Bug hunting: Add CVE test suite

2020-05-01 12:20:33 +02:00 · 2020-05-01 12:20:33 +02:00 · daae26c474
parent ef2e272f20
commit daae26c474
3 changed files with 5029 additions and 0 deletions
--- a/test/bug-hunting/cve.py
+++ b/test/bug-hunting/cve.py
@ -0,0 +1,41 @@
+# Test if --bug-hunting works using cve tests
+
+import glob
+import os
+import re
+import shutil
+import sys
+import subprocess
+
+if sys.argv[0] in ('test/bug-hunting/cve.py', './test/bug-hunting/cve.py'):
+    CPPCHECK_PATH = './cppcheck'
+    TEST_SUITE = 'test/bug-hunting/cve'
+else:
+    CPPCHECK_PATH = '../../cppcheck'
+    TEST_SUITE = 'cve'
+
+RUN_CLANG = ('--clang' in sys.argv)
+
+def check():
+    cmd = [CPPCHECK_PATH,
+           '--bug-hunting',
+           '--platform=unix64',
+           '--inline-suppr',
+           TEST_SUITE]
+    if RUN_CLANG:
+        cmd.append('--clang')
+    print(' '.join(cmd))
+
+    p = subprocess.Popen(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE)
+    comm = p.communicate()
+    stdout = comm[0].decode(encoding='utf-8', errors='ignore')
+    stderr = comm[1].decode(encoding='utf-8', errors='ignore')
+
+    # Ensure there are no unmatched suppressions
+    if '[unmatchedSuppression]' in stderr:
+        print('FAILED: There are unmatched suppressions')
+    else:
+        print('SUCCESS')
+
+
+check()
--- a/test/bug-hunting/cve/CVE-2019-14284/README
+++ b/test/bug-hunting/cve/CVE-2019-14284/README
@ -0,0 +1,5 @@
+
+Details:
+https://nvd.nist.gov/vuln/detail/CVE-2019-14284
+
+
--- a/test/bug-hunting/cve/CVE-2019-14284/floppy.c
+++ b/test/bug-hunting/cve/CVE-2019-14284/floppy.c