nasl-pedant 0.0.5 → 0.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/README.md +45 -0
- data/lib/pedant/check.rb +30 -4
- data/lib/pedant/checks/files_parse_without_errors.rb +1 -1
- data/lib/pedant/commands/check.rb +6 -27
- data/lib/pedant/version.rb +1 -1
- metadata +4 -8
data/README.md
ADDED
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
Pedant, a static analysis tool for NASL
|
|
2
|
+
=======================================
|
|
3
|
+
|
|
4
|
+
Installing
|
|
5
|
+
----------
|
|
6
|
+
If you have Ruby 1.9.3+ and Rubygems installed, you can simply do:
|
|
7
|
+
`gem install nasl-pedant`
|
|
8
|
+
|
|
9
|
+
Using
|
|
10
|
+
-----
|
|
11
|
+
To check a script, run this: `pedant check scriptname.nasl`.
|
|
12
|
+
You can check `.inc` files the same way.
|
|
13
|
+
|
|
14
|
+
See a `[WARN]` but there's no explanation of the problem? Try adding `-v`.
|
|
15
|
+
|
|
16
|
+
Checking multiple files together is not currently supported (and has some
|
|
17
|
+
semantics questions to be sorted out first). Currently, using xargs is the best
|
|
18
|
+
way to check multiple files. For example, for checking all the plugins in a
|
|
19
|
+
directory:
|
|
20
|
+
|
|
21
|
+
find . -maxdepth 1 -name '*.nasl' | while read fname; do
|
|
22
|
+
echo $fname
|
|
23
|
+
pedant check $fname
|
|
24
|
+
echo
|
|
25
|
+
done > pedant_results_$(date +%s)
|
|
26
|
+
|
|
27
|
+
Bugs
|
|
28
|
+
----
|
|
29
|
+
|
|
30
|
+
1. Choosing which checks to run does not currently work (`-c` flag)
|
|
31
|
+
1. Checking multiple files together does not currently work
|
|
32
|
+
1. Only works for up to 5.2 code (will not fix, the `nasl`
|
|
33
|
+
interpreter can now export an AST)
|
|
34
|
+
1. Some of the checks have inconsistent titles in terms of "truthiness"
|
|
35
|
+
1. No filename is output per-file, which makes checking multiple files difficult
|
|
36
|
+
|
|
37
|
+
Todo
|
|
38
|
+
----
|
|
39
|
+
|
|
40
|
+
1. Iron out some of the semantics:
|
|
41
|
+
- What is `test mode` used for?
|
|
42
|
+
- Currently files are all checked independently: what should be done when
|
|
43
|
+
we're given `.inc` and `.nasl` files in one invocation?
|
|
44
|
+
1. Add a control-flow graph?
|
|
45
|
+
1. Add some kind of taint tracking?
|
data/lib/pedant/check.rb
CHANGED
|
@@ -51,10 +51,7 @@ module Pedant
|
|
|
51
51
|
|
|
52
52
|
# Run all the dependencies for this check if we're in test mode.
|
|
53
53
|
return unless @kb[:test_mode]
|
|
54
|
-
self.class.depends
|
|
55
|
-
chk = cls.new(@kb)
|
|
56
|
-
chk.run
|
|
57
|
-
end
|
|
54
|
+
Check.run_checks_in_dependency_order(kb, self.class.depends)
|
|
58
55
|
end
|
|
59
56
|
|
|
60
57
|
def self.list
|
|
@@ -91,6 +88,35 @@ module Pedant
|
|
|
91
88
|
end
|
|
92
89
|
end
|
|
93
90
|
|
|
91
|
+
def self.run_checks_in_dependency_order(kb, checks)
|
|
92
|
+
# Try to run each pending check, until we've run all our checks or
|
|
93
|
+
# deadlocked.
|
|
94
|
+
fatal = false
|
|
95
|
+
until checks.empty? || fatal
|
|
96
|
+
# Find all of the checks that can run right now.
|
|
97
|
+
ready = checks.select { |cls| cls.ready?(kb) }
|
|
98
|
+
break if ready.empty?
|
|
99
|
+
|
|
100
|
+
# Run all of the checks that are ready.
|
|
101
|
+
ready.each do |cls|
|
|
102
|
+
# Create a new check instance.
|
|
103
|
+
chk = cls.new(kb)
|
|
104
|
+
checks.delete(cls)
|
|
105
|
+
|
|
106
|
+
chk.run
|
|
107
|
+
|
|
108
|
+
# Yield the results of the finished check
|
|
109
|
+
yield chk if block_given?
|
|
110
|
+
|
|
111
|
+
# Fatal errors mean that no further checks should be processed.
|
|
112
|
+
if chk.result == :fatal
|
|
113
|
+
fatal = true
|
|
114
|
+
break
|
|
115
|
+
end
|
|
116
|
+
end
|
|
117
|
+
end
|
|
118
|
+
end
|
|
119
|
+
|
|
94
120
|
def report(level, text=nil)
|
|
95
121
|
unless text.nil?
|
|
96
122
|
if @@levels.index(level).nil?
|
|
@@ -77,7 +77,7 @@ module Pedant
|
|
|
77
77
|
usage(e.message)
|
|
78
78
|
end
|
|
79
79
|
|
|
80
|
-
options[:checks] << cls
|
|
80
|
+
([cls] + cls.depends).each { |cls| options[:checks] << cls }
|
|
81
81
|
end
|
|
82
82
|
|
|
83
83
|
opts.on('-h', '--help', 'Display this help screen.') do
|
|
@@ -128,48 +128,27 @@ module Pedant
|
|
|
128
128
|
end
|
|
129
129
|
|
|
130
130
|
def self.run_one(opts, path)
|
|
131
|
+
puts Rainbow("CHECKING: #{path}").cyan
|
|
131
132
|
# Get a list of the checks we're going to be running.
|
|
132
133
|
if not opts[:checks].empty?
|
|
133
134
|
pending = opts[:checks].to_a
|
|
134
135
|
else
|
|
135
|
-
pending = Check.all
|
|
136
|
+
pending = Array.new(Check.all)
|
|
136
137
|
end
|
|
137
138
|
|
|
138
139
|
# Initialize the knowledge base where checks can store information for
|
|
139
140
|
# other checks.
|
|
140
141
|
kb = KnowledgeBase.new(:file_mode, path)
|
|
141
142
|
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
fatal = false
|
|
145
|
-
until pending.empty? || fatal
|
|
146
|
-
# Find all of the checks that can run right now.
|
|
147
|
-
ready = pending.select { |cls| cls.ready?(kb) }
|
|
148
|
-
break if ready.empty?
|
|
149
|
-
|
|
150
|
-
# Run all of the checks that are ready.
|
|
151
|
-
ready.each do |cls|
|
|
152
|
-
# Create a new check instance.
|
|
153
|
-
chk = cls.new(kb)
|
|
154
|
-
pending.delete(cls)
|
|
155
|
-
|
|
156
|
-
chk.run
|
|
157
|
-
|
|
158
|
-
# Fatal errors mean that no further checks should be processed.
|
|
159
|
-
if chk.result == :fatal
|
|
160
|
-
fatal = true
|
|
161
|
-
break
|
|
162
|
-
end
|
|
163
|
-
|
|
164
|
-
# Display the results of the check.
|
|
165
|
-
puts chk.report(opts[:verbosity])
|
|
166
|
-
end
|
|
143
|
+
Check.run_checks_in_dependency_order(kb, pending) do |chk|
|
|
144
|
+
puts chk.report(opts[:verbosity])
|
|
167
145
|
end
|
|
168
146
|
|
|
169
147
|
# Notify the user if any checks did not run due to unsatisfied
|
|
170
148
|
# dependencies or a fatal error occurring before they had the chance to
|
|
171
149
|
# run.
|
|
172
150
|
pending.each { |cls| puts cls.new(kb).report(opts[:verbosity]) }
|
|
151
|
+
puts
|
|
173
152
|
end
|
|
174
153
|
end
|
|
175
154
|
end
|
data/lib/pedant/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nasl-pedant
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.6
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2015-03-
|
|
14
|
+
date: 2015-03-05 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: rake
|
|
@@ -79,6 +79,7 @@ extra_rdoc_files: []
|
|
|
79
79
|
files:
|
|
80
80
|
- .gitignore
|
|
81
81
|
- Gemfile
|
|
82
|
+
- README.md
|
|
82
83
|
- Rakefile
|
|
83
84
|
- bin/pedant
|
|
84
85
|
- lib/pedant.rb
|
|
@@ -136,18 +137,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
136
137
|
- - ! '>='
|
|
137
138
|
- !ruby/object:Gem::Version
|
|
138
139
|
version: '0'
|
|
139
|
-
segments:
|
|
140
|
-
- 0
|
|
141
|
-
hash: 333689523
|
|
142
140
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
143
141
|
none: false
|
|
144
142
|
requirements:
|
|
145
143
|
- - ! '>='
|
|
146
144
|
- !ruby/object:Gem::Version
|
|
147
145
|
version: '0'
|
|
148
|
-
segments:
|
|
149
|
-
- 0
|
|
150
|
-
hash: 333689523
|
|
151
146
|
requirements: []
|
|
152
147
|
rubyforge_project: nasl-pedant
|
|
153
148
|
rubygems_version: 1.8.23
|
|
@@ -168,3 +163,4 @@ test_files:
|
|
|
168
163
|
- test/unit/checks/test_flipped_operands_on_match_or_substring.rb
|
|
169
164
|
- test/unit/checks/test_plugin_type_not_specified.rb
|
|
170
165
|
- test/unit/checks/test_script_family_not_specified.rb
|
|
166
|
+
has_rdoc:
|