[prev in list] [next in list] [prev in thread] [next in thread]
List: nessus-plugins-writers
Subject: [Plugins-writers] libnasl patchset [4/6]
From: Dirk Jagdmann <doj () cubic ! org>
Date: 2007-07-29 9:30:06
Message-ID: 46AC5E1E.5070302 () cubic ! org
[Download RAW message or body]
Description of patch:
----------------------
Now using the NASL_INCLUDE_PATH environment variable to search
directories for include()'ed files. The code can currently handle up to
127 directories listed in NASL_INCLUDE_PATH, but this limit can either
be raised by altering the "#define inc_dirs_s 127" or by rewriting the
code to use a linked list/realloced buffer etc.
Further the handling of the current directory of the nasl interpreter
might not be 100% optimal, but this would need further investigation on
the usage of included files with a relative pathname and a better
understanding of the internal concepts of the nasl interpreter relating
to its current directory.
--
---> Dirk Jagdmann ^ doj / cubic
----> http://cubic.org/~doj
-----> http://llg.cubic.org
["include_path.patch" (text/x-patch)]
Index: libnasl/nasl/nasl_grammar.y
===================================================================
--- libnasl.orig/nasl/nasl_grammar.y 2007-07-26 19:59:51.000000000 +0200
+++ libnasl/nasl/nasl_grammar.y 2007-07-29 11:15:28.000000000 +0200
@@ -277,10 +277,11 @@
/* include */
inc: INCLUDE '(' string ')'
{
+ naslctxt *naslctx=(naslctxt*)parm;
naslctxt subctx;
int x;
- subctx.always_authenticated = ((naslctxt*)parm)->always_authenticated;
+ subctx.always_authenticated = naslctx->always_authenticated;
x = init_nasl_ctx(&subctx, $3);
$$ = NULL;
if (x >= 0)
@@ -297,13 +298,18 @@
subctx.fp = NULL;
/* If we are an authenticated script and the script we include is *NOT* \
authenticated, then we lose our authentication status */
- if ( ((naslctxt*)parm)->always_authenticated == 0 &&
- ((naslctxt*)parm)->authenticated != 0 && subctx.authenticated == 0 )
+ if ( naslctx->always_authenticated == 0 &&
+ naslctx->authenticated != 0 && subctx.authenticated == 0 )
{
- ((naslctxt*)parm)->authenticated = 0;
+ naslctx->authenticated = 0;
nasl_perror(NULL, "Including %s which is not authenticated - losing our \
authenticated status\n", $3); }
}
+ else
+ {
+ fprintf(stderr, "%s:%i: could not locate %s\n", "xxx", naslctx->line_nb, $3);
+ YYERROR;
+ }
efree(& $3);
} ;
@@ -476,20 +482,16 @@
int
init_nasl_ctx(naslctxt* pc, const char* name)
{
- char line[1024];
char full_name[MAXPATHLEN];
-#ifdef MULTIPLE_INCLUDE_DIRS
- static const char* inc_dirs[] = { ".", "/tmp" }; /* TBD */
-#endif
+
pc->line_nb = 1;
pc->tree = NULL;
pc->buffer = emalloc(80);
pc->maxlen = 80;
pc->authenticated = 0;
+ pc->fp = NULL;
-#ifdef MULTIPLE_INCLUDE_DIRS
if (name[0] == '/') /* absolute path */
-#endif
{
/* Shouldn't we reject the file? */
if ((pc->fp = fopen(name, "r")) == NULL)
@@ -498,29 +500,61 @@
return -1;
}
strncpy(full_name, name, sizeof(full_name) - 1);
- goto authenticate;
}
-#ifdef MULTIPLE_INCLUDE_DIRS
else
{
int i;
+#define inc_dirs_s 127
+ const char* inc_dirs[inc_dirs_s+1]; /* should be dynamic later */
+ char* NASL_INCLUDE_PATH=0;
+
+ /* populate inc_dirs */
+ memset(inc_dirs, 0, sizeof(inc_dirs));
+ inc_dirs[0]=".";
+
+ if(getenv("NASL_INCLUDE_PATH"))
+ {
+ char *nip=strdup(getenv("NASL_INCLUDE_PATH"));
+ NASL_INCLUDE_PATH=nip;
+ for(i=1; i<inc_dirs_s && *nip; ++i)
+ {
+ inc_dirs[i]=nip;
+ while(*nip)
+ {
+ if(*nip == ':')
+ {
+ *nip=0;
+ ++nip;
+ break;
+ }
+ ++nip;
+ }
+ }
+ }
+#undef inc_dirs_s
- for (i = 0; i < sizeof(inc_dirs) / sizeof(*inc_dirs); i ++)
+ /* traverse inc_dirs and try to find the file */
+ for(i=0; inc_dirs[i]; ++i)
{
snprintf(full_name, sizeof(full_name), "%s/%s", inc_dirs[i], name);
- if ((pc->fp = fopen(full_name, "r")) != NULL)
- goto authenticate;
- perror(full_name);
+ /*fprintf(stderr, "trying %s\n", full_name);*/
+ if ((pc->fp = fopen(full_name, "r")))
+ break;
}
- return -1;
+
+ if(NASL_INCLUDE_PATH)
+ free(NASL_INCLUDE_PATH);
+
+ /* check if we found a file */
+ if(!pc->fp)
+ return -1;
}
-#endif
-authenticate:
if ( pc->always_authenticated )
pc->authenticated = 1;
else
{
+ char line[1024];
fgets(line, sizeof(line) - 1, pc->fp);
line[sizeof(line) - 1] = '\0';
if ( strncmp(line, "#TRUSTED", strlen("#TRUSTED") ) == 0 )
Index: libnasl/NEWS
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
+++ libnasl/NEWS 2007-07-26 20:08:27.000000000 +0200
@@ -0,0 +1 @@
+- add support for NASL_INCLUDE_PATH environment variable
Index: libnasl/doc/nasl.1
===================================================================
--- libnasl.orig/doc/nasl.1 2007-07-26 19:59:50.000000000 +0200
+++ libnasl/doc/nasl.1 2007-07-26 20:08:27.000000000 +0200
@@ -1,68 +1,70 @@
-.TH NASL 1 "May 2006" "Nessus Project" "Nessus Attack Scripting Language"
-.SH NAME
+.TH "NASL" "1" "May 2006" "Nessus Project" "Nessus Attack Scripting Language"
+.SH "NAME"
nasl \- Nessus Attack Scripting Language
-.SH SYNOPSIS
+.SH "SYNOPSIS"
.B nasl
-.I <[-vh] [-T tracefile] [-s] [-t target] [-sX] > files...
-.SH DESCRIPTION
+.I <[\-vh] [\-T tracefile] [\-s] [\-t target] [\-sX] > files...
+.SH "DESCRIPTION"
.BR nasl
executes a set of NASL scripts against a given target host. It can
also be used to determine if a NASL script has any syntax errors by running
-it in parse (\fB-p\fR) or lint (\fB-L\fR) mode.
+it in parse (\fB\-p\fR) or lint (\fB\-L\fR) mode.
-.SH OPTIONS
-.TP
+.SH "OPTIONS"
+.TP
.B \-T tracefile
Makes nasl write verbosely what the script does in the file
.I tracefile
-, ala 'set -x' under sh
+, ala 'set \-x' under sh
-.TP
+.TP
.B \-t target
Apply the NASL script to
.I target
which may be a single host (127.0.0.1), a whole subnet (192.168.1.0/24)
or several subnets (192.168.1.0/24, 192.168.243.0/24)
-
-.TP
+.TP
.B \-s
Sets the return value of safe_checks() to 1. (See the nessusd manual to know
what the safe checks are)
-.TP
+.TP
.B \-D
Only run the description part of the script.
-.TP
+.TP
.B \-L
.BI Lint
the script (run extended checks).
