-
Notifications
You must be signed in to change notification settings - Fork 3
Expand file tree
/
Copy pathgenreport.cpp
More file actions
87 lines (69 loc) · 2.52 KB
/
genreport.cpp
File metadata and controls
87 lines (69 loc) · 2.52 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
/*PLOVER: MISC.DFREE*/
/*
Description: malloc'd data is freed more than once.
Keywords: Size0 Complex0 Api MemMgmt DoubleFree
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <map>
int main() {
FILE* report;
FILE* finalReport;
char* line = NULL;
size_t len = 0;
ssize_t lineLen;
report = fopen("report.txt", "r");
finalReport = fopen("memory_report.txt", "w");
if (report == NULL) {
printf("ERROR: Unable to generate report");
exit(EXIT_FAILURE);
}
fprintf(finalReport, "---------- Memory Safety Vulnerabilities Report ----------\n\n");
fprintf(finalReport, "########## Free Related Vulnerabilities ##########\n");
std::map<char*, std::string> allocations;
while ((lineLen = getline(&line, &len, report)) != -1) {
// If existing warning, dump in final report
if (strstr(line, "Line") != NULL) {
fprintf(finalReport, "%s", line);
}
// Record allocation/deallocation pattern
if (strstr(line, "Log") != NULL) {
if (strstr(line, "Malloc") != NULL) {
std::string metadata = "";
char* allocation = strtok(line, " ");
allocation = strtok(NULL, " ");
metadata.append(allocation);
metadata.append(" ");
allocation = strtok(NULL, " ");
metadata.append(allocation);
allocation = strtok(NULL, " ");
allocation = strtok(NULL, " ");
allocations[allocation] = metadata;
}
if (strstr(line, "Free") != NULL) {
char* deallocation = strtok(line, " ");
deallocation = strtok(NULL, " ");
deallocation = strtok(NULL, " ");
deallocation = strtok(NULL, " ");
deallocation = strtok(NULL, " ");
if (allocations.find(deallocation) != allocations.end()) {
allocations.erase(deallocation);
}
}
}
}
// Report any remaining allocations as memory leaks
fprintf(finalReport, "\n########## Memory Leaks ##########\n");
for(std::map<char*,std::string>::iterator it=allocations.begin(); it!=allocations.end(); ++it) {
const char* alloc_data = (it->second).c_str();
char* alloc_data_copy = new char[(it->second).length() + 1];
strcpy(alloc_data_copy, alloc_data);
char* metadata = strtok(alloc_data_copy, " ");
char* line = metadata;
metadata = strtok(NULL, " ");
char* col = metadata;
fprintf(finalReport, "Line %s.%s: Warning: Memory Leak!\n", line, col);
}
return 0;
}