cppcheck/test/bug-hunting/juliet.py

78 lines
2.2 KiB
Python
Raw Normal View History

# Test if --bug-hunting works using the juliet testsuite
# The Juliet test suite can be downloaded from:
# https://samate.nist.gov/SRD/testsuite.php
import glob
import os
import re
import shutil
import sys
import subprocess
JULIET_PATH = os.path.expanduser('~/juliet')
if sys.argv[0] in ('test/bug-hunting/juliet.py', './test/bug-hunting/juliet.py'):
CPPCHECK_PATH = './cppcheck'
else:
CPPCHECK_PATH = '../../cppcheck'
RUN_CLANG = ('--clang' in sys.argv)
def get_files(juliet_path:str, test_cases:str):
ret = []
g = os.path.join(juliet_path, test_cases)
print(g)
for f in sorted(glob.glob(g)):
res = re.match(r'(.*[0-9][0-9])[a-x]?.(cp*)$', f)
if res is None:
print('Non-match!! ' + f)
sys.exit(1)
f = res.group(1) + '*.' + res.group(2)
if f not in ret:
ret.append(f)
return ret
def check(tc:str, warning_id:str):
num_ok = 0
num_failed = 0
for f in get_files(JULIET_PATH, tc):
cmd = [CPPCHECK_PATH,
'-I' + os.path.join(JULIET_PATH, 'C/testcasesupport'),
'-DOMIT_GOOD',
2019-10-23 16:49:45 +02:00
'-DAF_INET=1',
'-DINADDR_ANY=1',
'--library=posix',
'--bug-hunting',
'--platform=unix64']
if RUN_CLANG:
cmd += ['--clang', '--cppcheck-build-dir=juliet-build-dir']
if not os.path.isdir('juliet-build-dir'):
os.mkdir('juliet-build-dir')
cmd += glob.glob(f)
p = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
comm = p.communicate()
stdout = comm[0].decode(encoding='utf-8', errors='ignore')
stderr = comm[1].decode(encoding='utf-8', errors='ignore')
if RUN_CLANG:
shutil.rmtree('juliet-build-dir')
if warning_id in stderr:
num_ok += 1
else:
2020-05-07 18:55:22 +02:00
print('fail: ' + ' '.join(cmd))
num_failed += 1
cwepos = tc.find('CWE')
cwe = tc[cwepos:cwepos+6]
2020-05-07 18:55:22 +02:00
print('%s ok:%i, fail:%i' % (cwe, num_ok, num_failed))
if num_failed != 0:
sys.exit(1)
2020-05-07 18:55:22 +02:00
check('C/testcases/CWE369_Divide_by_Zero/s*/*.c', 'bughuntingDivByZero')
#check('C/testcases/CWE457_Use_of_Uninitialized_Variable/s*/*.c', 'verificationUninit')