This repository was archived by the owner on May 31, 2022. It is now read-only.

brainwane / secureapi Public archive

Notifications You must be signed in to change notification settings
Fork 0
Star 1

A webapp and webservice to check users' source code for security vulnerabilities, using clang's static analyzer for C

GPL-3.0 license

1 star 0 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 65 Commits
.gitignore		.gitignore
COPYING		COPYING
README.md		README.md
example.txt		example.txt
favicon.ico		favicon.ico
foo.c		foo.c
hhserver.py		hhserver.py
index.html		index.html
index.json		index.json
parse.rkt		parse.rkt
scorer.py		scorer.py
shim.sh		shim.sh

Repository files navigation

A web app and web service to check your source code for security vulnerabilities, using clang's static analyzer for C family languages.

By Sumana Harihareswara & Greg Hendershott while at the Recurse Center.

Requires Python 2.7, Racket 6.1, bash, and a fairly flexible attitude to the importance of implementing GET. You can deploy it using Docker.

Sample use

Install clang and Racket on your OS using your preferred package manager.
Write some bad C code and name your file badcode.c.
In one terminal, run: python hhserver.py
Use the server in two ways:
- In another terminal, run:
```
curl --data-binary @badcode.c -v http://localhost:8000/api/v1/analyze
```
  The HTTP response is a report in JSON format. The report contains an overall score from -∞ to 10, as well as a detailed list of issues.
- In your browser, visit http://localhost:8000/. Supply code in the text box, or, upload a C file. Click submit to get the report as a web page.

About

A webapp and webservice to check users' source code for security vulnerabilities, using clang's static analyzer for C

GPL-3.0 license

Report repository

Releases

No releases published

Packages

No packages published

Languages