end0tknr's kipple - 新web写経開発

http://d.hatena.ne.jp/end0tknr/ から移転します

ソースコード脆弱性静的検査ツール - RATS (Rough Auditing Tool for Security)




「危険な組込み関数を検知」程度であれば、Perl::Critic で十分な気もしますが、とりあえず? 以下の通り


xml parserのexpatが、別途必要です

$ wget https://rough-auditing-tool-for-security.googlecode.com/files/rats-2.4.tgz
$ configure
$ make
$ make check
$ su
# make install


$ cd /path/to/perl/proj/lib
$ rats --html . > ~/tmp/rats.html


Entries in perl database: 33
Entries in ruby database: 46
Entries in python database: 62
Entries in c database: 334
Entries in php database: 55
Severity: High
Issue: connect
The second argument specifiying the packed address to bind to, should not be derived from user input. If the address is derived from user input, it is possible for a malicious user to cause the socket to connect to an arbitrary remote address, enabling hijacking of potentially sensitive network data. 
File: ./Xing/Model/AS400.pm
Lines: 134
File: ./Xing/DBI.pm
Lines: 14 31
Severity: Medium
Issue: open
The filename argument of open should be carefully checked if it is being created with any user-supplied string as a compontent of it. Strings should be checked for occurences of path backtracking/relative path components (../ as an example), or nulls, which may cause the underlying C call to interpret the filename to open differently than expected. It is also important to make sure that the final filename does not end in a "|", as this will cause the path to be executed. 
File: ./Xing/Template.pm
Lines: 58 684
File: ./Xing/Print/Juchuu.pm