Wireshark mailing list archives
Re: checkapi
From: Graham Bloice <graham.bloice () trihedral com>
Date: Fri, 22 Apr 2016 16:31:42 +0100
On 22 April 2016 at 15:48, Evan Huus <eapache () gmail com> wrote:
On Fri, Apr 22, 2016 at 10:24 AM, Jeff Morriss <jeff.morriss.ws () gmail com> wrote:On Fri, Apr 22, 2016 at 3:28 AM, Graham Bloice <graham.bloice () trihedral com>wrote:Just thinking for this for about 30 secs, is there another way?checkAPIsseems to be a very rudimentary (not meant in any derogatory way justbecauseit's written in Perl :_)) static code analyser. Is there any way anactualcode analyser could be used with a configuration file listing the banned API's etc.? I guess one issue with that approach is that all the static analysers I've used are quite slow, although that's maybe because I have them turned up to 11.There are; someone (Evan?) suggested a couple of options a few years agobutI guess no one had enough interest to do anything about it. But eithermymemory is wrong or my Google-fu isn't working well today because all I'm finding is a suggestion from Sebastien way back in 2008 (I reallythought itwas discussed more recently than that--and with more suggestions): https://www.wireshark.org/lists/wireshark-dev/200805/msg00128.htmlI think I remember talking about http://cppcheck.sourceforge.net/ - IIRC it lets you define custom rules either as regexes or as more complex scripts on the C/C++ AST, though I haven't looked at it in a while.
Interestingly I just ran cppcheck on Wireshark this week which turned up some interesting stuff as cppcheck has "knowledge" of frameworks such as gtk and qt (and windows) and thus is aware of when allocations have been made by library calls and should be cleaned up, e.g. line 119 of packet-pmproxy.c: return g_strcmp0(pmproxy_exchange_string, g_strdup_printf("pmproxy-%s 1\n", type)) == 0; The g_strdup_printf() allocates a string which has to be freed with g_free().
Of course I doubt such tools could fully replace checkAPIs: it has a lot ofcustom stuff in there like ensuring various arrays are NULL terminatedandthat hf fields are appropriate (writing the regex to match all the hfarrayentries was all sorts of challenging fun :-)).This may be somewhere a little bit of AST might go a long way, but it would certainly be a lot of work to migrate everything over.
This was the approach I was thinking, once you have an AST and a symbol table, lots of things are possible.
(You really should just come on over to the world of Perl; eventuallyyou'llwonder how you ever got along without it! ;-))
Tried that once, still feel unclean. Only php is worse, mainly due to the huge amount of insecure php web apps I have run into. -- Graham Bloice
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- Re: checkapi, (continued)
- Re: checkapi Graham Bloice (Apr 11)
- Re: checkapi Graham Bloice (Apr 18)
- Re: checkapi Guy Harris (Apr 18)
- Re: checkapi Graham Bloice (Apr 19)
- Re: checkapi Jeff Morriss (Apr 19)
- Re: checkapi Graham Bloice (Apr 21)
- Re: checkapi Jeff Morriss (Apr 21)
- Re: checkapi Graham Bloice (Apr 22)
- Re: checkapi Jeff Morriss (Apr 22)
- Re: checkapi Evan Huus (Apr 22)
- Re: checkapi Graham Bloice (Apr 22)
- Re: checkapi Jeff Morriss (Apr 27)