nasl-pedant 0.0.3 → 0.0.4

data/lib/pedant/command.rb

@@ -1,5 +1,5 @@
 ################################################################################
-# Copyright (c) 2011, Mak Kolybabi
+# Copyright (c) 2011-2014, Tenable Network Security
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -38,6 +38,10 @@ module Pedant
       all << cls
     end
 
+    def self.list
+      all.map{ |cls| cls.binding }.sort
+    end
+
     def self.find(cmd)
       all.each do |cls|
         return cls if cls.binding == cmd
@@ -61,36 +65,19 @@ module Pedant
       left + middle + right
     end
 
-    def self.run(cfg, args)
-      # Separate plugins and libraries from the rest of the arguments.
-      paths = args.select { |arg| arg =~ /(\/|\.(inc|nasl))$/ }
-      args -= paths
-
-      # If we have no paths to process, there's a problem. Special purpose
-      # commands that don't require files to be declared should override this
-      # method.
-      if paths.empty?
-        puts "No directories (/), libraries (.inc), or plugins (.nasl) were specified."
-        exit 1
-      end
+    def self.run(opts, args)
+      # Parse the command's arguments.
+      opts, args = optparse(opts, args)
 
-      # Collect all the paths together, recursively.
-      dirents = []
-      paths.each do |path|
-        Pathname.new(path).find do |dirent|
-          if dirent.file? && dirent.extname =~ /inc|nasl/
-            dirents << dirent
-          end
-        end
-      end
+      # Run the command.
+      self.run_all(opts, args)
+    end
 
-      # If the command is capable of handling all the paths at once, send them
-      # in a group, otherwise send them individually.
-      if self.respond_to? :analyze_all then
-        analyze_all(cfg, dirents, args)
-      else
-        dirents.each { |d| analyze(cfg, d, args) }
-      end
+    def self.usage(msg)
+      puts Rainbow(msg).color(:red)
+      puts
+      puts help
+      exit 1
     end
   end
 end

data/lib/pedant/commands/check.rb

@@ -1,5 +1,5 @@
 ################################################################################
-# Copyright (c) 2011, Mak Kolybabi
+# Copyright (c) 2011-2014, Tenable Network Security
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -24,17 +24,116 @@
 # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 ################################################################################
 
+require 'set'
+
 module Pedant
   class CommandCheck < Command
     def self.binding
       'check'
     end
 
-    def self.analyze(cfg, path, args)
+    def self.help
+      @@optparse.to_s
+    end
+
+    def self.optparse(options, args)
+      options[:checks] = Set.new
+
+      @@optparse = OptionParser.new do |opts|
+        opts.banner = "Usage: pedant [global-options] #{binding} [command-options] [args]"
+
+        opts.separator ""
+        opts.separator "Input formats:"
+
+        opts.on('-f', '--filesystem', 'Read input from the filesystem.') do
+          options[:input_mode] = :filesystem
+        end
+
+        opts.on('-g', '--git', 'Read input from a Git repository.') do
+          options[:input_mode] = :git
+        end
+
+        opts.separator ""
+        opts.separator "Output formats:"
+
+        opts.on('-e', '--email', 'Output in a form suitable for an email.') do
+          options[:output_mode] = :email
+        end
+
+        opts.on('-t', '--terminal', 'Output in a form suitable for a terminal.') do
+          options[:output_mode] = :terminal
+        end
+
+        opts.separator ""
+        opts.separator "Common operations:"
+
+        opts.on('-c=NAME', '--check=NAME', 'Run only the check named, and its dependencies.') do |name|
+          # Unmangle class name and be very forgiving.
+          name = "Check" + name.gsub(/[-._ ]/, '')
+
+          begin
+            cls = Pedant.const_get(name)
+          rescue NameError => e
+            usage(e.message)
+          end
+
+          options[:checks] << cls
+        end
+
+        opts.on('-h', '--help', 'Display this help screen.') do
+          puts opts
+          exit 1
+        end
+
+        opts.on('-l', '--list', 'List the available checks.') do
+          puts Check.list
+          exit 0
+        end
+      end
+
+      # Load all of the checks.
       Check.initialize!
 
-      # Get a list of every existing check.
-      pending = Check.all
+      @@optparse.order!(args)
+
+      return options, args
+    end
+
+    def self.run_all(opts, args)
+      # Separate plugins and libraries from the rest of the arguments.
+      paths = args.select { |a| a =~ /(\/|\.(inc|nasl))$/ }
+      args -= paths
+
+      # If we have paths that aren't acceptable, there's a problem.
+      usage("One or more unacceptable files were specified.") unless args.empty?
+
+      # If we have no paths to process, there's a problem.
+      usage("No directories (/), libraries (.inc), or plugins (.nasl) were specified.") if paths.empty?
+
+      # Collect all the paths together, recursively.
+      dirents = []
+      paths.each do |path|
+        begin
+          Pathname.new(path).find do |dirent|
+            if dirent.file? && dirent.extname =~ /inc|nasl/
+              dirents << dirent
+            end
+          end
+        rescue SystemCallError => e
+          usage(e.message)
+        end
+      end
+
+      dirents.each { |d| run_one(opts, d) }
+    end
+
+    def self.run_one(opts, path)
+      # Get a list of the checks we're going to be running.
+      if not opts[:checks].empty?
+        pending = opts[:checks].to_a
+      else
+        pending = Check.all
+      end
 
       # Initialize the knowledge base where checks can store information for
       # other checks.
@@ -63,14 +162,14 @@ module Pedant
           end
 
           # Display the results of the check.
-          puts chk.report(cfg[:verbose])
+          puts chk.report(opts[:verbosity])
         end
       end
 
       # Notify the user if any checks did not run due to unsatisfied
       # dependencies or a fatal error occurring before they had the chance to
       # run.
-      pending.each { |cls| puts cls.new(kb).report(cfg[:verbose]) }
+      pending.each { |cls| puts cls.new(kb).report(opts[:verbosity]) }
     end
   end
 end

data/lib/pedant/commands/test.rb

@@ -1,5 +1,5 @@
 ################################################################################
-# Copyright (c) 2011, Mak Kolybabi
+# Copyright (c) 2011-2014, Tenable Network Security
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -30,7 +30,29 @@ module Pedant
       'test'
     end
 
-    def self.run(cfg, args)
+    def self.help
+      @@optparse.to_s
+    end
+
+    def self.optparse(options, args)
+      @@optparse = OptionParser.new do |opts|
+        opts.banner = "Usage: pedant [global-options] #{binding} [command-options] [args]"
+
+        opts.separator ""
+        opts.separator "Common operations:"
+
+        opts.on('-h', '--help', 'Display this help screen.') do
+          puts opts
+          exit 1
+        end
+      end
+
+      @@optparse.order!(args)
+
+      return options, args
+    end
+
+    def self.run_all(opts, args)
       Test.initialize!(args)
     end
   end

data/lib/pedant/knowledge_base.rb

@@ -1,5 +1,5 @@
 ################################################################################
-# Copyright (c) 2011, Mak Kolybabi
+# Copyright (c) 2011-2014, Tenable Network Security
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/lib/pedant/test.rb

@@ -1,5 +1,5 @@
 ################################################################################
-# Copyright (c) 2011, Mak Kolybabi
+# Copyright (c) 2011-2014, Tenable Network Security
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -28,13 +28,13 @@ require 'test/unit'
 
 module Pedant
   module Test
-    def self.initialize!(args)
+    def self.initialize!(args=[])
       # Run all tests by default.
-      args = ['unit/*', 'unit/*/*'] if args.empty?
+      args = ['unit/**/*'] if args.empty?
 
       # Run each test or category of tests specified on the command line.
-      args.each do |test|
-        Dir.glob(Pedant.test + (test + '.rb')).each { |f| load(f) }
+      args.each do |path|
+        Dir.glob(Pedant.test + (path + '.rb')).each { |f| load(f) }
       end
 
       Check.initialize!

data/lib/pedant/version.rb

@@ -1,3 +1,3 @@
 module Pedant
-  VERSION = '0.0.3'
+  VERSION = '0.0.4'
 end

data/pedant.gemspec

@@ -1,3 +1,29 @@
+################################################################################
+# Copyright (c) 2011-2014, Tenable Network Security
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright notice, this
+#    list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright notice,
+#    this list of conditions and the following disclaimer in the documentation
+#    and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+################################################################################
+
 # -*- encoding: utf-8 -*-
 $:.push File.expand_path('../lib', __FILE__)
 
@@ -8,10 +34,11 @@ Gem::Specification.new do |s|
   s.version     = Pedant::VERSION
   s.license     = 'BSD'
   s.homepage    = 'http://github.com/tenable/pedant'
-  s.summary     = 'A static analysis framework for the Nessus Attack Scripting Language.'
+  s.summary     = 'A framework for the Nessus Attack Scripting Language.'
+  s.description = 'A static analysis framework for the Nessus Attack Scripting Language.'
 
