Changeset 2237:edb3d518d0ad for check_sec.sh

Timestamp:

2001-01-08 08:33:57 (8 years ago)

Author:

Thomas Roessler <roessler@…>

Branch:

HEAD

Message:

Going through possible security problems with a fine comb. If you
want to help, check out the current source, and run check_sec.sh.

Files:

• check_sec.sh (modified) (1 diff)

check_sec.sh

@@ -5 +5 @@
 #
 
-TMPFILE="`mktemp fopen.XXXXXX`" || exit 1
-grep -n '\<fopen.*".*w' *.c */*.c | fgrep -v __FOPEN_CHECKED__  > $TMPFILE
-test -s $TMPFILE && {
-        echo "WARNING: UNCHECKED FOPEN CALLS FOUND" ;
-        cat $TMPFILE ;
-        exit 1;
+TMPFILE="`mktemp check_sec.tmp.XXXXXX`" || exit 1
+
+do_check ()
+{
+        egrep -n "$1" *.c */*.c | fgrep -v $2 > $TMPFILE
+        test -s $TMPFILE && {
+                echo "$3" ;
+                cat $TMPFILE;
+                exit 1;
+        }
 }
+
+
+
+do_check '\<fopen.*'\"'.*w' __FOPEN_CHECKED__ "Alert: Unchecked fopen calls."
+do_check '\<(mutt_)?strcpy' __STRCPY_CHECKED__ "Alert: Unchecked strcpy calls."
+# do_check '\<strcat' __STRCAT_CHECKED__ "Alert: Unchecked strcat calls."
+do_check 'sprintf.*%s' __SPRINTF_CHECKED__ "Alert: Unchecked sprintf calls."
 
 rm -f $TMPFILE