nasl-pedant 0.0.6 → 0.0.7

Sign up to get free protection for your applications and to get access to all the features.
Files changed (8) hide show
  1. checksums.yaml +15 -0
  2. data/README.md +3 -18
  3. data/lib/pedant/checks/equality_with_regex.rb +65 -0
  4. data/lib/pedant/checks/plugin_type_not_specified.rb +1 -1
  5. data/lib/pedant/version.rb +1 -1
  6. data/test/unit/checks/test_equality_with_regex.rb +53 -0
  7. data/test/unit/checks/test_plugin_type_not_specified.rb +43 -0
  8. metadata +8 -14
checksums.yaml ADDED
@@ -0,0 +1,15 @@
1
+ ---
2
+ !binary "U0hBMQ==":
3
+ metadata.gz: !binary |-
4
+ YTNkZDBhYzc5YzY5MjE1ZGFmMzgxZDViMDg0YmEwNGQyODE2ODlmMA==
5
+ data.tar.gz: !binary |-
6
+ MWI3Njg1YzY0ODMyNzJhZWViOGFiMzI3NDg1YjU1ZGI1NjY2NWNkOA==
7
+ SHA512:
8
+ metadata.gz: !binary |-
9
+ NTViZDYwZWUxOWRhZWQ3OWZlNmRlZTYwYmVhMDY0ZjkzYmIwZmY5YTg5NWM2
10
+ NjU1NmEwYmM0YmFlNjkwZjNlMzhjNzFmMmZkMzkzOTU0Nzg3YzA3ZjcwOWM4
11
+ MWEwZTkwOGExY2IzNDEwOWZmN2JkNjRjNGI4OTI1YzJhNmY2OTI=
12
+ data.tar.gz: !binary |-
13
+ OGJlYTZiODkxZWQwZWU2MTk3YTg1NmM1OTdkNTZjNzdkYWQ1YjFkYmNiMzZi
14
+ YmQxYTI2YTVjNGJhMTQ0OTMxNjZiYjBlZmJkMDAwY2RmMmQ3NDQyNTU4MzBk
15
+ NTVjZjcyZmJhMTM5OWQ4MDZjYTdiMjAzNDNmNzZlZWUwMDI3MjU=
data/README.md CHANGED
@@ -8,37 +8,22 @@ If you have Ruby 1.9.3+ and Rubygems installed, you can simply do:
8
8
 
9
9
  Using
10
10
  -----
11
- To check a script, run this: `pedant check scriptname.nasl`.
12
- You can check `.inc` files the same way.
11
+ To check a script, run this: `pedant check scriptname.nasl`. You can check
12
+ `.inc` files the same way. Multiple files can be checked at the same time.
13
13
 
14
14
  See a `[WARN]` but there's no explanation of the problem? Try adding `-v`.
15
15
 
16
- Checking multiple files together is not currently supported (and has some
17
- semantics questions to be sorted out first). Currently, using xargs is the best
18
- way to check multiple files. For example, for checking all the plugins in a
19
- directory:
20
-
21
- find . -maxdepth 1 -name '*.nasl' | while read fname; do
22
- echo $fname
23
- pedant check $fname
24
- echo
25
- done > pedant_results_$(date +%s)
26
-
27
16
  Bugs
28
17
  ----
29
18
 
30
- 1. Choosing which checks to run does not currently work (`-c` flag)
31
- 1. Checking multiple files together does not currently work
32
19
  1. Only works for up to 5.2 code (will not fix, the `nasl`
33
- interpreter can now export an AST)
20
+ interpreter can now export an AST)
34
21
  1. Some of the checks have inconsistent titles in terms of "truthiness"
35
- 1. No filename is output per-file, which makes checking multiple files difficult
36
22
 