-  s.authors     = ['Mak Kolybabi']
-  s.email       = ['mak@kolybabi.com']
+  s.authors     = ['Mak Kolybabi', 'Alex Weber', 'Jacob Hammack']
+  s.email       = ['mak@kolybabi.com', 'aweber@tenable.com', 'jhammack@tenable.com']
 
   s.rubyforge_project = 'nasl-pedant'
 
@@ -20,8 +47,8 @@ Gem::Specification.new do |s|
   s.executables   = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
   s.require_paths = ['lib']
 
-  s.add_development_dependency 'rake'
+  s.add_development_dependency 'rake', '~> 0'
 
-  s.add_runtime_dependency 'rainbow'
-  s.add_runtime_dependency 'nasl', '>= 0.0.7'
+  s.add_runtime_dependency 'rainbow', '=2.0.0'
+  s.add_runtime_dependency 'nasl', '~> 0.2', '>= 0.2.0'
 end

data/test/test_helper.rb

@@ -1,3 +1,29 @@
+################################################################################
+# Copyright (c) 2011-2014, Tenable Network Security
+# All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright notice, this
+#    list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright notice,
+#    this list of conditions and the following disclaimer in the documentation
+#    and/or other materials provided with the distribution.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+################################################################################
+
 require 'pedant'
 require 'test/unit'
 

data/test/unit/checks/test_conditional_or_loop_is_empty.rb

@@ -1,5 +1,5 @@
 ################################################################################
-# Copyright (c) 2011, Mak Kolybabi
+# Copyright (c) 2011-2014, Tenable Network Security
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/test/unit/checks/test_contains_ip_address_literals.rb

@@ -1,5 +1,5 @@
 ################################################################################
-# Copyright (c) 2011, Mak Kolybabi
+# Copyright (c) 2011-2014, Tenable Network Security
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/test/unit/checks/test_contains_no_carriage_returns.rb

@@ -1,5 +1,5 @@
 ################################################################################
-# Copyright (c) 2011, Mak Kolybabi
+# Copyright (c) 2011-2014, Tenable Network Security
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/test/unit/checks/test_contains_no_tabs.rb

@@ -1,5 +1,5 @@
 ################################################################################
-# Copyright (c) 2011, Mak Kolybabi
+# Copyright (c) 2011-2014, Tenable Network Security
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without

data/test/unit/checks/test_contains_registration_section.rb

@@ -1,5 +1,5 @@
 ################################################################################
-# Copyright (c) 2011, Mak Kolybabi
+# Copyright (c) 2011-2014, Tenable Network Security
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -98,4 +98,20 @@ class TestContainsRegistrationSection < Test::Unit::TestCase
       %q|if (description) { exit(0, foo); }|
     )
   end
+
+  def test_indexed_description
+    check(
+      :fail,
+      :CheckContainsRegistrationSection,
+      %q|if (description["foo"]) { exit(0); }|
+    )
+  end
+
+  def test_indexed_exit
+    check(
+      :fail,
+      :CheckContainsRegistrationSection,
+      %q|if (description) { exit[foo](0); }|
+    )
+  end
 end

data/test/unit/checks/test_contains_unreachable_code.rb

@@ -1,5 +1,5 @@
 ################################################################################
-# Copyright (c) 2011, Mak Kolybabi
+# Copyright (c) 2011-2014, Tenable Network Security
 # All rights reserved.
 #
 # Redistribution and use in source and binary forms, with or without
@@ -90,4 +90,14 @@ class TestContainsUnreachableCode < Test::Unit::TestCase
       %q|{ continue; foo(); }|
     )
   end
+
+  # exit() is a special case in this check, because it's a function instead of a
+  # language keyword.
+  def test_indexed_exit
+    check(
+      :pass,
+      :CheckContainsUnreachableCode,
+      %q|{ exit.foo(); foo(); }|
+    )
+  end
 end