Merge pull request #13 from fkie-cad/pre-commit-

Pre commit 

.pre-commit-config.yaml

+default_stages: [commit, push]
+repos:
+- repo: https://github.com/pre-commit/pre-commit-hooks
+  rev: v2.1.0
+  hooks:
+  - id: check-added-large-files
+    args: [--maxkb=10000]
+
+  - id: check-json
+
+  - id: check-merge-conflict
+
+  - id: check-yaml
+
+  - id: end-of-file-fixer
+    types: [python]
+
+  - id: fix-encoding-pragma
+    args: [--remove]
+
+  - id: flake8
+    args: [--ignore=E501]
+
+  - id: forbid-new-submodules
+
+  - id: no-commit-to-branch
+
+  - id: pretty-format-json
+    args: [--autofix]
+
+  - id: trailing-whitespace
+    types: [python]
+
+-   repo: https://github.com/pryorda/dockerfilelint-precommit-hooks
+    rev: v0.1.0
+    hooks:
+      - id: dockerfilelint

README.md

@@ -61,6 +61,8 @@ bap PATH_TO_BINARY --recipe=recipes/RECIPE_FOLDER_NAME
 *cwe_checker* outputs to stdout. This output is parsable (sexep). There is a script `cwe_checker_to_ida` to visualize the results in IDA Pro.
 ## How to extend cwe_checker? ##
 New plugins should be added to src/checkers. Implement a .ml and .mli file. See the existing modules for an interface description. If necessary add a section to `config.json` to allow users to configure your plugin. Finally, add your plugin to `cwe_checker.ml`.
+
+If you plan to open a PR, please utilize [precommit](https://pre-commit.com) in your development environment to catch many issues before the code review.
 ### Contribute ###
 Contributions are always welcomed. Just fork it and open a pull request!
 ## Acknowledgements ##

src/config.json

 {
   "CWE190": {
-        "symbols": ["xmalloc", "malloc", "realloc"]
+    "symbols": [
+      "xmalloc",
+      "malloc",
+      "realloc"
+    ]
   },
   "CWE215": {
     "symbols": []
   },
   "CWE243": {
-	    "pairs": [["chroot", "chdir"], ["chdir", "chroot", "setresuid"], ["chdir", "chroot", "seteuid"],
-			  ["chdir", "chroot", "setreuid"], ["chdir", "chroot", "setuid"]],
-	    "_comment": "valid chroot pathes according to http://www.unixwiz.net/techtips/chroot-practices.html"
+    "_comment": "valid chroot pathes according to http://www.unixwiz.net/techtips/chroot-practices.html",
+    "pairs": [
+      [
+        "chroot",
+        "chdir"
+      ],
+      [
+        "chdir",
+        "chroot",
+        "setresuid"
+      ],
+      [
+        "chdir",
+        "chroot",
+        "seteuid"
+      ],
+      [
+        "chdir",
+        "chroot",
+        "setreuid"
+      ],
+      [
+        "chdir",
+        "chroot",
+        "setuid"
+      ]
+    ]
   },
   "CWE248": {
     "symbols": []
   },
   "CWE332": {
-	    "pairs": [["srand", "rand"]]
+    "pairs": [
+      [
+        "srand",
+        "rand"
+      ]
+    ]
   },
   "CWE367": {
-	    "pairs": [["access", "open"]]
+    "pairs": [
+      [
+        "access",
+        "open"
+      ]
+    ]
   },
   "CWE426": {
-	    "symbols": ["setresgid", "setresuid", "setuid", "setgid", "seteuid", "setegid"],
-	    "_comment": "functions that change/drop privileges"
+    "_comment": "functions that change/drop privileges",
+    "symbols": [
+      "setresgid",
+      "setresuid",
+      "setuid",
+      "setgid",
+      "seteuid",
+      "setegid"
+    ]
   },
   "CWE457": {
     "symbols": []
   },
   "CWE467": {
-	    "symbols": ["strncmp", "malloc",
-		    "alloca", "_alloca", "strncat", "wcsncat",
-		    "strncpy", "wcsncpy", "stpncpy", "wcpncpy",
-		    "memcpy", "wmemcpy", "memmove", "wmemmove", "memcmp", "wmemcmp"],
-	    "_comment": "any function that takes something of type size_t could be a possible candidate."
+    "_comment": "any function that takes something of type size_t could be a possible candidate.",
+    "symbols": [
+      "strncmp",
+      "malloc",
+      "alloca",
+      "_alloca",
+      "strncat",
+      "wcsncat",
+      "strncpy",
+      "wcsncpy",
+      "stpncpy",
+      "wcpncpy",
+      "memcpy",
+      "wmemcpy",
+      "memmove",
+      "wmemmove",
+      "memcmp",
+      "wmemcmp"
+    ]
   },
   "CWE476": {
-	    "symbols": ["malloc", "calloc", "realloc", "getenv", "bsearch", "setlocale", "tmpfile", "tmpnam",
-		    "fopen", "freopen", "fgets", "memchr", "strchr", "strpbrk", "strrchr", "strstr", "strtok",
-		    "fgetws", "wcschr", "wcspbrk", "wcsrchr", "wcsstr", "wcstok", "wmemchr"],
     "_comment": "any function that possibly returns a NULL value.",
-	    "_comment1": "included functions of the following libs: stdlib.h, locale.h, stdio.h, cstring.h, wchar.h"
+    "_comment1": "included functions of the following libs: stdlib.h, locale.h, stdio.h, cstring.h, wchar.h",
+    "symbols": [
+      "malloc",
+      "calloc",
+      "realloc",
+      "getenv",
+      "bsearch",
+      "setlocale",
+      "tmpfile",
+      "tmpnam",
+      "fopen",
+      "freopen",
+      "fgets",
+      "memchr",
+      "strchr",
+      "strpbrk",
+      "strrchr",
+      "strstr",
+      "strtok",
+      "fgetws",
+      "wcschr",
+      "wcspbrk",
+      "wcsrchr",
+      "wcsstr",
+      "wcstok",
+      "wmemchr"
+    ]
   },
   "CWE676": {
     "_comment": "https://github.com/01org/safestringlib/wiki/SDL-List-of-Banned-Functions",
-	    "symbols": ["alloca", "_alloca",
-                        "scanf", "wscanf", "sscanf", "swscanf", "vscanf", "vsscanf",
-                        "strlen", "wcslen", "strtok", "strtok_r", "wcstok",
-                        "strcat", "strncat", "wcscat", "wcsncat",
-                        "strcpy", "strncpy", "wcscpy", "wcsncpy", "stpcpy", "stpncpy", "wcpcpy", "wcpncpy",
-                        "memcpy", "wmemcpy", "memmove", "wmemmove", "memcmp", "wmemcmp", "me​mset", "wmemset",
-                        "gets", "sprintf​", "vsprintf", "swprintf", "vswprintf", "snprintf", "vsnprintf",
-                        "realpath", "getwd", "wctomb", "wcrtomb", "wcstombs", "wcsrtombs", "wcsnrtombs"]
+    "symbols": [
+      "alloca",
+      "_alloca",
+      "scanf",
+      "wscanf",
+      "sscanf",
+      "swscanf",
+      "vscanf",
+      "vsscanf",
+      "strlen",
+      "wcslen",
+      "strtok",
+      "strtok_r",
+      "wcstok",
+      "strcat",
+      "strncat",
+      "wcscat",
+      "wcsncat",
+      "strcpy",
+      "strncpy",
+      "wcscpy",
+      "wcsncpy",
+      "stpcpy",
+      "stpncpy",
+      "wcpcpy",
+      "wcpncpy",
+      "memcpy",
+      "wmemcpy",
+      "memmove",
+      "wmemmove",
+      "memcmp",
+      "wmemcmp",
+      "memset",
+      "wmemset",
+      "gets",
+      "sprintf",
+      "vsprintf",
+      "swprintf",
+      "vswprintf",
+      "snprintf",
+      "vsnprintf",
+      "realpath",
+      "getwd",
+      "wctomb",
+      "wcrtomb",
+      "wcstombs",
+      "wcsrtombs",
+      "wcsnrtombs"
+    ]
   },
   "CWE782": {
     "symbols": []
   }
-
 }