37
23
  Todo
38
24
  ----
39
25
 
40
26
  1. Iron out some of the semantics:
41
- - What is `test mode` used for?
42
27
  - Currently files are all checked independently: what should be done when
43
28
  we're given `.inc` and `.nasl` files in one invocation?
44
29
  1. Add a control-flow graph?
data/lib/pedant/checks/equality_with_regex.rb ADDED
@@ -0,0 +1,65 @@
1
+ ################################################################################
2
+ # Copyright (c) 2015, Tenable Network Security
3
+ # All rights reserved.
4
+ #
5
+ # Redistribution and use in source and binary forms, with or without
6
+ # modification, are permitted provided that the following conditions are met:
7
+ #
8
+ # 1. Redistributions of source code must retain the above copyright notice, this
9
+ # list of conditions and the following disclaimer.
10
+ #
11
+ # 2. Redistributions in binary form must reproduce the above copyright notice,
12
+ # this list of conditions and the following disclaimer in the documentation
13
+ # and/or other materials provided with the distribution.
14
+ #
15
+ # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
16
+ # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17
+ # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
18
+ # DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
19
+ # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20
+ # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
21
+ # SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
22
+ # CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
23
+ # OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
24
+ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25
+ ################################################################################
26
+
27
+ module Pedant
28
+ class CheckEqualityWithRegex < Check
29
+ def self.requires
30
+ super + [:trees]
31
+ end
32
+
33
+ def check(file, tree)
34
+ def walk(node, root)
35
+ # Recursively descend into the right-hand and left-hand sides of each expression.
36
+ if node.is_a? Nasl::Expression
37
+ [:lhs, :rhs].each { |side| walk(node.send(side), root) }
38
+
39
+ return unless node.op.is_a?(Nasl::Token)
40
+ return unless ["==", "!="].include?(node.op.body)
41
+ return unless node.rhs.is_a?(Nasl::String)
42
+ str = node.rhs.text
43
+ return unless str.length > 2
44
+ return unless str[0] == "^" and str[-1] == "$"
45
+
46
+ fail
47
+ report(:error, "An equality comparison is being made with what appears to be a regex.")
48
+ report(:error, "This might be a typo in the operator.")
49
+ report(:error, node.op.context(node))
50
+ end
51
+ end
52
+
53
+ cond_stmts = [:For, :Repeat, :While, :If].map { |cls| tree.all(cls) }.flatten
54
+ cond_stmts.each { |cond_stmt| walk(cond_stmt.cond, cond_stmt) }
55
+ end
56
+
57
+ def run
58
+ # This check will pass by default.
59
+ pass
60
+
61
+ # Run this check on the tree from every file.
62
+ @kb[:trees].each { |file, tree| check(file, tree) }
63
+ end
64
+ end
65
+ end
data/lib/pedant/checks/plugin_type_not_specified.rb CHANGED
@@ -39,7 +39,7 @@ module Pedant
39
39
  tree = @kb[:trees][@kb[:main]]
40
40
 
41
41
  tree.all(:Call).each do |node|
42
- next unless node.name.ident.name == 'script_set_attribute'
42
+ next unless ((node.name.ident.name == 'script_set_attribute') or (node.name.ident.name == 'xscript_set_attribute'))
43
43
  next unless node.name.indexes == []
44
44
  next unless node.arg.has_key? 'attribute'
45
45
 
