-
Notifications
You must be signed in to change notification settings - Fork 1
/
makefile
271 lines (223 loc) · 8.9 KB
/
makefile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
# Flawfinder.
# Released under the General Public License (GPL) version 2 or later.
# (C) 2001-2017 David A. Wheeler.
# See "release_process.md" for release process, including
# how to change version numbers.
NAME=flawfinder
VERSION=2.0.10
RPM_VERSION=1
VERSIONEDNAME=$(NAME)-$(VERSION)
ARCH=noarch
SAMPLE_DIR=/usr/src/linux-2.2.16
PYTHON=python
PYTHON2=python2
PYTHON3=python3
# Flawfinder has traditionally used INSTALL_DIR, INSTALL_DIR_BIN, and
# INSTALL_DIR_MAN. Here we add support for GNU variables like prefix, etc.;
# users who override the older flawfinder-specific variable names will
# not notice any changes. We define exec_prefix oddly so we can
# quietly merge these 2 systems:
prefix=/usr/local
INSTALL_DIR=$(prefix)
exec_prefix=$(INSTALL_DIR)
bindir=$(exec_prefix)/bin
INSTALL_DIR_BIN=$(bindir)
datarootdir=$(INSTALL_DIR)/share
mandir=$(datarootdir)/man
man1dir=$(mandir)/man1
INSTALL_DIR_MAN=$(man1dir)
FLEX=flex
# For Cygwin on Windows, set PYTHONEXT=.py
# (EXE=.exe would be needed on some systems, but not for flawfinder)
EXE=
PYTHONEXT=
# EXE=.exe
# PYTHONEXT=.py
# The rpm build command. "rpmbuild" for rpm version 4.1+
# (e.g., in Red Hat Linux 8), "rpm" for older versions.
RPMBUILD=rpmbuild
DESTDIR=
all: flawfinder.pdf flawfinder.1.gz
chmod -R a+rX *
# We use the "-p" option of mkdir; some very old Unixes
# might not support this option, but it's a really common option
# and required by SUSv3 (and probably earlier, I haven't checked).
MKDIR_P=mkdir -p
INSTALL_PROGRAM=cp -p
INSTALL_DATA=cp -p
# This installer doesn't install the compiled Python bytecode.
# It doesn't take long to compile the short Python code, so
# it doesn't save much time, and having the source code available
# makes it easier to see what it does. It also avoids the
# (admittedly rare) problem of bad date/timestamps causing the
# compiled code to override later uncompiled Python code.
install:
-$(MKDIR_P) $(DESTDIR)$(INSTALL_DIR_BIN)
$(INSTALL_PROGRAM) flawfinder $(DESTDIR)$(INSTALL_DIR_BIN)/flawfinder$(PYTHONEXT)
-$(MKDIR_P) $(DESTDIR)$(INSTALL_DIR_MAN)
$(INSTALL_DATA) flawfinder.1 $(DESTDIR)$(INSTALL_DIR_MAN)/flawfinder.1
uninstall:
rm -f $(DESTDIR)$(INSTALL_DIR_BIN)/flawfinder$(PYTHONEXT)
rm -f $(DESTDIR)$(INSTALL_DIR_MAN)/flawfinder.1
flawfinder.1.gz: flawfinder.1
gzip -c9 < flawfinder.1 > flawfinder.1.gz
flawfinder.ps: flawfinder.1
man -t ./flawfinder.1 > flawfinder.ps
flawfinder.pdf: flawfinder.ps
ps2pdf flawfinder.ps flawfinder.pdf
# Not built by default, since man2html is not widely available
# and the PDF is prettier.
flawfinder.html: flawfinder.1
man2html flawfinder.1 | tail -n +3 > flawfinder.html
clean:
rm -f *.pyc
rm -f flawfinder-$(VERSION).tar.gz
rm -f cwe.c cwe
rm -f *.tar *.exe ./cwe
distribute: clean flawfinder.pdf flawfinder.ps
rm -fr build dist flawfinder.egg-info ,tempdir
chmod -R a+rX *
mkdir ,tempdir
cp -p [a-zA-Z]* ,tempdir
rm -f ,tempdir/*.tar.gz
rm -f ,tempdir/*.rpm
# We don't need both "flawfinder" and "flawfinder.py":
rm -f ,tempdir/flawfinder.py
mv ,tempdir flawfinder-$(VERSION)
# Nobody else needs "update" either.
rm -f ,tempdir/update
# Don't need compressed version of document.
rm -f ,tempdir/flawfinder.1.gz
# Don't include (out of date) index.html
rm -f ,tempdir/index.html
tar cvfz flawfinder-$(VERSION).tar.gz flawfinder-$(VERSION)
chown --reference=. flawfinder-$(VERSION).tar.gz
rm -fr flawfinder-$(VERSION)
dist: distribute
# This *creates* a PyPi distribution package. Use "upload-pypi" to upload it
pypi:
python setup.py bdist_wheel --universal
# NOTE: Only do this after running "make pypi" & being satisfied with it
# Use "-r pypitest" to upload to pypitest.
upload-pypi:
twine upload dist/*
time:
echo "Timing the program. First, time taken:"
time ./flawfinder $(SAMPLE_DIR)/*/*.[ch] > /dev/null
echo "Lines examined:"
wc -l $(SAMPLE_DIR)/*/*.[ch] | tail -2
test_001: flawfinder test.c test2.c
@echo 'test_001 (text output)'
@# Omit time report so that results are always the same textually.
@$(PYTHON) ./flawfinder --omittime test.c test2.c > test-results.txt
@echo >> test-results.txt
@echo "Testing for no ending newline:" >> test-results.txt
@$(PYTHON) ./flawfinder --omittime no-ending-newline.c | \
grep 'Lines analyzed' >> test-results.txt
@diff -u correct-results.txt test-results.txt
test_002: flawfinder test.c test2.c
@echo 'test_002 (HTML output)'
@$(PYTHON) ./flawfinder --omittime --html --context test.c test2.c > test-results.html
@diff -u correct-results.html test-results.html
test_003: flawfinder test.c test2.c
@echo 'test_003 (CSV output)'
@$(PYTHON) ./flawfinder --csv test.c test2.c > test-results.csv
@diff -u correct-results.csv test-results.csv
test_004: flawfinder test.c
@echo 'test_004 (single-line)'
@$(PYTHON) ./flawfinder -m 5 -S -DC --quiet test.c > \
test-results-004.txt
@diff -u correct-results-004.txt test-results-004.txt
test_005: flawfinder test-diff-005.patch test-patched.c
@echo 'test_005 (diff)'
@$(PYTHON) ./flawfinder -SQDC -P test-diff-005.patch \
test-patched.c > test-results-005.txt
@diff -u correct-results-005.txt test-results-005.txt
test_006: flawfinder test.c
@echo 'test_006 (save/load hitlist)'
@$(PYTHON) ./flawfinder -S -DC --quiet \
--savehitlist test-saved-hitlist-006.txt \
test.c > test-junk-006.txt
@$(PYTHON) ./flawfinder -SQDC -m 5 \
--loadhitlist test-saved-hitlist-006.txt > \
test-results-006.txt
@diff -u correct-results-006.txt test-results-006.txt
test_007: setup.py
@echo 'test_007 (setup.py sane)'
@test "`$(PYTHON) setup.py --name`" = 'flawfinder'
@test "`$(PYTHON) setup.py --license`" = 'GPL-2.0+'
@test "`$(PYTHON) setup.py --author`" = 'David A. Wheeler'
test_008: flawfinder test.c
@echo 'test_008 (diff hitlist)'
@$(PYTHON) ./flawfinder -S -DC --quiet \
--savehitlist test-saved-hitlist-008.txt \
test.c > test-junk-008.txt
@$(PYTHON) ./flawfinder -S -C --quiet --omittime \
--diffhitlist test-saved-hitlist-008.txt test.c > \
test-results-008.txt
@diff -u correct-results-008.txt test-results-008.txt
# Run all tests on *one* version of Python;
# output shows differences from expected results.
# If everything works as expected, it just prints test numbers.
# Set PYTHON as needed, including to ""
test: test_001 test_002 test_003 test_004 test_005 test_006 test_007 test_008
@echo 'All tests pass!'
# Usual check routine. Run all tests using *both* python2 and python3.
check:
@echo "Testing with $(PYTHON2)"
@PYTHON="$(PYTHON2)" $(MAKE) test
@echo
@echo "Testing with $(PYTHON3)"
@PYTHON="$(PYTHON3)" $(MAKE) test
# Run "make test-is-correct" if the results are as expected.
test-is-correct: test-results.txt
cp -p test-results.txt correct-results.txt
cp -p test-results.html correct-results.html
cp -p test-results.csv correct-results.csv
cp -p test-results-004.txt correct-results-004.txt
cp -p test-results-005.txt correct-results-005.txt
cp -p test-results-006.txt correct-results-006.txt
cp -p test-results-008.txt correct-results-008.txt
profile:
/usr/lib/python1.5/profile.py ./flawfinder > profile-results $(SAMPLE_DIR)/*/*.[ch] > profile-results
rpm: distribute
chmod -R a+rX *
cp $(VERSIONEDNAME).tar.gz /usr/src/redhat/SOURCES
cp flawfinder.spec /usr/src/redhat/SPECS
cd /usr/src/redhat/SPECS
$(RPMBUILD) -ba flawfinder.spec
chmod a+r /usr/src/redhat/RPMS/$(ARCH)/$(VERSIONEDNAME)-$(RPM_VERSION)*.rpm
chmod a+r /usr/src/redhat/SRPMS/$(VERSIONEDNAME)-$(RPM_VERSION)*.src.rpm
# cp -p /usr/src/redhat/RPMS/$(ARCH)/$(VERSIONEDNAME)-$(RPM_VERSION)*.rpm .
# cp -p /usr/src/redhat/RPMS/$(ARCH)/$(VERSIONEDNAME)-$(RPM_VERSION)*.rpm $(VERSIONEDNAME)-$(RPM_VERSION).noarch.rpm
cp -p /usr/src/redhat/RPMS/$(ARCH)/$(VERSIONEDNAME)-$(RPM_VERSION)*.rpm .
cp -p /usr/src/redhat/SRPMS/$(VERSIONEDNAME)-$(RPM_VERSION)*.src.rpm .
chown --reference=README.md *.rpm
# Install, for testing. Ignore the "not installed" message here,
# unless you already installed it; we're just removing any old copies:
-rpm -e flawfinder
rpm -ivh /usr/src/redhat/RPMS/$(ARCH)/$(VERSIONEDNAME)-$(RPM_VERSION)*.rpm
echo "Use rpm -e $(NAME) to remove the package"
chown --reference=. *.rpm
# This is a developer convenience target, not intended for general use.
my-install: flawfinder.pdf flawfinder.ps test
cp -p $(VERSIONEDNAME).tar.gz \
flawfinder flawfinder.1 makefile \
flawfinder.pdf flawfinder.ps ChangeLog \
test.c test2.c test-results.txt test-results.html \
/home/dwheeler/dwheeler.com/flawfinder/
# This is intended to be a local capability to list CWEs
cwe.c: cwe.l
$(FLEX) -o cwe.c cwe.l
cwe: cwe.c
$(CC) -o cwe cwe.c -lfl
show-cwes: cwe
./cwe < flawfinder | sort -u -V
pylint:
pylint flawfinder
.PHONY: install clean test check profile test-is-correct rpm \
uninstall distribute my-install show-cwes pylint
# When I switch to using "DistUtils", I may need to move the MANIFEST.in
# file into a subdirectory (named flawfinder-versionnumber).
# I can then create all the distribution files by just typing:
# python setup.py bdist_rpm