test/acceptance/test_cwe190.py

 import unittest
 import cwe_checker_testlib
 
+
 class TestCwe190(unittest.TestCase):
 
     def setUp(self):
@@ -32,4 +33,3 @@ class TestCwe190(unittest.TestCase):
         expect_res = 3
         res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
         assert res == expect_res
-    

test/acceptance/test_cwe215.py

 import unittest
 import cwe_checker_testlib
 
+
 class TestCwe215(unittest.TestCase):
 
     def setUp(self):

test/acceptance/test_cwe243.py

 import unittest
 import cwe_checker_testlib
 
+
 class TestCwe243(unittest.TestCase):
 
     def setUp(self):

test/acceptance/test_cwe248.py

 import unittest
 import cwe_checker_testlib
 
+
 class TestCwe248(unittest.TestCase):
 
     def setUp(self):
@@ -33,4 +34,3 @@ class TestCwe248(unittest.TestCase):
         expect_res = 2
         res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
         assert res == expect_res
-    

test/acceptance/test_cwe332.py

 import unittest
 import cwe_checker_testlib
 
+
 class TestCwe332(unittest.TestCase):
 
     def setUp(self):
@@ -32,4 +33,3 @@ class TestCwe332(unittest.TestCase):
         expect_res = 1
         res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
         assert res == expect_res
-    

test/acceptance/test_cwe367.py

 import unittest
 import cwe_checker_testlib
 
+
 class TestCwe367(unittest.TestCase):
 
     def setUp(self):
@@ -32,4 +33,3 @@ class TestCwe367(unittest.TestCase):
         expect_res = 1
         res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
         assert res == expect_res
-    

test/acceptance/test_cwe426.py

 import unittest
 import cwe_checker_testlib
 
+
 class TestCwe426(unittest.TestCase):
 
     def setUp(self):
@@ -33,4 +34,3 @@ class TestCwe426(unittest.TestCase):
         expect_res = 1
         res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
         assert res == expect_res
-    

test/acceptance/test_cwe457.py

 import unittest
 import cwe_checker_testlib
 
+
 class TestCwe457(unittest.TestCase):
 
     def setUp(self):
@@ -36,4 +37,3 @@ class TestCwe457(unittest.TestCase):
         expect_res = 1
         res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
         assert res == expect_res
-    

test/acceptance/test_cwe467.py

 import unittest
 import cwe_checker_testlib
 
+
 class TestCwe467(unittest.TestCase):
 
     def setUp(self):
@@ -33,4 +34,3 @@ class TestCwe467(unittest.TestCase):
         expect_res = 2
         res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
         assert res == expect_res
-    

test/acceptance/test_cwe476.py

 import unittest
 import cwe_checker_testlib
 
+
 class TestCwe476(unittest.TestCase):
 
     def setUp(self):
@@ -33,4 +34,3 @@ class TestCwe476(unittest.TestCase):
         expect_res = 1
         res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
         assert res == expect_res
-    

test/acceptance/test_cwe676.py

 import unittest
 import cwe_checker_testlib
 
+
 class TestCwe676(unittest.TestCase):
 
     def setUp(self):
@@ -32,4 +33,3 @@ class TestCwe676(unittest.TestCase):
         expect_res = 1
         res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
         assert res == expect_res
-    

test/acceptance/test_cwe782.py

 import unittest
 import cwe_checker_testlib
 
+
 class TestCwe782(unittest.TestCase):
 
     def setUp(self):
@@ -11,4 +12,3 @@ class TestCwe782(unittest.TestCase):
         expect_res = 1
         res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', self.string)
         assert res == expect_res
-