data/lib/pedant/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module Pedant
2
- VERSION = '0.0.6'
2
+ VERSION = '0.0.7'
3
3
  end
data/test/unit/checks/test_equality_with_regex.rb ADDED
@@ -0,0 +1,53 @@
1
+ ################################################################################
2
+ # Copyright (c) 2015, Tenable Network Security
3
+ # All rights reserved.
4
+ #
5
+ # Redistribution and use in source and binary forms, with or without
6
+ # modification, are permitted provided that the following conditions are met:
7
+ #
8
+ # 1. Redistributions of source code must retain the above copyright notice, this
9
+ # list of conditions and the following disclaimer.
10
+ #
11
+ # 2. Redistributions in binary form must reproduce the above copyright notice,
12
+ # this list of conditions and the following disclaimer in the documentation
13
+ # and/or other materials provided with the distribution.
14
+ #
15
+ # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
16
+ # AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17
+ # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
18
+ # DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
19
+ # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20
+ # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
21
+ # SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
22
+ # CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
23
+ # OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
24
+ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
25
+ ################################################################################
26
+
27
+ class TestEqualityWithRegex < Test::Unit::TestCase
28
+ include Pedant::Test
29
+
30
+ def test_none
31
+ check(
32
+ :pass,
33
+ :CheckEqualityWithRegex,
34
+ %q||
35
+ )
36
+ end
37
+
38
+ def test_simple_not_equal
39
+ check(
40
+ :fail,
41
+ :CheckEqualityWithRegex,
42
+ %q|if (a != "^pattern$") exit(0);|
43
+ )
44
+ end
45
+
46
+ def test_complex_equal
47
+ check(
48
+ :fail,
49
+ :CheckEqualityWithRegex,
50
+ %q|if ('woo' >< a && a == '^pattern$') exit(0);|
51
+ )
52
+ end
53
+ end
data/test/unit/checks/test_plugin_type_not_specified.rb CHANGED
@@ -77,4 +77,47 @@ class TestPluginTypeNotSpecified < Test::Unit::TestCase
77
77
  %q|script_set_attribute.foo(attribute:"plugin_type", value:"foo");|
78
78
  )
79
79
  end
80
+
81
+ def test_nbin_one
82
+ check(
83
+ :pass,
84
+ :CheckPluginTypeNotSpecified,
85
+ %q|xscript_set_attribute(attribute:"plugin_type", value:"local");|
86
+ )
87
+ end
88
+
89
+ def test_nbin_many
90
+ check(
91
+ :fail,
92
+ :CheckPluginTypeNotSpecified,
93
+ %q|xscript_set_attribute(attribute:"plugin_type", value:"local");| +
94
+ %q|xscript_set_attribute(attribute:"plugin_type", value:"remote");|
95
+ )
96
+ end
97
+
98
+ def test_nbin_valid
99
+ ['combined', 'local', 'reputation', 'remote', 'settings', 'thirdparty'].each do |type|
100
+ check(
101
+ :pass,
102
+ :CheckPluginTypeNotSpecified,
103
+ %Q|xscript_set_attribute(attribute:"plugin_type", value:"#{type}");|
104
+ )
105
+ end
106
+ end
107
+
108
+ def test_nbin_invalid
109
+ check(
110
+ :fail,
111
+ :CheckPluginTypeNotSpecified,
112
+ %q|xscript_set_attribute(attribute:"plugin_type", value:"foo");|
113
+ )
114
+ end
115
+
116
+ def test_nbin_indexed
117
+ check(
118
+ :fail,
119
+ :CheckPluginTypeNotSpecified,
120
+ %q|xscript_set_attribute.foo(attribute:"plugin_type", value:"foo");|
121
+ )
122
+ end
80
123
  end
metadata CHANGED
@@ -1,8 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: nasl-pedant
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.6
5
- prerelease:
4
+ version: 0.0.7
6
5
  platform: ruby
7
6
  authors:
8
7
  - Mak Kolybabi
@@ -11,12 +10,11 @@ authors:
11
10
  autorequire:
12
11
  bindir: bin
13
12
  cert_chain: []
