jcs.org
mutt stable branch with some hacks
1#!/bin/sh --
2
3#
4# grep for some things which may look like security problems.
5#
6
7TMPFILE="`mktemp check_sec.tmp.XXXXXX`" || exit 1
8
9RV=0;
10
11do_check_files ()
12{
13 pattern="$1" ; shift
14 magic="$1" ; shift
15 msg="$1" ; shift
16 egrep -n "$pattern" "$@" | \
17 grep -v '^[^ ]*:[^ ]*#' | \
18 fgrep -v "$magic" > $TMPFILE
19
20 test -s $TMPFILE && {
21 echo "$msg" ;
22 cat $TMPFILE;
23 rm -f $TMPFILE;
24 RV=1;
25 }
26}
27
28do_check ()
29{
30 do_check_files "$1" "$2" "$3" `find . -path ./intl -prune -o -name '*.c' -print`
31}
32
33do_check '\<fopen.*'\"'.*w' __FOPEN_CHECKED__ "Alert: Unchecked fopen calls."
34do_check '\<fclose.*'\"'.*w' __FCLOSE_CHECKED__ "Alert: Unchecked fclose calls."
35do_check '\<(mutt_)?strcpy' __STRCPY_CHECKED__ "Alert: Unchecked strcpy calls."
36do_check '\<strcat' __STRCAT_CHECKED__ "Alert: Unchecked strcat calls."
37do_check '\<sprintf.*%s' __SPRINTF_CHECKED__ "Alert: Unchecked sprintf calls."
38do_check '\<strncat' __STRNCAT_CHECKED__ "You probably meant safe_strcat here."
39do_check '\<safe_free' __SAFE_FREE_CHECKED__ "You probably meant FREE here."
40do_check '\<FREE[ ]?\([^&]' __FREE_CHECKED__ "You probably meant FREE(&...) here."
41
42# don't do this check on others' code.
43do_check_files '\<(malloc|realloc|free|strdup)[ ]*\(' __MEM_CHECKED__ "Alert: Use of traditional memory management calls." \
44 *.c imap/*.c autocrypt/*.c
45
46rm -f $TMPFILE
47exit $RV