예제 #1
0
    def parse_strings(self, filename):
        """parse binary file's strings"""

        if inpath("strings"):
            # use "strings" on system if available (for performance)
            lines = subprocess.check_output(["strings",
                                             filename]).decode("utf-8")
        else:
            # Otherwise, use python implementation
            s = Strings(filename)
            lines = s.parse()
        return lines
예제 #2
0
    def scan_file(self, filename):
        """Scans a file to see if it contains any of the target libraries,
        and whether any of those contain CVEs"""

        self.logger.debug(f"Scanning file: {filename}")
        self.total_scanned_files += 1

        # Do not try to scan symlinks
        if os.path.islink(filename):
            return None

        # Ensure filename is a file
        if not os.path.isfile(filename):
            self.logger.warning(f"Invalid file {filename} cannot be scanned")
            return None

        # step 1: check if it's an ELF binary file
        if inpath("file"):
            # use system file if available (for performance reasons)
            o = subprocess.check_output(["file", filename])
            o = o.decode(sys.stdout.encoding)

            if "cannot open" in o:
                self.logger.warning(
                    f"Unopenable file {filename} cannot be scanned")
                return None

            if (("LSB " not in o) and ("LSB shared" not in o)
                    and ("LSB executable" not in o)
                    and ("PE32 executable" not in o)
                    and ("PE32+ executable" not in o) and ("Mach-O" not in o)):
                return None
        # otherwise use python implementation of file
        elif not is_binary(filename):
            return None
        # parse binary file's strings
        if inpath("strings"):
            # use "strings" on system if available (for performance)
            o = subprocess.check_output(["strings", filename])
            lines = o.decode("utf-8").splitlines()
        else:
            # Otherwise, use python implementation
            s = Strings(filename)
            lines = s.parse()

        yield from self.run_checkers(filename, lines)
예제 #3
0
 def setUpClass(cls):
     # build binaries
     if sys.platform == "linux" or sys.platform == "linux2":
         subprocess.call(["make", "clean-linux"], cwd=BINARIES_PATH)
     elif sys.platform == "win32":
         subprocess.call(["make", "clean-windows"], cwd=BINARIES_PATH)
     subprocess.call(["make", "all"], cwd=BINARIES_PATH)
     cls.strings = Strings()
예제 #4
0
 def setup_class(cls):
     cls.strings = Strings()
예제 #5
0
 def setUpClass(cls):
     # build binaries
     subprocess.call(["make", "clean"], cwd=BINARIES_PATH)
     subprocess.call(["make", "all"], cwd=BINARIES_PATH)
     cls.strings = Strings()