rpms/skipfish/devel import.log, NONE, 1.1 skipfish-fortify.patch, NONE, 1.1 skipfish-makefile.patch, NONE, 1.1 skipfish.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
rebus
rebus at fedoraproject.org
Fri May 7 22:56:14 UTC 2010
Author: rebus
Update of /cvs/pkgs/rpms/skipfish/devel
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv28371/devel
Modified Files:
.cvsignore sources
Added Files:
import.log skipfish-fortify.patch skipfish-makefile.patch
skipfish.spec
Log Message:
initial import
--- NEW FILE import.log ---
skipfish-1_32-0_4_b_fc12:HEAD:skipfish-1.32-0.4.b.fc12.src.rpm:1273272932
skipfish-fortify.patch:
Makefile | 2 +-
alloc-inl.h | 39 ++++++++++-----------------------------
analysis.c | 4 ++--
crawler.c | 12 ++++++------
database.c | 20 ++++++++++----------
database.h | 2 +-
http_client.c | 20 ++++++++++----------
http_client.h | 9 +++++----
report.c | 12 ++++++------
string-inl.h | 13 ++++++++-----
10 files changed, 59 insertions(+), 74 deletions(-)
--- NEW FILE skipfish-fortify.patch ---
diff -up skipfish/alloc-inl.h.0fortify skipfish/alloc-inl.h
--- skipfish/alloc-inl.h.0fortify 2010-03-21 17:58:36.000000000 +0100
+++ skipfish/alloc-inl.h 2010-04-27 19:42:29.000000000 +0200
@@ -60,7 +60,6 @@
static inline void* __DFL_ck_alloc(u32 size) {
void* ret;
- u32 usable;
if (!size) return NULL;
@@ -68,33 +67,27 @@ static inline void* __DFL_ck_alloc(u32 s
ret = malloc(size);
ALLOC_CHECK_RESULT(ret, size);
- usable = malloc_usable_size(ret);
- memset(ret, 0, usable);
+ memset(ret, 0, size);
return ret;
}
-static inline void* __DFL_ck_realloc(void* orig, u32 size) {
+static inline void* __DFL_ck_realloc(void* orig, s32 oldnum, s32 addnum, u32 itemsize) {
void* ret;
- u32 old_usable = 0,
- new_usable;
+ u32 size = (oldnum+addnum) * itemsize;
if (!size) {
free(orig);
return NULL;
}
- if (orig) old_usable = malloc_usable_size(orig);
-
ALLOC_CHECK_SIZE(size);
ret = realloc(orig, size);
ALLOC_CHECK_RESULT(ret, size);
- new_usable = malloc_usable_size(ret);
-
- if (new_usable > old_usable)
- memset(ret + old_usable, 0, new_usable - old_usable);
+ if (addnum > 0)
+ memset(ret + oldnum*itemsize, 0, addnum*itemsize);
return ret;
}
@@ -103,7 +96,6 @@ static inline void* __DFL_ck_realloc(voi
static inline void* __DFL_ck_strdup(u8* str) {
void* ret;
u32 size;
- u32 usable;
if (!str) return NULL;
@@ -113,20 +105,14 @@ static inline void* __DFL_ck_strdup(u8*
ret = malloc(size);
ALLOC_CHECK_RESULT(ret, size);
- usable = malloc_usable_size(ret);
-
memcpy(ret, str, size);
- if (usable > size)
- memset(ret + size, 0, usable - size);
-
return ret;
}
static inline void* __DFL_ck_memdup(u8* mem, u32 size) {
void* ret;
- u32 usable;
if (!mem || !size) return NULL;
@@ -134,13 +120,8 @@ static inline void* __DFL_ck_memdup(u8*
ret = malloc(size);
ALLOC_CHECK_RESULT(ret, size);
- usable = malloc_usable_size(ret);
-
memcpy(ret, mem, size);
- if (usable > size)
- memset(ret + size, 0, usable - size);
-
return ret;
}
@@ -194,7 +175,7 @@ static inline void __AD_alloc_buf(void*
}
__AD_trk[b] = __DFL_ck_realloc(__AD_trk[b],
- (__AD_trk_cnt[b] + 1) * sizeof(struct __AD_trk_obj));
+ __AD_trk_cnt[b], 1, sizeof(struct __AD_trk_obj));
__AD_trk[b][__AD_trk_cnt[b]].ptr = ptr;
__AD_trk[b][__AD_trk_cnt[b]].file = (char*)file;
@@ -253,9 +234,9 @@ static inline void* __AD_ck_alloc(u32 si
}
-static inline void* __AD_ck_realloc(void* orig, u32 size, const char* file,
+static inline void* __AD_ck_realloc(void* orig, s32 oldnum, s32 addnum, u32 itemsize, const char* file,
const char* func, u32 line) {
- void* ret = __DFL_ck_realloc(orig, size);
+ void* ret = __DFL_ck_realloc(orig, oldnum, addnum, itemsize);
__AD_free_buf(orig, file, func, line);
__AD_alloc_buf(ret, file, func, line);
return ret;
@@ -289,8 +270,8 @@ static inline void __AD_ck_free(void* pt
#define ck_alloc(_p1) \
__AD_ck_alloc(_p1, __FILE__, __FUNCTION__, __LINE__)
-#define ck_realloc(_p1, _p2) \
- __AD_ck_realloc(_p1, _p2, __FILE__, __FUNCTION__, __LINE__)
+#define ck_realloc(_p1, _p2, _p3, _p4) \
+ __AD_ck_realloc(_p1, _p2, _p3, _p4, __FILE__, __FUNCTION__, __LINE__)
#define ck_strdup(_p1) \
__AD_ck_strdup(_p1, __FILE__, __FUNCTION__, __LINE__)
#define ck_memdup(_p1, _p2) \
diff -up skipfish/analysis.c.0fortify skipfish/analysis.c
--- skipfish/analysis.c.0fortify 2010-04-13 19:07:31.000000000 +0200
+++ skipfish/analysis.c 2010-04-27 19:42:29.000000000 +0200
@@ -345,10 +345,10 @@ static u8* html_decode_param(u8* url, u8
void add_form_hint(u8* name, u8* value) {
addl_form_name = ck_realloc(addl_form_name,
- (addl_form_cnt + 1) * sizeof(u8*));
+ addl_form_cnt, 1, sizeof(u8*));
addl_form_value = ck_realloc(addl_form_value,
- (addl_form_cnt + 1) * sizeof(u8*));
+ addl_form_cnt, 1, sizeof(u8*));
addl_form_name[addl_form_cnt] = name;
addl_form_value[addl_form_cnt] = value;
diff -up skipfish/crawler.c.0fortify skipfish/crawler.c
--- skipfish/crawler.c.0fortify 2010-03-23 20:22:33.000000000 +0100
+++ skipfish/crawler.c 2010-04-27 19:42:29.000000000 +0200
@@ -1744,8 +1744,8 @@ static u8 par_numerical_callback(struct
DEBUG("--- New pivot (value): %s ---\n", n->name);
- req->pivot->child = ck_realloc(req->pivot->child, (req->pivot->child_cnt + 1)
- * sizeof(struct pivot_desc*));
+ req->pivot->child = ck_realloc(req->pivot->child, req->pivot->child_cnt, 1,
+ sizeof(struct pivot_desc*));
req->pivot->child[req->pivot->child_cnt++] = n;
@@ -1931,8 +1931,8 @@ static u8 par_dict_callback(struct http_
DEBUG("--- New pivot (value): %s ---\n", n->name);
- req->pivot->child = ck_realloc(req->pivot->child, (req->pivot->child_cnt + 1)
- * sizeof(struct pivot_desc*));
+ req->pivot->child = ck_realloc(req->pivot->child, req->pivot->child_cnt, 1,
+ sizeof(struct pivot_desc*));
req->pivot->child[req->pivot->child_cnt++] = n;
req->pivot = n;
@@ -2063,8 +2063,8 @@ static u8 par_trylist_callback(struct ht
DEBUG("--- New pivot (value): %s ---\n", n->name);
- req->pivot->child = ck_realloc(req->pivot->child, (req->pivot->child_cnt + 1)
- * sizeof(struct pivot_desc*));
+ req->pivot->child = ck_realloc(req->pivot->child, req->pivot->child_cnt, 1,
+ sizeof(struct pivot_desc*));
req->pivot->child[req->pivot->child_cnt++] = n;
req->pivot = n;
diff -up skipfish/database.c.0fortify skipfish/database.c
--- skipfish/database.c.0fortify 2010-03-25 03:45:25.000000000 +0100
+++ skipfish/database.c 2010-04-27 19:42:29.000000000 +0200
@@ -162,7 +162,7 @@ void maybe_add_pivot(struct http_request
cur = ck_alloc(sizeof(struct pivot_desc));
root_pivot.child = ck_realloc(root_pivot.child,
- (root_pivot.child_cnt + 1) * sizeof(struct pivot_desc*));
+ root_pivot.child_cnt, 1, sizeof(struct pivot_desc*));
root_pivot.child[root_pivot.child_cnt++] = cur;
@@ -255,7 +255,7 @@ void maybe_add_pivot(struct http_request
n = ck_alloc(sizeof(struct pivot_desc));
- cur->child = ck_realloc(cur->child, (cur->child_cnt + 1) *
+ cur->child = ck_realloc(cur->child, cur->child_cnt, 1,
sizeof(struct pivot_desc*));
cur->child[cur->child_cnt++] = n;
@@ -376,7 +376,7 @@ void maybe_add_pivot(struct http_request
if (c == cur->try_cnt) {
- cur->try_list = ck_realloc(cur->try_list, (cur->try_cnt + 1) *
+ cur->try_list = ck_realloc(cur->try_list, cur->try_cnt, 1,
sizeof(u8*));
cur->try_list[cur->try_cnt++] = ck_strdup(req->par.v[pno]);
@@ -434,7 +434,7 @@ void maybe_add_pivot(struct http_request
n = ck_alloc(sizeof(struct pivot_desc));
- cur->child = ck_realloc(cur->child, (cur->child_cnt + 1) *
+ cur->child = ck_realloc(cur->child, cur->child_cnt, 1,
sizeof(struct pivot_desc*));
cur->child[cur->child_cnt++] = n;
@@ -476,7 +476,7 @@ void maybe_add_pivot(struct http_request
if (c == cur->try_cnt) {
- cur->try_list = ck_realloc(cur->try_list, (cur->try_cnt + 1) *
+ cur->try_list = ck_realloc(cur->try_list, cur->try_cnt, 1,
sizeof(u8*));
cur->try_list[cur->try_cnt++] = ck_strdup(req->par.v[pno]);
@@ -533,7 +533,7 @@ void problem(u32 type, struct http_reque
if (type == pv->issue[i].type && !strcmp(extra ? (char*)extra : "",
pv->issue[i].extra ? (char*)pv->issue[i].extra : "")) return;
- pv->issue = ck_realloc(pv->issue, (pv->issue_cnt + 1) *
+ pv->issue = ck_realloc(pv->issue, pv->issue_cnt, 1,
sizeof(struct issue_desc));
pv->issue[pv->issue_cnt].type = type;
@@ -832,7 +832,7 @@ static void wordlist_confirm_single(u8*
if (!keyword[kh][i].is_ext && is_ext) {
keyword[kh][i].is_ext = 1;
- extension = ck_realloc(extension, (extension_cnt + 1) * sizeof(u8*));
+ extension = ck_realloc(extension, extension_cnt, 1, sizeof(u8*));
extension[extension_cnt++] = keyword[kh][i].word;
}
@@ -842,7 +842,7 @@ static void wordlist_confirm_single(u8*
/* Word not known (and i == keyword_cnt[kh]). Create a new wordlist entry. */
- keyword[kh] = ck_realloc(keyword[kh], (i + 1) * sizeof(struct kw_entry));
+ keyword[kh] = ck_realloc(keyword[kh], i, 1, sizeof(struct kw_entry));
keyword_cnt[kh]++;
keyword_total_cnt++;
@@ -858,7 +858,7 @@ static void wordlist_confirm_single(u8*
if (!total_age) keyword[kh][i].hit_already = 1;
if (is_ext) {
- extension = ck_realloc(extension, (extension_cnt + 1) * sizeof(u8*));
+ extension = ck_realloc(extension, extension_cnt, 1, sizeof(u8*));
extension[extension_cnt++] = keyword[kh][i].word;
}
@@ -1326,7 +1326,7 @@ u8* new_xss_tag(u8* prefix) {
/* Registers last XSS tag along with a completed http_request */
void register_xss_tag(struct http_request* req) {
- xss_req = ck_realloc(xss_req, (cur_xss_id + 1) *
+ xss_req = ck_realloc(xss_req, cur_xss_id, 1,
(sizeof(struct http_request*)));
xss_req[cur_xss_id] = req_copy(req, 0, 1);
cur_xss_id++;
diff -up skipfish/database.h.0fortify skipfish/database.h
--- skipfish/database.h.0fortify 2010-03-23 19:43:01.000000000 +0100
+++ skipfish/database.h 2010-04-27 19:42:29.000000000 +0200
@@ -312,7 +312,7 @@ u8 same_page(struct http_sig* sig1, stru
/* URL filtering constraints (exported from database.c): */
#define APPEND_FILTER(_ptr, _cnt, _val) do { \
- (_ptr) = ck_realloc(_ptr, ((_cnt) + 1) * sizeof(u8*)); \
+ (_ptr) = ck_realloc(_ptr, (_cnt), 1, sizeof(u8*)); \
(_ptr)[_cnt] = (u8*)(_val); \
(_cnt)++; \
} while (0)
diff -up skipfish/http_client.c.0fortify skipfish/http_client.c
--- skipfish/http_client.c.0fortify 2010-04-19 06:07:02.000000000 +0200
+++ skipfish/http_client.c 2010-04-27 19:42:29.000000000 +0200
@@ -147,9 +147,9 @@ void set_value(u8 type, u8* name, u8* va
/* No offset or no match - append to the end of list. */
- par->t = ck_realloc(par->t, (par->c + 1) * sizeof(u8));
- par->n = ck_realloc(par->n, (par->c + 1) * sizeof(u8*));
- par->v = ck_realloc(par->v, (par->c + 1) * sizeof(u8*));
+ par->t = ck_realloc(par->t, par->c, 1, sizeof(u8));
+ par->n = ck_realloc(par->n, par->c, 1, sizeof(u8*));
+ par->v = ck_realloc(par->v, par->c, 1, sizeof(u8*));
par->t[par->c] = type;
par->n[par->c] = ck_strdup(name);
par->v[par->c] = ck_strdup(val);
@@ -425,7 +425,7 @@ u8* url_decode_token(u8* str, u32 len, u
*(dst++) = 0;
- ret = ck_realloc(ret, dst - ret);
+ ret = ck_realloc(ret, 1, 0, dst - ret);
return ret;
}
@@ -455,7 +455,7 @@ u8* url_encode_token(u8* str, u32 len) {
*(dst++) = 0;
- ret = ck_realloc(ret, dst - ret);
+ ret = ck_realloc(ret, 1, 0, dst - ret);
return ret;
@@ -1547,8 +1547,8 @@ u8 parse_response(struct http_request* r
bytes_deflated += res->pay_len;
res->pay_len = SIZE_LIMIT - d.avail_out;
- res->payload = ck_realloc(tmp_buf, res->pay_len + 1);
- res->payload[res->pay_len] = 0;
+ res->payload = ck_realloc(tmp_buf, res->pay_len, 1, 1);
+ /* cleaned by ck_realloc res->payload[res->pay_len] = 0; */
bytes_inflated += res->pay_len;
@@ -2015,7 +2015,7 @@ network_error:
s32 read_res;
u8 p_ret;
- c->read_buf = ck_realloc(c->read_buf, c->read_len + READ_CHUNK + 1);
+ c->read_buf = ck_realloc(c->read_buf, c->read_len, READ_CHUNK + 1, 1);
if (c->proto == PROTO_HTTPS) {
s32 ssl_err;
@@ -2042,9 +2042,9 @@ network_error:
bytes_recv += read_res;
c->read_len += read_res;
- c->read_buf = ck_realloc(c->read_buf, c->read_len + 1);
+ c->read_buf = ck_realloc(c->read_buf, c->read_len, 1, 1);
- c->read_buf[c->read_len] = 0; /* NUL-terminate for sanity. */
+ /* NUL terminated by ck_realloc c->read_buf[c->read_len] = 0; */
/* We force final parse_response() if response length exceeded
size_limit by more than 4 kB. The assumption here is that
diff -up skipfish/http_client.h.0fortify skipfish/http_client.h
--- skipfish/http_client.h.0fortify 2010-03-18 08:16:04.000000000 +0100
+++ skipfish/http_client.h 2010-04-27 19:42:29.000000000 +0200
@@ -227,10 +227,11 @@ struct dns_entry {
/* Simplified macros to manipulate param_arrays: */
#define ADD(_ar,_t,_n,_v) do { \
- u32 _cur = (_ar)->c++; \
- (_ar)->t = ck_realloc((_ar)->t, (_ar)->c); \
- (_ar)->n = ck_realloc((_ar)->n, (_ar)->c * sizeof(u8*)); \
- (_ar)->v = ck_realloc((_ar)->v, (_ar)->c * sizeof(u8*)); \
+ u32 _cur = (_ar)->c; \
+ (_ar)->t = ck_realloc((_ar)->t, (_ar)->c, 1, 1); \
+ (_ar)->n = ck_realloc((_ar)->n, (_ar)->c, 1, sizeof(u8*)); \
+ (_ar)->v = ck_realloc((_ar)->v, (_ar)->c, 1, sizeof(u8*)); \
+ (_ar)->c++; \
(_ar)->t[cur] = _t; \
(_ar)->n[cur] = (_n) ? ck_strdup(_n) : 0; \
(_ar)->v[cur] = (_v) ? ck_strdup(_v) : 0; \
diff -up skipfish/Makefile.0fortify skipfish/Makefile
--- skipfish/Makefile.0fortify 2010-03-30 17:53:01.000000000 +0200
+++ skipfish/Makefile 2010-04-27 19:42:29.000000000 +0200
@@ -26,7 +26,7 @@ INCFILES = alloc-inl.h string-inl.h de
database.h crawler.h analysis.h config.h report.h
CFLAGS_GEN = -Wall -funsigned-char -g -ggdb -I/usr/local/include/ \
- -I/opt/local/include/ $(CFLAGS) -D_FORTIFY_SOURCE=0
+ -I/opt/local/include/ $(CFLAGS) -D_FORTIFY_SOURCE=2
CFLAGS_DBG = -DLOG_STDERR=1 -DDEBUG_ALLOCATOR=1 $(CFLAGS_GEN)
CFLAGS_OPT = -O3 -Wno-format $(CFLAGS_GEN)
diff -up skipfish/report.c.0fortify skipfish/report.c
--- skipfish/report.c.0fortify 2010-04-09 00:36:30.000000000 +0200
+++ skipfish/report.c 2010-04-27 19:42:29.000000000 +0200
@@ -210,7 +210,7 @@ static void maybe_add_sig(struct pivot_d
/* No match - create a new one. */
- p_sig = ck_realloc(p_sig, (p_sig_cnt + 1) * sizeof(struct p_sig_desc));
+ p_sig = ck_realloc(p_sig, p_sig_cnt, 1, sizeof(struct p_sig_desc));
p_sig[p_sig_cnt].type = pv->type;
p_sig[p_sig_cnt].res_sig = &pv->res->sig;
@@ -439,7 +439,7 @@ static void save_req_res(struct http_req
if (!strcmp((char*)m_samp[i].det_mime, (char*)res->sniffed_mime)) break;
if (i == m_samp_cnt) {
- m_samp = ck_realloc(m_samp, (i + 1) * sizeof(struct mime_sample_desc));
+ m_samp = ck_realloc(m_samp, i, 1, sizeof(struct mime_sample_desc));
m_samp[i].det_mime = res->sniffed_mime;
m_samp_cnt++;
} else {
@@ -452,9 +452,9 @@ static void save_req_res(struct http_req
if (same_page(&m_samp[i].res[c]->sig, &res->sig)) return;
}
- m_samp[i].req = ck_realloc(m_samp[i].req, (m_samp[i].sample_cnt + 1) *
+ m_samp[i].req = ck_realloc(m_samp[i].req, m_samp[i].sample_cnt, 1,
sizeof(struct http_request*));
- m_samp[i].res = ck_realloc(m_samp[i].res, (m_samp[i].sample_cnt + 1) *
+ m_samp[i].res = ck_realloc(m_samp[i].res, m_samp[i].sample_cnt, 1,
sizeof(struct http_response*));
m_samp[i].req[m_samp[i].sample_cnt] = req;
m_samp[i].res[m_samp[i].sample_cnt] = res;
@@ -570,12 +570,12 @@ static void output_crawl_tree(struct piv
if (i_samp[c].type == pv->issue[i].type) break;
if (c == i_samp_cnt) {
- i_samp = ck_realloc(i_samp, (c + 1) * sizeof(struct issue_sample_desc));
+ i_samp = ck_realloc(i_samp, c, 1, sizeof(struct issue_sample_desc));
i_samp_cnt++;
i_samp[c].type = pv->issue[i].type;
}
- i_samp[c].i = ck_realloc(i_samp[c].i, (i_samp[c].sample_cnt + 1) *
+ i_samp[c].i = ck_realloc(i_samp[c].i, i_samp[c].sample_cnt, 1,
sizeof(struct issue_desc*));
i_samp[c].i[i_samp[c].sample_cnt] = &pv->issue[i];
i_samp[c].sample_cnt++;
diff -up skipfish/string-inl.h.0fortify skipfish/string-inl.h
--- skipfish/string-inl.h.0fortify 2010-03-18 08:14:28.000000000 +0100
+++ skipfish/string-inl.h 2010-04-27 19:53:14.000000000 +0200
@@ -102,23 +102,26 @@ static inline void* inl_memmem(const voi
/* String manipulation macros for operating on a dynamic buffer. */
+#define ALLOC_POWER 10
+
#define NEW_STR(_buf_ptr, _buf_len) do { \
- (_buf_ptr) = ck_alloc(1024); \
+ (_buf_ptr) = ck_alloc(1<<ALLOC_POWER); \
(_buf_len) = 0; \
} while (0)
#define ADD_STR_DATA(_buf_ptr, _buf_len, _str) do { \
u32 _sl = strlen((char*)_str); \
- if ((_buf_len) + (_sl) + 1 > malloc_usable_size(_buf_ptr)) { \
- u32 _nsiz = ((_buf_len) + _sl + 1024) >> 10 << 10; \
- (_buf_ptr) = ck_realloc(_buf_ptr, _nsiz); \
+ u32 _siz = ((_buf_len) + (1<<ALLOC_POWER)) >> ALLOC_POWER << ALLOC_POWER; \
+ if ((_buf_len) + _sl + 1 > _siz) { \
+ _siz = ((_buf_len) + _sl + (1<<ALLOC_POWER)) >> ALLOC_POWER << ALLOC_POWER; \
+ (_buf_ptr) = ck_realloc(_buf_ptr, (_buf_len), _siz-(_buf_len), 1); \
} \
memcpy((_buf_ptr) + (_buf_len), _str, _sl + 1); \
(_buf_len) += _sl; \
} while (0)
#define TRIM_STR(_buf_ptr, _buf_len) do { \
- (_buf_ptr) = ck_realloc(_buf_ptr, _buf_len + 1); \
+ (_buf_ptr) = ck_realloc(_buf_ptr, 1, 0, _buf_len + 1); \
(_buf_ptr)[_buf_len] = 0; \
} while (0)
skipfish-makefile.patch:
Makefile | 18 +++++++++++++++---
config.h | 4 ++--
2 files changed, 17 insertions(+), 5 deletions(-)
--- NEW FILE skipfish-makefile.patch ---
--- skipfish.old/Makefile 2010-03-30 17:53:01.000000000 +0200
+++ skipfish.new/Makefile 2010-04-02 21:40:59.000000000 +0200
@@ -25,10 +25,14 @@
INCFILES = alloc-inl.h string-inl.h debug.h types.h http_client.h \
database.h crawler.h analysis.h config.h report.h
-CFLAGS_GEN = -Wall -funsigned-char -g -ggdb -I/usr/local/include/ \
- -I/opt/local/include/ $(CFLAGS) -D_FORTIFY_SOURCE=2
+CFLAGS = -Wall -g -ggdb -D_FORTIFY_SOURCE=2 -O3
+CFLAGS_GEN = -funsigned-char -I/usr/local/include/ -I/opt/local/include/ $(CFLAGS)
CFLAGS_DBG = -DLOG_STDERR=1 -DDEBUG_ALLOCATOR=1 $(CFLAGS_GEN)
-CFLAGS_OPT = -O3 -Wno-format $(CFLAGS_GEN)
+CFLAGS_OPT = -Wno-format $(CFLAGS_GEN)
+
+PREFIX = /usr
+DATADIR = /share/skipfish
+BINDIR = /bin
LDFLAGS += -L/usr/local/lib/ -L/opt/local/lib
LIBS += -lcrypto -lssl -lidn -lz
@@ -60,3 +64,11 @@
publish: clean
cd ..; tar cfvz ~/www/skipfish.tgz skipfish
chmod 644 ~/www/skipfish.tgz
+
+install: $(PROGNAME)
+ install -m 755 -d $(DESTDIR)$(PREFIX)$(DATADIR)
+ install -m 755 -d $(DESTDIR)$(PREFIX)$(BINDIR)
+ install -m 755 skipfish $(DESTDIR)$(PREFIX)$(BINDIR)
+ cp -r assets $(DESTDIR)$(PREFIX)$(DATADIR)
+ cp -r dictionaries $(DESTDIR)$(PREFIX)$(DATADIR)
+
--- skipfish.old/config.h 2010-04-02 19:08:40.000000000 +0200
+++ skipfish.new/config.h 2010-04-02 20:48:08.000000000 +0200
@@ -29,8 +29,8 @@
/* Default paths to runtime files: */
-#define ASSETS_DIR "assets"
-#define DEF_WORDLIST "skipfish.wl"
+#define ASSETS_DIR "/usr/share/skipfish/assets"
+#define DEF_WORDLIST "/usr/share/skipfish/dictionaries/default.wl"
/* Various default settings for HTTP client (cmdline override): */
--- NEW FILE skipfish.spec ---
Name: skipfish
Version: 1.32
Release: 0.4.b%{?dist}
Summary: Web application security scanner
Group: Applications/Internet
#Whole package licensed with ASL 2.0 license except
#string-inl.h which has BSD type license
#icons which are licensed under LGPLv3
License: ASL 2.0 and BSD and LGPLv3
URL: http://code.google.com/p/skipfish/
Source0: http://%{name}.googlecode.com/files/%{name}-%{version}b.tgz
Patch0: %{name}-fortify.patch
Patch1: %{name}-makefile.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: openssl-devel
BuildRequires: libidn-devel
BuildRequires: zlib-devel
%description
High-performance, easy, and sophisticated Web application security testing
tool. It features a single-threaded multiplexing HTTP stack, heuristic
detection of obscure Web frameworks, and advanced, differential security
checks capable of detecting blind injection vulnerabilities, stored XSS,
and so forth.
%prep
%setup -q -n %{name}
%patch0 -p 1 -b .0fortify
%patch1 -p 1 -b .1makefile
cp -p assets/COPYING COPYING.icons
%build
#configure
#make %{?_smp_mflags}
#workaround issues with false buffer overflow by disabling the FORTIFY_SOURCE=2
#CFLAGS=`echo "%{optflags}"|sed -e 's/FORTIFY_SOURCE=[0-9]/FORTIFY_SOURCE=0/g'`
#make %{?_smp_mflags} CFLAGS="$CFLAGS"
make %{?_smp_mflags} CFLAGS="%{optflags}"
%install
rm -rf %{buildroot}
make install DESTDIR=%{buildroot}
rm -f %{buildroot}%{_datadir}/%{name}/assets/COPYING
%clean
rm -rf %{buildroot}
%files
%defattr(-,root,root,-)
%doc COPYING ChangeLog README
%dir %{_datadir}/%{name}
%dir %{_datadir}/%{name}/assets
%{_datadir}/%{name}/assets/index.html
%dir %{_datadir}/%{name}/dictionaries
%{_datadir}/%{name}/dictionaries/*
%{_bindir}/%{name}
#Icons are licensed as LGPLv3 http://www.everaldo.com/crystal/
%doc COPYING.icons
%{_datadir}/%{name}/assets/*.png
%changelog
* Wed Apr 28 2010 Michal Ambroz <rebus AT seznam.cz> - 1.32-0.4.b
- use fixed patch for memory allocation from Tomas Mraz <tmraz at redhat.doc>
* Tue Apr 27 2010 Michal Ambroz <rebus AT seznam.cz> - 1.32-0.3.b
- use new patch for memory allocation from Tomas Mraz <tmraz at redhat.doc>
* Fri Apr 23 2010 Michal Ambroz <rebus AT seznam.cz> - 1.32-0.2.b
- fix memory allocation to be compliant with FORTIFY_SOURCE
* Sun Apr 18 2010 Michal Ambroz <rebus AT seznam.cz> - 1.32-0.1.b
- Update to 1.32b
- merge back to 1 package on request of Tomas Mraz <tmraz AT redhat.com>
* Sun Apr 18 2010 Michal Ambroz <rebus AT seznam.cz> - 1.31-0.3.b
- return explicit dir to files
* Sun Apr 18 2010 Michal Ambroz <rebus AT seznam.cz> - 1.31-0.2.b
- Incorporated comments from Martin Gieseking <martin.gieseking AT uos.de>
* Sat Apr 17 2010 Michal Ambroz <rebus AT seznam.cz> - 1.31-0.1.b
- Update to 1.31b
* Sat Apr 10 2010 Michal Ambroz <rebus AT seznam.cz> - 1.30-0.1.b
- Update to 1.30b
* Mon Mar 29 2010 Michal Ambroz <rebus AT seznam.cz> - 1.29-0.1.b
- Update to 1.29b
* Mon Mar 29 2010 Michal Ambroz <rebus AT seznam.cz> - 1.26-0.2.b
- removed attr from the spec
- separate icons package with LGPLv3 license
* Thu Mar 25 2010 Michal Ambroz <rebus AT seznam.cz> - 1.26-0.1.b
- Update to 1.26b
- Incorporated comments from Martin Gieseking <martin.gieseking AT uos.de>
* Thu Mar 25 2010 Michal Ambroz <rebus AT seznam.cz> - 1.25b-1
- Update to 1.25b
* Tue Mar 23 2010 Michal Ambroz <rebus AT seznam.cz> - 1.16b-1
- Initial build for Fedora 12
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/skipfish/devel/.cvsignore,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- .cvsignore 4 May 2010 02:59:49 -0000 1.1
+++ .cvsignore 7 May 2010 22:56:13 -0000 1.2
@@ -0,0 +1 @@
+skipfish-1.32b.tgz
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/skipfish/devel/sources,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- sources 4 May 2010 02:59:49 -0000 1.1
+++ sources 7 May 2010 22:56:13 -0000 1.2
@@ -0,0 +1 @@
+051d56de04999366e10e1f6882d5da3d skipfish-1.32b.tgz
More information about the scm-commits
mailing list