-
Notifications
You must be signed in to change notification settings - Fork 0
/
README
122 lines (98 loc) · 5.26 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
RATS - Rough Auditing Tool for Security
This is RATS, a rough auditing tool for security, developed by Secure
Software Inc. It is a tool for scanning C, C++, Perl, PHP, Python
and Ruby source code and flagging common security related programming
errors such as buffer overflows and TOCTOU (Time Of Check, Time Of
Use) race conditions. As its name implies, the tool performs only a
rough analysis of source code. It will not find every error and will
also find things that are not errors. Manual inspection of your code
is still necessary, but greatly aided with this tool.
RATS is free software. You may copy, distribute, and modify it under
the terms of the GNU Public License as contained in the file named
COPYING that has been included with this distribution.
Requirements
------------
RATS requires expat to be installed in order to build and run. Expat
is often installed in /usr/local/lib and /usr/local/include. On some
systems, you will need to specify --with-expat-lib and
--with-expat-include options to configure so that it can find your
installation of the library and header.
Expat can be found at: http://expat.sourceforge.net/
Installation
------------
Building and installation of RATS is simple. To build, you simply
need to run the configuration shell script in the distribution's
top-level directory:
./configure
The configuration script is a standard autoconf generation
configuration script and accepts many options. Run configure with the
--help option to see what options are available.
Once the configuration script has completed successfully, simply run
make in the distribution's top-level directory to build the program:
make
By default, RATS will be installed to /usr/local/bin and its
vulnerability database will be installed to /usr/local/lib. You may
change the installation directories of both with the --prefix option
to configure. You may optionally use the --bindir and --datadir to
specify more precise locations for the files that are installed.
To install after building, simply run make with the install target:
make install
This will copy the built binary, rats, to the binary installation
directory and the vulnerability database, rats.xml, to the data
installation directory.
Running RATS
------------
Once you have built and installed RATS, it's time to start auditing
your software! RATS accepts a few command line options that will be
described here and accepts a list of files to audit on the command
line. If no files to audit are specified, stdin will be used.
usage: rats [options] [file]...
Options explained:
-d <filename>, --db <filename>, --database <filename>
Specifies a vulnerability database to be loaded. You may
have multiple -d options and each database specified will
be loaded.
-h, --help Displays a brief usage summary
-i, --input Causes a list of function calls that were used which
accept external input to be produced at the end of the
vulnerability report.
-l <lang>, --language <lang>
Force the specified language to be used regardless of
filename extension. Currently valid language names are
"c", "perl", "php", "python" and "ruby".
-r, --references
Causes references to vulnerable function calls that are not
being used as calls themselves to be reported.
-w <level>, --warning<level>
Sets the warning level. Valid levels are 1, 2 or 3.
Warning level 1 includes only default and high severity
Level 2 includes medium severity. Level 2 is the default
warning level 3 includes low severity vulnerabilities.
-x Causes the default vulnerability databases (which are in
the installation data directory, /usr/local/lib by default)
to not be loaded.
-R, --no-recursion
Disable recursion into subdirectories.
--xml Cause output to be in XML
--html Cause output to be in HTML
--follow-symlinks
Evaluate and follow symlinks.
When started, RATS will scan each file specified on the command line and
produce a report when scanning is complete. What vulnerabilities are reported
in the final report depend on the data contained in the vulnerability database
or databases that are used and the warning level in use.
For each vulnerability, the list of files and line numbers where it occured is
given, followed by a brief description of the vulnerability and suggested
action.
Contact
-------
RATS is authored, maintained and distributed by Secure Software, Inc. All
bug reports, patches, database contributions, comments, etc. should be sent to
rats@securesoftware.com. Our website is http://www.securesoftware.com/
Acknowledgments
---------------
Thanks to Mike Ellison for providing the legwork on the initial port
of rats-1.3 to the Win32 platform.
Special thanks to Ben Laurie for many significant contributions,
including the OpenSSL-specific portions of the database.
Thanks to Adam Lazur for originally authoring the man page