development/rats: Added to 13.0 repository
This commit is contained in:
Andrzej Telszewski
Robby Workman
parent
7c25bf3623
commit
d7168f9488
|
|
@ -0,0 +1,22 @@
|
|||
RATS - Rough Auditing Tool for Security
|
||||
|
||||
RATS is an open source tool developed and maintained by Secure Software
|
||||
security engineers. Secure Software was acquired by Fortify Software, Inc.
|
||||
RATS is a tool for scanning C, C++, Perl, PHP and Python source code and
|
||||
flagging common security related programming errors such as buffer overflows
|
||||
and TOCTOU (Time Of Check, Time Of Use) race conditions.
|
||||
|
||||
RATS scanning tool provides a security analyst with a list of potential
|
||||
trouble spots on which to focus, along with describing the problem and
|
||||
potentially suggest remedies. It also provides a relative assessment of the
|
||||
potential severity of each problem, to better help an auditor prioritize.
|
||||
This tool also performs some basic analysis to try to rule out conditions
|
||||
that are obviously not problems.
|
||||
|
||||
As its name implies, the tool performs only a rough analysis of source code.
|
||||
It will not find every error and will also find things that are not errors.
|
||||
Manual inspection of your code is still necessary, but greatly aided with
|
||||
this tool.
|
||||
|
||||
Example usage - to analyze "main.c":
|
||||
rats --db /usr/share/rats-2.3/rats-c.xml main.c
|
||||
|
|
@ -0,0 +1,92 @@
|
|||
#!/bin/sh
|
||||
|
||||
# Slackware build script for RATS
|
||||
|
||||
# Written by Andrzej Telszewski <atelszewski@gmail.com>
|
||||
|
||||
PRGNAM=rats
|
||||
VERSION=${VERSION:-2.3}
|
||||
ARCH=${ARCH:-i486}
|
||||
BUILD=${BUILD:-1}
|
||||
TAG=${TAG:-_SBo}
|
||||
|
||||
CWD=$(pwd)
|
||||
TMP=${TMP:-/tmp/SBo}
|
||||
PKG=$TMP/package-$PRGNAM
|
||||
OUTPUT=${OUTPUT:-/tmp}
|
||||
|
||||
if [ "$ARCH" = "i486" ]; then
|
||||
SLKCFLAGS="-O2 -march=i486 -mtune=i686"
|
||||
LIBDIRSUFFIX=""
|
||||
elif [ "$ARCH" = "i686" ]; then
|
||||
SLKCFLAGS="-O2 -march=i686 -mtune=i686"
|
||||
LIBDIRSUFFIX=""
|
||||
elif [ "$ARCH" = "x86_64" ]; then
|
||||
SLKCFLAGS="-O2 -fPIC"
|
||||
LIBDIRSUFFIX="64"
|
||||
fi
|
||||
|
||||
set -e
|
||||
|
||||
rm -rf $PKG
|
||||
mkdir -p $TMP $PKG $OUTPUT
|
||||
cd $TMP
|
||||
rm -rf $PRGNAM-$VERSION
|
||||
tar xvf $CWD/$PRGNAM-$VERSION.tar.gz
|
||||
cd $PRGNAM-$VERSION
|
||||
chown -R root:root .
|
||||
find . \
|
||||
\( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
|
||||
-exec chmod 755 {} \; -o \
|
||||
\( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
|
||||
-exec chmod 644 {} \;
|
||||
|
||||
CFLAGS="$SLKCFLAGS" \
|
||||
CXXFLAGS="$SLKCFLAGS" \
|
||||
./configure \
|
||||
--prefix=/usr \
|
||||
--libdir=/usr/lib${LIBDIRSUFFIX} \
|
||||
--sysconfdir=/etc \
|
||||
--localstatedir=/var \
|
||||
--mandir=/usr/man \
|
||||
--includedir=/usr/include \
|
||||
--build=$ARCH-slackware-linux
|
||||
|
||||
# it seems to be required to specify locations...
|
||||
make \
|
||||
BINDIR=/usr/bin \
|
||||
LIBDIR=/usr/lib${LIBDIRSUFFIX} \
|
||||
MANDIR=/usr/man \
|
||||
SHAREDIR=/usr/share/$PRGNAM-$VERSION
|
||||
make install \
|
||||
BINDIR=$PKG/usr/bin \
|
||||
LIBDIR=$PKG/usr/lib${LIBDIRSUFFIX} \
|
||||
MANDIR=$PKG/usr/man \
|
||||
SHAREDIR=$PKG/usr/share/$PRGNAM-$VERSION
|
||||
|
||||
# this directory seems to be not used
|
||||
rmdir $PKG/usr/lib${LIBDIRSUFFIX}
|
||||
|
||||
( cd $PKG
|
||||
find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | \
|
||||
xargs strip --strip-unneeded 2> /dev/null || true
|
||||
find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | \
|
||||
xargs strip --strip-unneeded 2> /dev/null || true
|
||||
)
|
||||
|
||||
( cd $PKG/usr/man
|
||||
find . -type f -exec gzip -9 {} \;
|
||||
for i in $( find . -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
|
||||
)
|
||||
|
||||
mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
|
||||
cp -a \
|
||||
COPYING rats.dsp rats.dsw rats.spec README \
|
||||
$PKG/usr/doc/$PRGNAM-$VERSION
|
||||
cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
|
||||
|
||||
mkdir -p $PKG/install
|
||||
cat $CWD/slack-desc > $PKG/install/slack-desc
|
||||
|
||||
cd $PKG
|
||||
/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}
|
||||
|
|
@ -0,0 +1,10 @@
|
|||
PRGNAM="rats"
|
||||
VERSION="2.3"
|
||||
HOMEPAGE="http://www.fortify.com/security-resources/rats.jsp"
|
||||
DOWNLOAD="http://www.fortify.com/servlet/downloads/public/rats-2.3.tar.gz"
|
||||
MD5SUM="339ebe60fc61789808a457f6f967d226"
|
||||
DOWNLOAD_x86_64=""
|
||||
MD5SUM_x86_64=""
|
||||
MAINTAINER="Andrzej Telszewski"
|
||||
EMAIL="atelszewski@gmail.com"
|
||||
APPROVED="rworkman"
|
||||
|
|
@ -0,0 +1,19 @@
|
|||
# HOW TO EDIT THIS FILE:
|
||||
# The "handy ruler" below makes it easier to edit a package description. Line
|
||||
# up the first '|' above the ':' following the base package name, and the '|' on
|
||||
# the right side marks the last column you can put a character in. You must make
|
||||
# exactly 11 lines for the formatting to be correct. It's also customary to
|
||||
# leave one space after the ':'.
|
||||
|
||||
|-----handy-ruler------------------------------------------------------|
|
||||
rats: rats (Rough Auditing Tool for Security)
|
||||
rats:
|
||||
rats: RATS is a tool for scanning C, C++, Perl, PHP and Python source code
|
||||
rats: and flagging common security related programming errors such as
|
||||
rats: buffer overflows and TOCTOU (Time Of Check, Time Of Use) race
|
||||
rats: conditions.
|
||||
rats:
|
||||
rats: Homepage: http://www.fortify.com/security-resources/rats.jsp
|
||||
rats:
|
||||
rats:
|
||||
rats:
|
||||
Loading…
Reference in New Issue