-.TP
+.TP
.B \-X
Run the script in
.BI authenticated
mode. For more information see the nasl reference manual
-.TP
+.TP
.B \-h
Show help
-.TP
+.TP
.B \-v
Show the version of NASL.
-.SH SEE ALSO
-.BR The\ NASL2\ reference\ manual,
-.BR http://www.nessus.org/nasl2ref.pdf,
+.SH "ENVIRONMENT"
+.TP
+\fBNASL_INCLUDE_PATH
+Used by include() to find included nasl sources. Separate directories with ':'.
+.SH "SEE ALSO"
+.BR The\ NASL2\ reference\ manual (http://www.nessus.org/nasl2ref.pdf),
.BR nessus (1),
.BR nessusd (8).
-.SH HISTORY
-NASL comes from a private project called 'pkt_forge', which was written in late 1998 \
by Renaud Deraison and which was an interactive shell to forge and send raw IP \
packets (this pre-dates Perl's Net::RawIP by a couple of weeks). It was then extended \
to do a wide range of network-related operations and integrated into Nessus as \
'NASL'. +.SH "HISTORY"
+NASL comes from a private project called 'pkt_forge', which was written in late 1998 \
by Renaud Deraison and which was an interactive shell to forge and send raw IP \
packets (this pre\-dates Perl's Net::RawIP by a couple of weeks). It was then \
extended to do a wide range of network\-related operations and integrated into Nessus \
as 'NASL'.
-The parser was completely hand-written and a pain to work with. In Mid-2002, Michel \
Arboi wrote a bison parser for NASL, and he and Renaud Deraison re-wrote NASL from \
scratch. Although the "new" NASL was nearly working as early as +The parser was \
completely hand\-written and a pain to work with. In Mid\-2002, Michel Arboi wrote a \
bison parser for NASL, and he and Renaud Deraison re\-wrote NASL from scratch. \
Although the "new" NASL was nearly working as early as August 2002, Michel's \
lazyness made us wait for early 2003 to have it working completely.
-.SH AUTHOR
-Most of the engine is (C) 2003 Michel Arboi, most of the built-in functions
+.SH "AUTHOR"
+Most of the engine is (C) 2003 Michel Arboi, most of the built\-in functions
are (C) 2003 Renaud Deraison
Index: libnasl/TODO
===================================================================
--- libnasl.orig/TODO 2007-07-26 19:59:50.000000000 +0200
+++ libnasl/TODO 2007-07-26 20:08:27.000000000 +0200
@@ -20,3 +20,12 @@
local_var a; a["drei"]=3; return a;
}
if(f()["drei"] == 3) { ... }
+
+** in exec.c:execute_nasl_script() handle current directory correctly
+
+The current code only works in the supplied filename is located in the
+current directory or if it is an absolute filename, in which case
+the process chdirs to the directory of the file.
+
+If the filename is a relative pathname the function currently does not
+chdir and thus further relative includes may have a wrong offset.
Index: libnasl/nasl/exec.c
===================================================================
--- libnasl.orig/nasl/exec.c 2007-07-26 19:59:51.000000000 +0200
+++ libnasl/nasl/exec.c 2007-07-29 11:15:29.000000000 +0200
@@ -1716,7 +1716,7 @@
tree_cell *ret;
lex_ctxt *lexic;
char old_dir[MAXPATHLEN+1];
- char *newdir;
+ char *newdir=0;
char *old;
tree_cell tc;
struct arglist* prefs = arg_get_value(script_infos, "preferences");
@@ -1743,8 +1743,9 @@
efree(&old);
arg_set_value(script_infos, "script_name", strlen(name), estrdup(name));
}
-
- newdir = strrchr(name, '/');
+
+ if(name[0] == '/')
+ newdir = strrchr(name, '/');
if(newdir != NULL)
{
char dir[MAXPATHLEN+1];
_______________________________________________
Plugins-writers mailing list
Plugins-writers@list.nessus.org
http://mail.nessus.org/mailman/listinfo/plugins-writers
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic