commit 13b65f01132c41be9ab8d9f92c2c5ca605c366d8 parent 62d99253144a14648c4da1c2a60c01e7b06ef02c Author: Louis Burda <quent.burda@gmail.com> Date: Sat, 29 May 2021 14:24:31 +0200 changed repo structure and commited releease files such that default docker-compose worklow commands work in testvm Diffstat:
34 files changed, 126 insertions(+), 125 deletions(-)
diff --git a/service/.dockerignore b/.dockerignore diff --git a/service/.gitignore b/.gitignore diff --git a/README.md b/README.md @@ -3,3 +3,11 @@ Enowars5 STLDoctor An STL file inspection service 🔍. + +General +------- + +Prebuilt service files are avilable in `/service`, source in `/src` and +automation via `do.sh`. + +More details to service functionality in `/documentation`! diff --git a/do.sh b/do.sh @@ -0,0 +1,90 @@ +#!/bin/sh + +SCRIPTPATH="$(dirname $(readlink -f "$0"))" +cd "$SCRIPTPATH" + +makefile=" +all: .cleansrc + +.cleansrc: src/* + bash do.sh cleansrc src service/src + touch .cleansrc +" + +shopt -s expand_aliases +alias pushd="pushd &>/dev/null" +alias popd="popd &>/dev/null" + +if [ "$1" == "compose" ]; then + # ensure built service files are up to date + make --file <(echo "$makefile") + + # forward commands to compose + pushd service + docker-compose ${@:2} + popd +elif [ "$1" == "cleansrc" ]; then + if [ $# -lt 3 ]; then + echo "USAGE: do.sh cleansrc <SRC> <DST>" + exit 0 + fi + + # copy files + src="$2" + dst="$3" + [ -e "$dst" ] && rm -rf "$dst" + mkdir -p "$dst" + cp -r "$src"/{*.c,*.h,Makefile,msgs} "$dst" + + # strip comments + find "$dst" | while read path; do + if [ -f "$path" ]; then + if [ ! -z $(echo "$path" | grep '.[hc]$') ]; then + sed -i -e 's/^\s*\/\*.*\*\/\s*$//g' "$path" # remove /* */ style comments + sed -i -e 's/\s*\/\*.*\*\/\s*/ /g' "$path" # remove /* */ style comments + sed -i -e 's/\/\/.*//g' "$path" # remove // style comments + sed -i -e ':a;N;$!ba;s/\n\{3,\}/\n\n/g' "$path" # collapse multiple newlines + sed -i -e 's/fprintf(\s*stderr\s*,\s*/printf(/g' "$path" # replace fprintf stderr + elif [ "$(basename "$path")" == "Makefile" ]; then + sed -i -e 's/\s*#.*//g' "$path" # remove # style comments + sed -i -e ':a;N;$!ba;s/\n\{3,\}/\n\n/g' "$path" # collapse multiple newlines + fi + fi + done +elif [ "$1" == "test" ]; then + SRCDIR="$PWD/src" DATADIR="$PWD/service/data" bash "tests/test.sh" ${@:2} +elif [ "$1" == "make" ]; then + # build a normal version + pushd src + if [ -e ".safebuild" ]; then + make clean + rm ".safebuild" + fi + make + popd +elif [ "$1" == "make-safe" ]; then + # build a 'safe' version with flagstore patches + + pushd src + make clean + touch ".safebuild" + + for f in $(ls | grep '\.[ch]$'); do + cp "$f" "safe_$f" + done + + git apply patches/flagstore1.diff + git apply patches/flagstore2.diff + + PREFIX="safe_" make + + rm safe_* + popd +else + echo "USAGE: do.sh (compose) [args..]" + echo "EXAMPLES:" + echo " do.sh compose up --build # starts the docker container" + echo " do.sh cleansrc <src> <dst> # post-process source files for release" + echo " do.sh make-safe # create patched version of binary" + echo " do.sh test <cmd> # run a test on the binary" +fi diff --git a/service/.gitignore b/service/.gitignore @@ -1,4 +1 @@ -data/* -!data/.keep -.cleansrc -src/.safebuild +data/ diff --git a/service/container/Dockerfile b/service/Dockerfile diff --git a/service/container/cleaner.sh b/service/cleaner.sh diff --git a/service/container/.gitignore b/service/container/.gitignore @@ -1,2 +0,0 @@ -src/ -data/ diff --git a/service/container/data/lastclean b/service/container/data/lastclean diff --git a/service/do.sh b/service/do.sh @@ -1,90 +0,0 @@ -#!/bin/sh - -SCRIPTPATH="$(dirname $(readlink -f "$0"))" -cd "$SCRIPTPATH" - -makefile=" -all: .cleansrc - -.cleansrc: src/* - bash do.sh cleansrc src container/src - touch .cleansrc -" - -shopt -s expand_aliases -alias pushd="pushd &>/dev/null" -alias popd="popd &>/dev/null" - -if [ "$1" == "compose" ]; then - # ensure container files are up to date - make --file <(echo "$makefile") - - # forward commands to compose - pushd container - docker-compose ${@:2} - popd -elif [ "$1" == "cleansrc" ]; then - if [ $# -lt 3 ]; then - echo "USAGE: do.sh cleansrc <SRC> <DST>" - exit 0 - fi - - # copy files - src="$2" - dst="$3" - [ -e "$dst" ] && rm -rf "$dst" - mkdir -p "$dst" - cp -r "$src"/{*.c,*.h,Makefile,msgs} "$dst" - - # strip comments - find "$dst" | while read path; do - if [ -f "$path" ]; then - if [ ! -z $(echo "$path" | grep '.[hc]$') ]; then - sed -i -e 's/^\s*\/\*.*\*\/\s*$//g' "$path" # remove /* */ style comments - sed -i -e 's/\s*\/\*.*\*\/\s*/ /g' "$path" # remove /* */ style comments - sed -i -e 's/\/\/.*//g' "$path" # remove // style comments - sed -i -e ':a;N;$!ba;s/\n\{3,\}/\n\n/g' "$path" # collapse multiple newlines - sed -i -e 's/fprintf(\s*stderr\s*,\s*/printf(/g' "$path" # replace fprintf stderr - elif [ "$(basename "$path")" == "Makefile" ]; then - sed -i -e 's/\s*#.*//g' "$path" # remove # style comments - sed -i -e ':a;N;$!ba;s/\n\{3,\}/\n\n/g' "$path" # collapse multiple newlines - fi - fi - done -elif [ "$1" == "test" ]; then - SRCDIR="$PWD/src" DATADIR="$PWD/container/data" bash "tests/test.sh" ${@:2} -elif [ "$1" == "make" ]; then - # build a normal version - pushd src - if [ -e ".safebuild" ]; then - make clean - rm ".safebuild" - fi - make - popd -elif [ "$1" == "make-safe" ]; then - # build a 'safe' version with flagstore patches - - pushd src - make clean - touch ".safebuild" - - for f in $(ls | grep '\.[ch]$'); do - cp "$f" "safe_$f" - done - - git apply patches/flagstore1.diff - git apply patches/flagstore2.diff - - PREFIX="safe_" make - - rm safe_* - popd -else - echo "USAGE: do.sh (compose) [args..]" - echo "EXAMPLES:" - echo " do.sh compose up --build # starts the docker container" - echo " do.sh cleansrc <src> <dst> # post-process source files for release" - echo " do.sh make-safe # create patched version of binary" - echo " do.sh test <cmd> # run a test on the binary" -fi diff --git a/service/container/docker-compose.yml b/service/docker-compose.yml diff --git a/service/container/entrypoint.sh b/service/entrypoint.sh diff --git a/service/src/Makefile b/service/src/Makefile @@ -1,6 +1,5 @@ CFLAGS = -g -I . -# fortify source code CFLAGS += -fPIE -fstack-protector-strong -D_FORTIFY_SOURCE=2 -O2 LDFLAGS = -Wl,-z,now -Wl,-z,relro diff --git a/service/src/main.c b/service/src/main.c @@ -144,21 +144,21 @@ upload_cmd(const char *arg) bufp = ask("How large is your file? "); len = strtoul(bufp, &end, 10); if (len <= 0 || len >= MAXFILESIZE || *end) { - fprintf(stderr, "Invalid file length!\n"); + printf("Invalid file length!\n"); return; } printf("Ok! Im listening..\n"); contents = checkp(malloc(len + 1)); if (fread(contents, 1, len, stdin) != len) { - fprintf(stderr, "Hm, I'm missing some bytes.. try again!\n"); + printf("Hm, I'm missing some bytes.. try again!\n"); goto cleanup; } contents[len] = '\0'; if ((cached.valid = parse_file(&cached, contents, len))) { if (save_submission(&cached, contents, len) != OK) - fprintf(stderr, "Failed to save your submission!\n"); + printf("Failed to save your submission!\n"); else printf("Your file was saved with ID %s!\n", cached.hash); } @@ -180,7 +180,7 @@ search_cmd(const char *arg) if (arg && !strcmp(arg, "last")) { if (!cached.valid) { - fprintf(stderr, "No cached info report available\n"); + printf("No cached info report available\n"); return; } hash = cached.hash; @@ -201,12 +201,12 @@ search_cmd(const char *arg) } if (i == 0) { - fprintf(stderr, "Sorry, couldnt find a matching scan result!\n"); + printf("Sorry, couldnt find a matching scan result!\n"); goto cleanup; } else { which = strtoul(ask("Which of these results? "), &end, 10); if (which >= i || which < 0 || *end) { - fprintf(stderr, "Invalid index!\n"); + printf("Invalid index!\n"); goto cleanup; } } @@ -224,9 +224,8 @@ search_cmd(const char *arg) } } - /* file got cleaned up during race condition by background task */ if (!scandir) { - fprintf(stderr, "Selected result spontaneously combusted!\n"); + printf("Selected result spontaneously combusted!\n"); goto cleanup; } @@ -271,7 +270,7 @@ list_cmd(const char *arg) DIR *d; if (!loggedin) { - fprintf(stderr, "Not logged in!\n"); + printf("Not logged in!\n"); return; } @@ -283,7 +282,7 @@ list_cmd(const char *arg) path = aprintf("%s/%s/info", resultdir, de->d_name); if ((f = fopen(path, "r"))) { if (load_info(&info, f) != OK) - fprintf(stderr, "Failed to read saved file info!\n"); + printf("Failed to read saved file info!\n"); else print_info(&info); fclose(f); @@ -301,7 +300,7 @@ auth_cmd(const char *arg) int ret; if (loggedin) { - fprintf(stderr, "Already logged in!\n"); + printf("Already logged in!\n"); return; } @@ -313,7 +312,7 @@ auth_cmd(const char *arg) } else if (ret && errno == EEXIST) { printf("Success!\nWelcome back!\n"); } else { - fprintf(stderr, "Auth failed!\n"); + printf("Auth failed!\n"); return; } @@ -339,7 +338,7 @@ main() int exit, i, cmdlen; if (!(resultdir = checkp(strdup(getenv("RESULTDIR"))))) { - fprintf(stderr, "RESULTDIR not defined\n"); + printf("RESULTDIR not defined\n"); return 1; } @@ -371,6 +370,6 @@ main() } if (i == ARRSIZE(commands) && strlen(cmd) != 0) - fprintf(stderr, "No such command!\n"); + printf("No such command!\n"); } } diff --git a/service/src/stlfile.c b/service/src/stlfile.c @@ -98,7 +98,7 @@ consume_keyword(char **start) for (i = 0; i < ARRSIZE(kwmap); i++) { len = strlen(kwmap[i].str); if (!strncmp(kwmap[i].str, bp, len) && (!bp[len] || isws(bp[len]))) { - // printf("GOT: %s\n", kwmap[i].str); + *start = bp + len + (bp[len] ? 1 : 0); return kwmap[i].code; } @@ -108,7 +108,7 @@ consume_keyword(char **start) } #define PARSE_FAIL(...) \ - do { fprintf(stderr, "FORMAT ERR: " __VA_ARGS__); goto fail; } while (0) + do { printf("FORMAT ERR: " __VA_ARGS__); goto fail; } while (0) int parse_file_ascii(struct parseinfo *info, char *buf, size_t len) @@ -272,13 +272,12 @@ parse_file(struct parseinfo *info, char *buf, size_t len) if (info->valid) free_info(info); if (len < 7) { - fprintf(stderr, "File too small!\n"); + printf("File too small!\n"); return FAIL; } info->filesize = len; - /* check bin vs ascii with first keyword */ for (bp = buf; isws(*bp); bp++); status = !strncmp("solid", bp, 5) && isws(bp[5]) ? parse_file_ascii(info, buf, len) @@ -290,7 +289,7 @@ parse_file(struct parseinfo *info, char *buf, size_t len) if (!info->modelname) { resp = ask("Please enter your model name: "); if (strlen(resp) < 4) { - fprintf(stderr, "Model name is too short!\n"); + printf("Model name is too short!\n"); return FAIL; } info->modelname = checkp(strdup(resp)); diff --git a/service/src/stlfile.h b/service/src/stlfile.h @@ -51,4 +51,4 @@ int load_info(struct parseinfo *info, FILE *f); void print_info(struct parseinfo *info); void free_info(struct parseinfo *info); -#endif /* STLFILE_H */ +#endif diff --git a/service/src/util.c b/service/src/util.c @@ -13,7 +13,7 @@ die(const char *fmtstr, ...) va_list ap; va_start(ap, fmtstr); - vfprintf(stderr, fmtstr, ap); + vprintf(fmtstr, ap); va_end(ap); exit(EXIT_FAILURE); @@ -49,9 +49,6 @@ mhash(const char *str, int len) int i, k, v; char c, *bp; - /* VULN #2: BUFFER OVERFLOW */ - /* see documentation/README.md for more details */ - if (len == -1) len = strlen(str); for (v = 0, i = 0; i < len; i++) v += str[i]; @@ -80,9 +77,6 @@ freadstr(FILE *f, char **dst) size_t start, len, tmp; char c; - /* VULN #1: BAD CAST */ - /* see documentation/README.md for more details */ - start = ftell(f); for (len = 0; (c = fgetc(f)) != EOF && c; len++); fseek(f, start, SEEK_SET); diff --git a/service/src/util.h b/service/src/util.h @@ -35,4 +35,4 @@ float fle32toh(float v); extern int echo; -#endif /* UTIL_H */ +#endif diff --git a/service/src/.gitignore b/src/.gitignore diff --git a/service/src/Makefile b/src/Makefile diff --git a/service/src/main.c b/src/main.c diff --git a/src/msgs/cat_flag b/src/msgs/cat_flag @@ -0,0 +1,5 @@ + + /\_/\ [ENO] _ + = u u =_______| \\ + _ w __( \__)) + c_____>__(_____)__, diff --git a/src/msgs/welcome b/src/msgs/welcome @@ -0,0 +1,2 @@ +Welcome to STLDoctor! +Submit a stl file and we'll analyze it! diff --git a/service/src/patches/flagstore1.diff b/src/patches/flagstore1.diff diff --git a/service/src/patches/flagstore2.diff b/src/patches/flagstore2.diff diff --git a/service/src/stlfile.c b/src/stlfile.c diff --git a/service/src/stlfile.h b/src/stlfile.h diff --git a/service/src/util.c b/src/util.c diff --git a/service/src/util.h b/src/util.h diff --git a/service/tests/data/evil1.stl b/tests/data/evil1.stl diff --git a/service/tests/data/flag1.stl b/tests/data/flag1.stl diff --git a/service/tests/data/sample-ascii.stl b/tests/data/sample-ascii.stl diff --git a/service/tests/data/sample-binary.stl b/tests/data/sample-binary.stl Binary files differ. diff --git a/service/tests/test.sh b/tests/test.sh