14
- date: 2015-03-05 00:00:00.000000000 Z
13
+ date: 2015-04-08 00:00:00.000000000 Z
15
14
  dependencies:
16
15
  - !ruby/object:Gem::Dependency
17
16
  name: rake
18
17
  requirement: !ruby/object:Gem::Requirement
19
- none: false
20
18
  requirements:
21
19
  - - ~>
22
20
  - !ruby/object:Gem::Version
@@ -24,7 +22,6 @@ dependencies:
24
22
  type: :development
25
23
  prerelease: false
26
24
  version_requirements: !ruby/object:Gem::Requirement
27
- none: false
28
25
  requirements:
29
26
  - - ~>
30
27
  - !ruby/object:Gem::Version
@@ -32,7 +29,6 @@ dependencies:
32
29
  - !ruby/object:Gem::Dependency
33
30
  name: rainbow
34
31
  requirement: !ruby/object:Gem::Requirement
35
- none: false
36
32
  requirements:
37
33
  - - '='
38
34
  - !ruby/object:Gem::Version
@@ -40,7 +36,6 @@ dependencies:
40
36
  type: :runtime
41
37
  prerelease: false
42
38
  version_requirements: !ruby/object:Gem::Requirement
43
- none: false
44
39
  requirements:
45
40
  - - '='
46
41
  - !ruby/object:Gem::Version
@@ -48,7 +43,6 @@ dependencies:
48
43
  - !ruby/object:Gem::Dependency
49
44
  name: nasl
50
45
  requirement: !ruby/object:Gem::Requirement
51
- none: false
52
46
  requirements:
53
47
  - - ~>
54
48
  - !ruby/object:Gem::Version
@@ -59,7 +53,6 @@ dependencies:
59
53
  type: :runtime
60
54
  prerelease: false
61
55
  version_requirements: !ruby/object:Gem::Requirement
62
- none: false
63
56
  requirements:
64
57
  - - ~>
65
58
  - !ruby/object:Gem::Version
@@ -93,6 +86,7 @@ files:
93
86
  - lib/pedant/checks/contains_registration_section.rb
94
87
  - lib/pedant/checks/contains_unreachable_code.rb
95
88
  - lib/pedant/checks/ends_with_newline.rb
89
+ - lib/pedant/checks/equality_with_regex.rb
96
90
  - lib/pedant/checks/files_parse_without_errors.rb
97
91
  - lib/pedant/checks/flipped_operands_on_match_or_substring.rb
98
92
  - lib/pedant/checks/local_variable_unused.rb
@@ -121,33 +115,33 @@ files:
121
115
  - test/unit/checks/test_contains_registration_section.rb
122
116
  - test/unit/checks/test_contains_unreachable_code.rb
123
117
  - test/unit/checks/test_ends_with_newline.rb
118
+ - test/unit/checks/test_equality_with_regex.rb
124
119
  - test/unit/checks/test_flipped_operands_on_match_or_substring.rb
125
120
  - test/unit/checks/test_plugin_type_not_specified.rb
126
121
  - test/unit/checks/test_script_family_not_specified.rb
127
122
  homepage: http://github.com/tenable/pedant
128
123
  licenses:
129
124
  - BSD
125
+ metadata: {}
130
126
  post_install_message:
131
127
  rdoc_options: []
132
128
  require_paths:
133
129
  - lib
134
130
  required_ruby_version: !ruby/object:Gem::Requirement
135
- none: false
136
131
  requirements:
137
132
  - - ! '>='
138
133
  - !ruby/object:Gem::Version
139
134
  version: '0'
140
135
  required_rubygems_version: !ruby/object:Gem::Requirement
141
- none: false
142
136
  requirements:
143
137
  - - ! '>='
144
138
  - !ruby/object:Gem::Version
145
139
  version: '0'
146
140
  requirements: []
147
141
  rubyforge_project: nasl-pedant
148
- rubygems_version: 1.8.23
142
+ rubygems_version: 2.4.6
149
143
  signing_key:
150
- specification_version: 3
144
+ specification_version: 4
151
145
  summary: A framework for the Nessus Attack Scripting Language.
152
146
  test_files:
153
147
  - test/test_helper.rb
@@ -160,7 +154,7 @@ test_files:
160
154
  - test/unit/checks/test_contains_registration_section.rb
161
155
  - test/unit/checks/test_contains_unreachable_code.rb
162
156
  - test/unit/checks/test_ends_with_newline.rb
157
+ - test/unit/checks/test_equality_with_regex.rb
163
158
  - test/unit/checks/test_flipped_operands_on_match_or_substring.rb
164
159
  - test/unit/checks/test_plugin_type_not_specified.rb
165
160
  - test/unit/checks/test_script_family_not_specified.rb
166
- has_rdoc: