aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--development/rats/README22
-rw-r--r--development/rats/rats.SlackBuild92
-rw-r--r--development/rats/rats.info10
-rw-r--r--development/rats/slack-desc19
4 files changed, 143 insertions, 0 deletions
diff --git a/development/rats/README b/development/rats/README
new file mode 100644
index 0000000000000..e470ebed27fa1
--- /dev/null
+++ b/development/rats/README
@@ -0,0 +1,22 @@
+RATS - Rough Auditing Tool for Security
+
+RATS is an open source tool developed and maintained by Secure Software
+security engineers. Secure Software was acquired by Fortify Software, Inc.
+RATS is a tool for scanning C, C++, Perl, PHP and Python source code and
+flagging common security related programming errors such as buffer overflows
+and TOCTOU (Time Of Check, Time Of Use) race conditions.
+
+RATS scanning tool provides a security analyst with a list of potential
+trouble spots on which to focus, along with describing the problem and
+potentially suggest remedies. It also provides a relative assessment of the
+potential severity of each problem, to better help an auditor prioritize.
+This tool also performs some basic analysis to try to rule out conditions
+that are obviously not problems.
+
+As its name implies, the tool performs only a rough analysis of source code.
+It will not find every error and will also find things that are not errors.
+Manual inspection of your code is still necessary, but greatly aided with
+this tool.
+
+Example usage - to analyze "main.c":
+rats --db /usr/share/rats-2.3/rats-c.xml main.c
diff --git a/development/rats/rats.SlackBuild b/development/rats/rats.SlackBuild
new file mode 100644
index 0000000000000..39ceca7aaf26a
--- /dev/null
+++ b/development/rats/rats.SlackBuild
@@ -0,0 +1,92 @@
+#!/bin/sh
+
+# Slackware build script for RATS
+
+# Written by Andrzej Telszewski <atelszewski@gmail.com>
+
+PRGNAM=rats
+VERSION=${VERSION:-2.3}
+ARCH=${ARCH:-i486}
+BUILD=${BUILD:-1}
+TAG=${TAG:-_SBo}
+
+CWD=$(pwd)
+TMP=${TMP:-/tmp/SBo}
+PKG=$TMP/package-$PRGNAM
+OUTPUT=${OUTPUT:-/tmp}
+
+if [ "$ARCH" = "i486" ]; then
+ SLKCFLAGS="-O2 -march=i486 -mtune=i686"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "i686" ]; then
+ SLKCFLAGS="-O2 -march=i686 -mtune=i686"
+ LIBDIRSUFFIX=""
+elif [ "$ARCH" = "x86_64" ]; then
+ SLKCFLAGS="-O2 -fPIC"
+ LIBDIRSUFFIX="64"
+fi
+
+set -e
+
+rm -rf $PKG
+mkdir -p $TMP $PKG $OUTPUT
+cd $TMP
+rm -rf $PRGNAM-$VERSION
+tar xvf $CWD/$PRGNAM-$VERSION.tar.gz
+cd $PRGNAM-$VERSION
+chown -R root:root .
+find . \
+ \( -perm 777 -o -perm 775 -o -perm 711 -o -perm 555 -o -perm 511 \) \
+ -exec chmod 755 {} \; -o \
+ \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
+ -exec chmod 644 {} \;
+
+CFLAGS="$SLKCFLAGS" \
+CXXFLAGS="$SLKCFLAGS" \
+./configure \
+ --prefix=/usr \
+ --libdir=/usr/lib${LIBDIRSUFFIX} \
+ --sysconfdir=/etc \
+ --localstatedir=/var \
+ --mandir=/usr/man \
+ --includedir=/usr/include \
+ --build=$ARCH-slackware-linux
+
+# it seems to be required to specify locations...
+make \
+ BINDIR=/usr/bin \
+ LIBDIR=/usr/lib${LIBDIRSUFFIX} \
+ MANDIR=/usr/man \
+ SHAREDIR=/usr/share/$PRGNAM-$VERSION
+make install \
+ BINDIR=$PKG/usr/bin \
+ LIBDIR=$PKG/usr/lib${LIBDIRSUFFIX} \
+ MANDIR=$PKG/usr/man \
+ SHAREDIR=$PKG/usr/share/$PRGNAM-$VERSION
+
+# this directory seems to be not used
+rmdir $PKG/usr/lib${LIBDIRSUFFIX}
+
+( cd $PKG
+ find . | xargs file | grep "executable" | grep ELF | cut -f 1 -d : | \
+ xargs strip --strip-unneeded 2> /dev/null || true
+ find . | xargs file | grep "shared object" | grep ELF | cut -f 1 -d : | \
+ xargs strip --strip-unneeded 2> /dev/null || true
+)
+
+( cd $PKG/usr/man
+ find . -type f -exec gzip -9 {} \;
+ for i in $( find . -type l ) ; do ln -s $( readlink $i ).gz $i.gz ; rm $i ; done
+)
+
+mkdir -p $PKG/usr/doc/$PRGNAM-$VERSION
+cp -a \
+ COPYING rats.dsp rats.dsw rats.spec README \
+ $PKG/usr/doc/$PRGNAM-$VERSION
+cat $CWD/$PRGNAM.SlackBuild > $PKG/usr/doc/$PRGNAM-$VERSION/$PRGNAM.SlackBuild
+
+mkdir -p $PKG/install
+cat $CWD/slack-desc > $PKG/install/slack-desc
+
+cd $PKG
+/sbin/makepkg -l y -c n $OUTPUT/$PRGNAM-$VERSION-$ARCH-$BUILD$TAG.${PKGTYPE:-tgz}
diff --git a/development/rats/rats.info b/development/rats/rats.info
new file mode 100644
index 0000000000000..b545afb1cee0d
--- /dev/null
+++ b/development/rats/rats.info
@@ -0,0 +1,10 @@
+PRGNAM="rats"
+VERSION="2.3"
+HOMEPAGE="http://www.fortify.com/security-resources/rats.jsp"
+DOWNLOAD="http://www.fortify.com/servlet/downloads/public/rats-2.3.tar.gz"
+MD5SUM="339ebe60fc61789808a457f6f967d226"
+DOWNLOAD_x86_64=""
+MD5SUM_x86_64=""
+MAINTAINER="Andrzej Telszewski"
+EMAIL="atelszewski@gmail.com"
+APPROVED="rworkman"
diff --git a/development/rats/slack-desc b/development/rats/slack-desc
new file mode 100644
index 0000000000000..9f92c2b6c7b0c
--- /dev/null
+++ b/development/rats/slack-desc
@@ -0,0 +1,19 @@
+# HOW TO EDIT THIS FILE:
+# The "handy ruler" below makes it easier to edit a package description. Line
+# up the first '|' above the ':' following the base package name, and the '|' on
+# the right side marks the last column you can put a character in. You must make
+# exactly 11 lines for the formatting to be correct. It's also customary to
+# leave one space after the ':'.
+
+ |-----handy-ruler------------------------------------------------------|
+rats: rats (Rough Auditing Tool for Security)
+rats:
+rats: RATS is a tool for scanning C, C++, Perl, PHP and Python source code
+rats: and flagging common security related programming errors such as
+rats: buffer overflows and TOCTOU (Time Of Check, Time Of Use) race
+rats: conditions.
+rats:
+rats: Homepage: http://www.fortify.com/security-resources/rats.jsp
+rats:
+rats:
+rats: