
)
with
|
(
""
,
Some
(
left
,
_
))
->
Some
(
left
)
|
""
->
begin
|
(
""
,
None
)
->
Some
(
name
)
if
(
String
.
equal
func1
"DF"
||
String
.
equal
func2
"DF"
)
then
(
List
.
last
!
str_list
)
else
None
end
|
_
->
None
(* The symbol has a nonzero value, so we assume that it is not an extern function symbol. *)
|
_
->
None
(* The symbol has a nonzero value, so we assume that it is not an extern function symbol. *)
end
end
|
_
->
None
|
_
->
None
...
@@ -119,13 +123,13 @@ let parse_dyn_syms project =
...
@@ -119,13 +123,13 @@ let parse_dyn_syms project =
match
Project
.
get
project
filename
with
match
Project
.
get
project
filename
with
|
None
->
failwith
"[CWE-checker] Project has no file name."
|
None
->
failwith
"[CWE-checker] Project has no file name."
|
Some
(
fname
)
->
begin
|
Some
(
fname
)
->
begin
let
cmd
=
Format
.
sprintf
"
readelf --dyn
-syms %s"
fname
in
let
cmd
=
Format
.
sprintf
"
objdump --dynamic
-syms %s"
fname
in
try
try
let
in_chan
=
Unix
.
open_process_in
cmd
in
let
in_chan
=
Unix
.
open_process_in
cmd
in
let
lines
=
In_channel
.
input_lines
in_chan
in
let
lines
=
In_channel
.
input_lines
in_chan
in
let
()
=
In_channel
.
close
in_chan
in
begin
let
()
=
In_channel
.
close
in_chan
in
begin
match
lines
with
match
lines
with
|
_
::
_
::
_
::
tail
->
(* The first three
lines are not part of the table *)
|
_
::
_
::
_
::
_
::
tail
->
(* The first four
lines are not part of the table *)
let
symbol_set
=
String
.
Set
.
of_list
(
List
.
filter_map
tail
~
f
:
parse_dyn_sym_line
)
in
let
symbol_set
=
String
.
Set
.
of_list
(
List
.
filter_map
tail
~
f
:
parse_dyn_sym_line
)
in
dyn_syms
:=
Some
(
symbol_set
);
dyn_syms
:=
Some
(
symbol_set
);
symbol_set
symbol_set
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment