nasl-pedant 0.0.5 → 0.0.6
Sign up to get free protection for your applications and to get access to all the features.
- data/README.md +45 -0
- data/lib/pedant/check.rb +30 -4
- data/lib/pedant/checks/files_parse_without_errors.rb +1 -1
- data/lib/pedant/commands/check.rb +6 -27
- data/lib/pedant/version.rb +1 -1
- metadata +4 -8
data/README.md
ADDED
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
Pedant, a static analysis tool for NASL
|
|
2
|
+
=======================================
|
|
3
|
+
|
|
4
|
+
Installing
|
|
5
|
+
----------
|
|
6
|
+
If you have Ruby 1.9.3+ and Rubygems installed, you can simply do:
|
|
7
|
+
`gem install nasl-pedant`
|
|
8
|
+
|
|
9
|
+
Using
|
|
10
|
+
-----
|
|
11
|
+
To check a script, run this: `pedant check scriptname.nasl`.
|
|
12
|
+
You can check `.inc` files the same way.
|
|
13
|
+
|
|
14
|
+
See a `[WARN]` but there's no explanation of the problem? Try adding `-v`.
|
|
15
|
+
|
|
16
|
+
Checking multiple files together is not currently supported (and has some
|
|
17
|
+
semantics questions to be sorted out first). Currently, using xargs is the best
|
|
18
|
+
way to check multiple files. For example, for checking all the plugins in a
|
|
19
|
+
directory:
|
|
20
|
+
|
|
21
|
+
find . -maxdepth 1 -name '*.nasl' | while read fname; do
|
|
22
|
+
echo $fname
|
|
23
|
+
pedant check $fname
|
|
24
|
+
echo
|
|
25
|
+
done > pedant_results_$(date +%s)
|
|
26
|
+
|
|
27
|
+
Bugs
|
|
28
|
+
----
|
|
29
|
+
|
|
30
|
+
1. Choosing which checks to run does not currently work (`-c` flag)
|
|
31
|
+
1. Checking multiple files together does not currently work
|
|
32
|
+
1. Only works for up to 5.2 code (will not fix, the `nasl`
|
|
33
|
+
interpreter can now export an AST)
|
|
34
|
+
1. Some of the checks have inconsistent titles in terms of "truthiness"
|
|
35
|
+
1. No filename is output per-file, which makes checking multiple files difficult
|
|
36
|
+
|
|
37
|
+
Todo
|
|
38
|
+
----
|
|
39
|
+
|
|
40
|
+
1. Iron out some of the semantics:
|
|
41
|
+
- What is `test mode` used for?
|
|
42
|
+
- Currently files are all checked independently: what should be done when
|
|
43
|
+
we're given `.inc` and `.nasl` files in one invocation?
|
|
44
|
+
1. Add a control-flow graph?
|
|
45
|
+
1. Add some kind of taint tracking?
|
data/lib/pedant/check.rb
CHANGED
|
@@ -51,10 +51,7 @@ module Pedant
|
|
|
51
51
|
|
|
52
52
|
# Run all the dependencies for this check if we're in test mode.
|
|
53
53
|
return unless @kb[:test_mode]
|
|
54
|
-
self.class.depends
|
|
55
|
-
chk = cls.new(@kb)
|
|
56
|
-
chk.run
|
|
57
|
-
end
|
|
54
|
+
Check.run_checks_in_dependency_order(kb, self.class.depends)
|
|
58
55
|
end
|
|
59
56
|
|
|
60
57
|
def self.list
|
|
@@ -91,6 +88,35 @@ module Pedant
|
|
|
91
88
|
end
|
|
92
89
|
end
|
|
93
90
|
|
|
91
|
+
def self.run_checks_in_dependency_order(kb, checks)
|
|
92
|
+
# Try to run each pending check, until we've run all our checks or
|
|
93
|
+
# deadlocked.
|
|
94
|
+
fatal = false
|
|
95
|
+
until checks.empty? || fatal
|
|
96
|
+
# Find all of the checks that can run right now.
|
|
97
|
+
ready = checks.select { |cls| cls.ready?(kb) }
|
|
98
|
+
break if ready.empty?
|
|
99
|
+
|
|
100
|
+
# Run all of the checks that are ready.
|
|
101
|
+
ready.each do |cls|
|
|
102
|
+
# Create a new check instance.
|
|
103
|
+
chk = cls.new(kb)
|
|
104
|
+
checks.delete(cls)
|
|
105
|
+
|
|
106
|
+
chk.run
|
|
107
|
+
|
|
108
|
+
# Yield the results of the finished check
|
|
109
|
+
yield chk if block_given?
|
|
110
|
+
|
|
111
|
+
# Fatal errors mean that no further checks should be processed.
|
|
112
|
+
if chk.result == :fatal
|
|
113
|
+
fatal = true
|
|
114
|
+
break
|
|
115
|
+
end
|
|
116
|
+
end
|
|
117
|
+
end
|
|
118
|
+
end
|
|
119
|
+
|
|
94
120
|
def report(level, text=nil)
|
|
95
121
|
unless text.nil?
|
|
96
122
|
if @@levels.index(level).nil?
|
|
@@ -77,7 +77,7 @@ module Pedant
|
|
|
77
77
|
usage(e.message)
|
|
78
78
|
end
|
|
79
79
|
|
|
80
|
-
options[:checks] << cls
|
|
80
|
+
([cls] + cls.depends).each { |cls| options[:checks] << cls }
|
|
81
81
|
end
|
|
82
82
|
|
|
83
83
|
opts.on('-h', '--help', 'Display this help screen.') do
|
|
@@ -128,48 +128,27 @@ module Pedant
|
|
|
128
128
|
end
|
|
129
129
|
|
|
130
130
|
def self.run_one(opts, path)
|
|
131
|
+
puts Rainbow("CHECKING: #{path}").cyan
|
|
131
132
|
# Get a list of the checks we're going to be running.
|
|
132
133
|
if not opts[:checks].empty?
|
|
133
134
|
pending = opts[:checks].to_a
|
|
134
135
|
else
|
|
135
|
-
pending = Check.all
|
|
136
|
+
pending = Array.new(Check.all)
|
|
136
137
|
end
|
|
137
138
|
|
|
138
139
|
# Initialize the knowledge base where checks can store information for
|
|
139
140
|
# other checks.
|
|
140
141
|
kb = KnowledgeBase.new(:file_mode, path)
|
|
141
142
|
|
|
142
|
-
|
|
143
|
-
|
|
144
|
-
fatal = false
|
|
145
|
-
until pending.empty? || fatal
|
|
146
|
-
# Find all of the checks that can run right now.
|
|
147
|
-
ready = pending.select { |cls| cls.ready?(kb) }
|
|
148
|
-
break if ready.empty?
|
|
149
|
-
|
|
150
|
-
# Run all of the checks that are ready.
|
|
151
|
-
ready.each do |cls|
|
|
152
|
-
# Create a new check instance.
|
|
153
|
-
chk = cls.new(kb)
|
|
154
|
-
pending.delete(cls)
|
|
155
|
-
|
|
156
|
-
chk.run
|
|
157
|
-
|
|
158
|
-
# Fatal errors mean that no further checks should be processed.
|
|
159
|
-
if chk.result == :fatal
|
|
160
|
-
fatal = true
|
|
161
|
-
break
|
|
162
|
-
end
|
|
163
|
-
|
|
164
|
-
# Display the results of the check.
|
|
165
|
-
puts chk.report(opts[:verbosity])
|
|
166
|
-
end
|
|
143
|
+
Check.run_checks_in_dependency_order(kb, pending) do |chk|
|
|
144
|
+
puts chk.report(opts[:verbosity])
|
|
167
145
|
end
|
|
168
146
|
|
|
169
147
|
# Notify the user if any checks did not run due to unsatisfied
|
|
170
148
|
# dependencies or a fatal error occurring before they had the chance to
|
|
171
149
|
# run.
|
|
172
150
|
pending.each { |cls| puts cls.new(kb).report(opts[:verbosity]) }
|
|
151
|
+
puts
|
|
173
152
|
end
|
|
174
153
|
end
|
|
175
154
|
end
|
data/lib/pedant/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: nasl-pedant
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.6
|
|
5
5
|
prerelease:
|
|
6
6
|
platform: ruby
|
|
7
7
|
authors:
|
|
@@ -11,7 +11,7 @@ authors:
|
|
|
11
11
|
autorequire:
|
|
12
12
|
bindir: bin
|
|
13
13
|
cert_chain: []
|
|
14
|
-
date: 2015-03-
|
|
14
|
+
date: 2015-03-05 00:00:00.000000000 Z
|
|
15
15
|
dependencies:
|
|
16
16
|
- !ruby/object:Gem::Dependency
|
|
17
17
|
name: rake
|
|
@@ -79,6 +79,7 @@ extra_rdoc_files: []
|
|
|
79
79
|
files:
|
|
80
80
|
- .gitignore
|
|
81
81
|
- Gemfile
|
|
82
|
+
- README.md
|
|
82
83
|
- Rakefile
|
|
83
84
|
- bin/pedant
|
|
84
85
|
- lib/pedant.rb
|
|
@@ -136,18 +137,12 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
136
137
|
- - ! '>='
|
|
137
138
|
- !ruby/object:Gem::Version
|
|
138
139
|
version: '0'
|
|
139
|
-
segments:
|
|
140
|
-
- 0
|
|
141
|
-
hash: 333689523
|
|
142
140
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
143
141
|
none: false
|
|
144
142
|
requirements:
|
|
145
143
|
- - ! '>='
|
|
146
144
|
- !ruby/object:Gem::Version
|
|
147
145
|
version: '0'
|
|
148
|
-
segments:
|
|
149
|
-
- 0
|
|
150
|
-
hash: 333689523
|
|
151
146
|
requirements: []
|
|
152
147
|
rubyforge_project: nasl-pedant
|
|
153
148
|
rubygems_version: 1.8.23
|
|
@@ -168,3 +163,4 @@ test_files:
|
|
|
168
163
|
- test/unit/checks/test_flipped_operands_on_match_or_substring.rb
|
|
169
164
|
- test/unit/checks/test_plugin_type_not_specified.rb
|
|
170
165
|
- test/unit/checks/test_script_family_not_specified.rb
|
|
166
|
+
has_rdoc:
|