From: "Mohammed Billoo" <mab@mab-labs.com>
To: linux-safety@lists.elisa.tech
Cc: skhan@linuxfoundation.org, Mohammed Billoo <mab@mab-labs.com>
Subject: [PATCH] scripts: Report 'suspicious' comments
Date: Thu, 27 Aug 2020 11:13:33 -0400 [thread overview]
Message-ID: <20200827151333.11591-1-mab@mab-labs.com> (raw)
This perl script attempts to mitigate CWE-546
(https://cwe.mitre.org/data/definitions/546.html), which identifies code
with comments that suggest that code is incomplete. This script was
tested against the kernel, and the following is a snippet of the
output that was generated. The output was verified by confirming that
the specified file does indeed have that string at the specified line.
./arch/arm/include/asm/pgtable.h contains FIXME on line 316
./arch/arm/include/debug/imx.S contains FIXME on line 14
./arch/arm/kernel/entry-header.S contains BUG on line 71
./arch/arm/kernel/fiq.c contains FIXME on line 72
Signed-off-by: Mohammed Billoo <mab@mab-labs.com>
---
Makefile | 8 +++++++-
| 35 +++++++++++++++++++++++++++++++++++
2 files changed, 42 insertions(+), 1 deletion(-)
create mode 100644 scripts/checkcomment.pl
diff --git a/Makefile b/Makefile
index f21168154160..c84b8bc5c18e 100644
--- a/Makefile
+++ b/Makefile
@@ -264,7 +264,7 @@ no-dot-config-targets := $(clean-targets) \
cscope gtags TAGS tags help% %docs check% coccicheck \
$(version_h) headers headers_% archheaders archscripts \
%asm-generic kernelversion %src-pkg dt_binding_check \
- outputmakefile
+ outputmakefile commentcheck
no-sync-config-targets := $(no-dot-config-targets) %install kernelrelease
single-targets := %.a %.i %.ko %.lds %.ll %.lst %.mod %.o %.s %.symtypes %/
@@ -1575,6 +1575,7 @@ help:
@echo ' export_report - List the usages of all exported symbols'
@echo ' headerdep - Detect inclusion cycles in headers'
@echo ' coccicheck - Check with Coccinelle'
+ @echo ' commentcheck - Check and report suspicious comments'
@echo ''
@echo 'Tools:'
@echo ' nsdeps - Generate missing symbol namespace dependencies'
@@ -1842,6 +1843,11 @@ versioncheck:
-name '*.[hcS]' -type f -print | sort \
| xargs $(PERL) -w $(srctree)/scripts/checkversion.pl
+commentcheck:
+ find $(srctree)/* $(RCS_FIND_IGNORE) \
+ -name '*.[hcS]' -type f -print | sort \
+ | xargs $(PERL) -w $(srctree)/scripts/checkcomment.pl
+
coccicheck:
$(Q)$(BASH) $(srctree)/scripts/$@
--git a/scripts/checkcomment.pl b/scripts/checkcomment.pl
new file mode 100644
index 000000000000..22fd77bc75d1
--- /dev/null
+++ b/scripts/checkcomment.pl
@@ -0,0 +1,35 @@
+#!/usr/bin/env perl
+# SPDX-License-Identifier: GPL-2.0
+#
+# (c) 2020, Mohammed Billoo (mab@mab-labs.com)
+#
+# This script checks for any keywords outlined in CWE-546
+# (https://cwe.mitre.org/data/definitions/546.html)
+# and simply reports them to the user. It's up to the user
+# to take any further actions.
+
+use strict;
+
+my @keywords = ('TODO', 'BUG', 'FIXME', 'HACK');
+my @mismatch_keywords = ('BUG\(\)');
+
+foreach my $file (@ARGV) {
+ my $i = 1;
+ open(my $f, '<', $file)
+ or die "Cannot open $file: $!\n";
+
+ while (my $line = <$f>) {
+ foreach my $keyword (@keywords) {
+ if ($line =~ /\b$keyword\b/) {
+ foreach my $mismatch_keyword (@mismatch_keywords) {
+ if ($line =~ /$mismatch_keyword/) {}
+ else {
+ print "$file contains $keyword on line $i\n";
+ }
+ }
+ }
+ }
+
+ $i++;
+ }
+}
--
2.17.1
next reply other threads:[~2020-08-27 15:14 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-27 15:13 Mohammed Billoo [this message]
2020-09-09 14:05 ` [linux-safety] [PATCH] scripts: Report 'suspicious' comments Lukas Bulwahn
2020-09-09 23:45 ` Mohammed Billoo
2020-09-10 6:42 ` Lukas Bulwahn
2020-09-10 11:55 ` Mohammed Billoo
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200827151333.11591-1-mab@mab-labs.com \
--to=mab@mab-labs.com \
--cc=linux-safety@lists.elisa.tech \
--cc=skhan@linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).