Skip to content
Browse files

libinjection: Sync with upstream v3.9.1.

  • Loading branch information...
2 parents d84eef6 + 5215c67 commit 6742af864f6f65761d1444450f20428ab0f1a3a4 @b1v1r b1v1r committed Feb 1, 2014
Showing with 5,343 additions and 4,723 deletions.
  1. +13 −0 libs/libinjection/CHANGELOG.md
  2. +11 −12 libs/libinjection/README.md
  3. +3 −0 libs/libinjection/c/.gitignore
  4. +38 −29 libs/libinjection/c/Makefile
  5. +37 −0 libs/libinjection/c/clang-static-analyzer.sh
  6. +17 −0 libs/libinjection/c/clang.sh
  7. +7 −4 libs/libinjection/c/example1.c
  8. +1 −707 libs/libinjection/c/fingerprints.txt
  9. +60 −0 libs/libinjection/c/fingerprints2sqli.py
  10. +20 −2 libs/libinjection/c/fptool.c
  11. +11 −279 libs/libinjection/c/libinjection.h
  12. +746 −0 libs/libinjection/c/libinjection_html5.c
  13. +45 −0 libs/libinjection/c/libinjection_html5.h
  14. +149 −91 libs/libinjection/c/libinjection_sqli.c
  15. +295 −0 libs/libinjection/c/libinjection_sqli.h
  16. +7 −669 libs/libinjection/c/libinjection_sqli_data.h
  17. +331 −0 libs/libinjection/c/libinjection_xss.c
  18. +21 −0 libs/libinjection/c/libinjection_xss.h
  19. +40 −4 libs/libinjection/c/make_parens.py
  20. +69 −15 libs/libinjection/c/reader.c
  21. +10 −6 libs/libinjection/c/sqli_cli.c
  22. +1 −0 libs/libinjection/c/sqlparse2c.py
  23. +6 −708 libs/libinjection/c/sqlparse_data.json
  24. +7 −2 libs/libinjection/c/sqlparse_map.py
  25. +2 −1 libs/libinjection/c/test_driver.py
  26. +11 −4 libs/libinjection/c/test_speed.c
  27. +137 −29 libs/libinjection/c/testdriver.c
  28. +62 −0 libs/libinjection/cicada/StateRedis.py
  29. +12 −0 libs/libinjection/cicada/cicada-event.py
  30. +12 −0 libs/libinjection/cicada/cicada-pump.py
  31. +134 −0 libs/libinjection/cicada/cicada-web.py
  32. +76 −363 libs/libinjection/cicada/cicada.py
  33. +57 −0 libs/libinjection/cicada/events.py
  34. +559 −72 libs/libinjection/cicada/libinjection_test.py
  35. +39 −0 libs/libinjection/cicada/pollers.py
  36. +38 −0 libs/libinjection/cicada/publishers.py
  37. +20 −0 libs/libinjection/cicada/shell.py
  38. +150 −0 libs/libinjection/cicada/sourcecontrol.py
  39. +49 −26 libs/libinjection/cicada/status.html
  40. +315 −0 libs/libinjection/data/sqli-fuzz-ischi.txt
  41. +11 −0 libs/libinjection/data/sqli-misc.txt
  42. +3 −0 libs/libinjection/data/xss-0x6D6172696F-394932823645503488.txt
  43. +366 −0 libs/libinjection/data/xss-html5secorg.txt
  44. +7 −0 libs/libinjection/data/xss-mgentile-2013.txt
  45. +2 −0 libs/libinjection/data/xss-modsecurity-2013-1.txt
  46. +3 −0 libs/libinjection/data/xss-modsecurity-2013-2.txt
  47. +255 −0 libs/libinjection/data/xss-owasp-cheatsheet-20131120.txt
  48. +85 −0 libs/libinjection/data/xss-smoke-test.txt
  49. +5 −0 libs/libinjection/data/xss-soaj1664ashar-367350377894518784.txt
  50. +2 −0 libs/libinjection/data/xss-soaj1664ashar-385461391366168576.txt
  51. +3 −0 libs/libinjection/data/xss-soaj1664ashar-396307604734881792.txt
  52. +3 −0 libs/libinjection/data/xss-soaj1664ashar-400257634449637376.txt
  53. +104 −0 libs/libinjection/data/xss-soaj1664ashar-pastebin-u6FY1xDA.txt
  54. +17 −14 libs/libinjection/lua/Makefile
  55. +2 −0 libs/libinjection/lua/libinjection.i
  56. +2 −1 libs/libinjection/lua/make_test.py
  57. +1 −9 libs/libinjection/misc/Makefile
  58. +36 −20 libs/libinjection/misc/base.html
  59. +0 −122 libs/libinjection/misc/days-since-last-bypass.html
  60. +0 −30 libs/libinjection/misc/decode.py
  61. +0 −27 libs/libinjection/misc/doc-libinjection-references.html
  62. +0 −26 libs/libinjection/misc/doc-libinjection-references.md
  63. +0 −139 libs/libinjection/misc/doc-references.html
  64. +0 −82 libs/libinjection/misc/doc-sqli-false-negative.html
  65. +0 −85 libs/libinjection/misc/doc-sqli-false-negative.md
  66. +0 −42 libs/libinjection/misc/doc-sqli-false-positive.html
  67. +0 −37 libs/libinjection/misc/doc-sqli-false-positive.md
  68. +0 −124 libs/libinjection/misc/doc-sqli-php.html
  69. +0 −132 libs/libinjection/misc/doc-sqli-php.md
  70. +0 −168 libs/libinjection/misc/doc-sqli-python.html
  71. +0 −174 libs/libinjection/misc/doc-sqli-python.md
  72. +0 −98 libs/libinjection/misc/doc-sqli-references.html
  73. +0 −110 libs/libinjection/misc/doc-sqli-references.md
  74. +0 −13 libs/libinjection/misc/doc-xss-references.html
  75. +0 −11 libs/libinjection/misc/doc-xss-references.md
  76. +0 −16 libs/libinjection/misc/doc.html
  77. +0 −13 libs/libinjection/misc/doc.md
  78. +0 −17 libs/libinjection/misc/encode.py
  79. +9 −9 libs/libinjection/misc/form.html
  80. +0 −29 libs/libinjection/misc/generate_modsecurity_tests.py
  81. +28 −0 libs/libinjection/misc/gittag.sh
  82. +44 −62 libs/libinjection/misc/home.html
  83. +11 −20 libs/libinjection/misc/home.md
  84. +2 −2 libs/libinjection/misc/logtable.html
  85. +2 −0 libs/libinjection/misc/modsecurity-merge.sh
  86. +10 −5 libs/libinjection/misc/sqliserver.py
  87. +0 −24 libs/libinjection/misc/ssl-stats.py
  88. +5 −5 libs/libinjection/misc/tokens.html
  89. +4 −1 libs/libinjection/php/Makefile
  90. +2 −3 libs/libinjection/php/example.php
  91. +2 −0 libs/libinjection/php/libinjection.i
  92. +19 −9 libs/libinjection/python/Makefile
  93. +2 −0 libs/libinjection/python/libinjection/libinjection.i
  94. +1 −1 libs/libinjection/python/setup.py
  95. +8 −19 libs/libinjection/python/test_driver.py
  96. +2 −1 libs/libinjection/tests/test-folding-054.txt
  97. +14 −0 libs/libinjection/tests/test-folding-109.txt
  98. +14 −0 libs/libinjection/tests/test-folding-110.txt
  99. +14 −0 libs/libinjection/tests/test-folding-111.txt
  100. +15 −0 libs/libinjection/tests/test-folding-112.txt
  101. +12 −0 libs/libinjection/tests/test-folding-113.txt
  102. +11 −0 libs/libinjection/tests/test-folding-114.txt
  103. +7 −0 libs/libinjection/tests/test-folding-115.txt
  104. +6 −0 libs/libinjection/tests/test-html5-001.txt
  105. +6 −0 libs/libinjection/tests/test-html5-002.txt
  106. +4 −0 libs/libinjection/tests/test-html5-003.txt
  107. +10 −0 libs/libinjection/tests/test-html5-004.txt
  108. +10 −0 libs/libinjection/tests/test-html5-005.txt
  109. +9 −0 libs/libinjection/tests/test-html5-006.txt
  110. +9 −0 libs/libinjection/tests/test-html5-007.txt
  111. +9 −0 libs/libinjection/tests/test-html5-008.txt
  112. +9 −0 libs/libinjection/tests/test-html5-009.txt
  113. +9 −0 libs/libinjection/tests/test-html5-010.txt
  114. +9 −0 libs/libinjection/tests/test-html5-011.txt
  115. +9 −0 libs/libinjection/tests/test-html5-012.txt
  116. +9 −0 libs/libinjection/tests/test-html5-013.txt
  117. +9 −0 libs/libinjection/tests/test-html5-014.txt
  118. +10 −0 libs/libinjection/tests/test-html5-015.txt
  119. +7 −0 libs/libinjection/tests/test-html5-016.txt
  120. +9 −0 libs/libinjection/tests/test-html5-017.txt
  121. +11 −0 libs/libinjection/tests/test-html5-018.txt
  122. +9 −0 libs/libinjection/tests/test-html5-019.txt
  123. +10 −0 libs/libinjection/tests/test-html5-020.txt
  124. +10 −0 libs/libinjection/tests/test-html5-021.txt
  125. +9 −0 libs/libinjection/tests/test-html5-022.txt
  126. +9 −0 libs/libinjection/tests/test-html5-023.txt
  127. +9 −0 libs/libinjection/tests/test-html5-024.txt
  128. +9 −0 libs/libinjection/tests/test-html5-025.txt
  129. +9 −0 libs/libinjection/tests/test-html5-026.txt
  130. +9 −0 libs/libinjection/tests/test-html5-027.txt
  131. +9 −0 libs/libinjection/tests/test-html5-028.txt
  132. +9 −0 libs/libinjection/tests/test-html5-029.txt
  133. +8 −0 libs/libinjection/tests/test-html5-030.txt
  134. +8 −0 libs/libinjection/tests/test-html5-031.txt
  135. +10 −0 libs/libinjection/tests/test-html5-032.txt
  136. +9 −0 libs/libinjection/tests/test-html5-033.txt
  137. +9 −0 libs/libinjection/tests/test-html5-034.txt
  138. +9 −0 libs/libinjection/tests/test-html5-035.txt
  139. +9 −0 libs/libinjection/tests/test-html5-036.txt
  140. +11 −0 libs/libinjection/tests/test-html5-037.txt
  141. +12 −0 libs/libinjection/tests/test-html5-038.txt
  142. +10 −0 libs/libinjection/tests/test-html5-039.txt
  143. +9 −0 libs/libinjection/tests/test-html5-040.txt
  144. +9 −0 libs/libinjection/tests/test-html5-041.txt
  145. +9 −0 libs/libinjection/tests/test-html5-042.txt
  146. +11 −0 libs/libinjection/tests/test-html5-043.txt
  147. +13 −0 libs/libinjection/tests/test-html5-044.txt
  148. +9 −0 libs/libinjection/tests/test-html5-045.txt
  149. +9 −0 libs/libinjection/tests/test-html5-046.txt
  150. +9 −0 libs/libinjection/tests/test-html5-047.txt
  151. +9 −0 libs/libinjection/tests/test-html5-048.txt
  152. +9 −0 libs/libinjection/tests/test-html5-049.txt
  153. +9 −0 libs/libinjection/tests/test-html5-050.txt
  154. +9 −0 libs/libinjection/tests/test-html5-051.txt
  155. +9 −0 libs/libinjection/tests/test-html5-052.txt
  156. +9 −0 libs/libinjection/tests/test-html5-053.txt
  157. +9 −0 libs/libinjection/tests/test-html5-054.txt
  158. +9 −0 libs/libinjection/tests/test-html5-055.txt
  159. +9 −0 libs/libinjection/tests/test-html5-056.txt
  160. +9 −0 libs/libinjection/tests/test-html5-059.txt
  161. +11 −0 libs/libinjection/tests/test-html5-061.txt
  162. +9 −0 libs/libinjection/tests/test-html5-062.txt
  163. +10 −0 libs/libinjection/tests/test-sqli-050.txt
  164. +8 −0 libs/libinjection/tests/test-tokens-variables-012.txt
  165. +8 −0 libs/libinjection/tests/test-tokens-variables-013.txt
  166. +8 −0 libs/libinjection/tests/test-tokens-variables-014.txt
  167. +8 −0 libs/libinjection/tests/test-tokens-variables-015.txt
View
13 libs/libinjection/CHANGELOG.md
@@ -1,3 +1,16 @@
+# vNEXT
+
+# v3.9.0 - 2013-11-29
+
+Black Friday Edition
+
+* Big API Change!! everything in `libinjection.h` is now `libinjection_sqli.h`. And a new super simple API is in `libinjection.h`
+* Improvements to folder to prevent bypasses using SQL types (casts). This eliminated about 400 fingerprints as well.
+* Blacklisted a very degenerate MySQL ODBC case, that is highly unlike to be used in 'real inputs'. thanks to @LightOS foreporting.. not clear who found it originally.
+* Over 400 unit tests now!
+* Compiles clean under clang with `-Weverything -Wno-padded` `-Wno-padded` is excluded since it's architecture dependant. See `clang.sh` to see how to invoke.
+* PHP documentation fixes, thanks @LightOS
+
# v3.8.0 - 2013-10-18
LAMP Special Edition: MySQL and PHP improvements
View
23 libs/libinjection/README.md
@@ -4,16 +4,16 @@ libinjection
SQL / SQLI tokenizer parser analyzer. For
* C and C++
-* PHP
-* Python
-* Lua
+* [PHP](https://libinjection.client9.com/doc-sqli-php)
+* [Python](https://libinjection.client9.com/doc-sqli-python)
+* [Lua](https://github.com/client9/libinjection/tree/master/lua)
See
[https://libinjection.client9.com/](https://libinjection.client9.com/)
for details and presentations.
To use:
-look at sqli_cli.c, reader.c as examples, but it's as simple as this:
+look at [sqli_cli.c](https://github.com/client9/libinjection/blob/master/c/sqli_cli.c), [reader.c](https://github.com/client9/libinjection/blob/master/c/reader.c), and [fptool](https://github.com/client9/libinjection/blob/master/c/fptool.c) as examples, but it's as simple as this:
```c
#include <stdio.h>
@@ -40,7 +40,7 @@ int main(int argc, const char* argv[])
```
```
-$ gcc examples.c libinjection_sqli.c
+$ gcc -Wall -Wextra examples.c libinjection_sqli.c
$ ./a.out "-1' and 1=1 union/* foo */select load_file('/etc/passwd')--"
sqli detected with fingerprint of 's&1UE'
```
@@ -71,8 +71,7 @@ https://libinjection.client9.com/diagnostics
For quick experiments, cracking and breaking, and other ad-hoc tests.
-At https://libinjection.client9.com/cicada/ is
-a integration server showing automated testing:
+At https://libinjection.client9.com/cicada/ is a integration server showing automated testing:
* build and unit-tests under GCC latest
* build, unit-tests and static analysis using clang
@@ -97,11 +96,11 @@ Send requests to nickg@client9.com
EMBEDDING
=============
-The 'c' directory is a mess, but you only need to copy the following
+The 'c' directory contains everything, but you only need to copy the following
into your source tree:
-* c/libinjection.h
-* c/libinjection_sqli.c
-* c/libinjection_sqli_data.h
-* COPYING
+* [c/libinjection.h](https://github.com/client9/libinjection/blob/master/c/libinjection.h)
+* [c/libinjection_sqli.c](https://github.com/client9/libinjection/blob/master/c/libinjection_sqli.c)
+* [c/libinjection_sqli_data.h](https://github.com/client9/libinjection/blob/master/c/libinjection_sqli_data.h)
+* [COPYING.txt](https://github.com/client9/libinjection/blob/master/COPYING.txt)
View
3 libs/libinjection/c/.gitignore
@@ -6,6 +6,9 @@ fptool
sqli
testspeed
build
+testdriver
+example1
+a.out
*~
*.pyc
*.dSYM
View
67 libs/libinjection/c/Makefile
@@ -1,9 +1,19 @@
-VALGRIND=valgrind --gen-suppressions=no \
+VALGRIND=valgrind
+VALGRIND_FLAGS=--gen-suppressions=no \
--read-var-info=yes \
--error-exitcode=1 \
--track-origins=yes
+CPPCHECK=cppcheck
+CPPCHECK_FLAGS=--quiet --enable=all --inconclusive --error-exitcode=2 \
+ --std=c89 --std=posix --std=c++11 \
+ --suppress=variableScope \
+ --template '{file}:{line} {severity} {id} {message}'
+
+
+# Default GCC-based flags
+#
# http://stackoverflow.com/questions/1629685/when-and-how-to-use-gccs-stack-protection-feature
# We will warn about stack-protect just to make sure we don't
# cause errors in environments that's it used. However we do not
@@ -12,8 +22,7 @@ VALGRIND=valgrind --gen-suppressions=no \
# * does not actually protect against buffer over-reads on fixed array sizes
# * breaks valgrinds ability to detect this.
#
-CFLAGS=-g -O3 -Wall -Wextra -Wcast-align -Wshadow -Wpointer-arith -Wcast-qual -Wstack-protector -D_FORTIFY_SOURCE=2
-
+CFLAGS=-g -O3 -Wall -Wextra -Werror -Wcast-align -Wshadow -Wpointer-arith -Wcast-qual -Wstack-protector -D_FORTIFY_SOURCE=2 -std=c90 -pedantic
help:
@echo ""
@@ -37,30 +46,27 @@ help:
allbin: reader sqli fptool example1 testspeed testdriver
example1: Makefile example1.c libinjection_sqli_data.h libinjection.h libinjection_sqli.c
- ${CC} ${CFLAGS} -o example1 libinjection_sqli.c example1.c
+ ${CC} ${CFLAGS} -o example1 libinjection_sqli.c example1.c
-reader: Makefile reader.c libinjection_sqli_data.h libinjection.h libinjection_sqli.c
- ${CC} ${CFLAGS} -o reader libinjection_sqli.c reader.c
+reader: Makefile reader.c libinjection_sqli_data.h libinjection.h libinjection_sqli.c libinjection_html5.c libinjection_xss.c
+ ${CC} ${CFLAGS} -o reader libinjection_sqli.c libinjection_html5.c libinjection_xss.c reader.c
-reader-gprof: Makefile reader.c libinjection_sqli_data.h libinjection.h libinjection_sqli.c
- make clean
- ${CC} -g -O2 -pg -o reader libinjection_sqli.c reader.c
+reader-gprof: Makefile reader.c libinjection_sqli_data.h libinjection.h libinjection_sqli.c libinjection_xss.c
+ ${MAKE} clean
+ ${CC} -g -O2 -pg -o reader-gprof libinjection_sqli.c libinjection_html5.c libinjection_xss.c reader.c
-reader-gcov: Makefile sqlparse_data.h libinjection.h libinjection_sqli.c reader.c
- g++ -g -O0 -fprofile-arcs -ftest-coverage -Wall -Wextra -o reader-gcov libinjection_sqli.c reader.c
+reader-gcov: Makefile libinjection.h libinjection_sqli.h libinjection_sqli_data.h libinjection_sqli.c libinjection_xss.c reader.c
+ ${CC} -g -O0 -fprofile-arcs -ftest-coverage -Wall -Wextra -o reader-gcov libinjection_sqli.c libinjection_html5.c libinjection_xss.c reader.c
-testdriver: Makefile testdriver.c libinjection_sqli_data.h libinjection.h libinjection_sqli.c
- ${CC} ${CFLAGS} -O1 -o testdriver libinjection_sqli.c testdriver.c
+testdriver: Makefile testdriver.c libinjection.h libinjection_sqli_data.h libinjection_sqli.h libinjection_sqli.c libinjection_html5.c libinjection_xss.c
+ ${CC} ${CFLAGS} -O0 -o testdriver libinjection_sqli.c libinjection_html5.c libinjection_xss.c testdriver.c
-testdriver-gcov: testdriver.c libinjection.h libinjection_sqli.c libinjection_sqli_data.h
+testdriver-gcov: testdriver.c libinjection.h libinjection_sqli.c libinjection_sqli_data.h libinjection_html5.c
rm -f sqli
- gcc -g -fprofile-arcs -ftest-coverage -O0 -o testdriver-gcov testdriver.c libinjection_sqli.c
-
-is_sqli: Makefile is_sqli_cli.cpp libinjection_sqli.c libinjection.h libinjection_sqli_data.h libinjection_sqli_data.h
- ${CXX} ${CFLAGS} -O3 -o is_sqli is_sqli_cli.cpp libinjection_sqli.c
+ ${CC} -g -fprofile-arcs -ftest-coverage -O0 -o testdriver-gcov libinjection_sqli.c libinjection_html5.c libinjection_xss.c testdriver.c
sqli: Makefile sqli_cli.c libinjection_sqli.c libinjection.h libinjection_sqli_data.h
- ${CC} -g -O1 -o sqli sqli_cli.c libinjection_sqli.c
+ ${CC} ${CFLAGS} -o sqli sqli_cli.c libinjection_sqli.c
fptool: Makefile fptool.c libinjection.h libinjection_sqli.c libinjection_sqli_data.h
${CC} ${CFLAGS} -o fptool fptool.c libinjection_sqli.c
@@ -76,16 +82,14 @@ testpy: test_driver.py sqli libinjection_sqli_data.h libinjection_sqli.c libinje
test: testdriver libinjection_sqli_data.h libinjection_sqli.c libinjection.h
(cd ../tests; ../c/testdriver -q test-*.txt)
- ./reader -q ../data/*.txt
+ ./reader -q ../data/sqli-*.txt
valgrind: reader testdriver
- (cd ../tests; ${VALGRIND} ../c/testdriver -q test-*.txt)
- ${VALGRIND} ./reader -q ../data/*.txt
+ (cd ../tests; find . -name 'test*.txt' | xargs ${VALGRIND} ${VALGRIND_FLAGS} ../c/testdriver -q)
+ ${VALGRIND} ${VALGRIND_FLAGS} ./reader -q ../data/sqli-*.txt
cppcheck:
- cppcheck --enable=all --inconclusive --std=c89 --error-exitcode=2 \
- --suppress=variableScope \
- --template '{file}:{line} {severity} {id} {message}' .
+ ${CPPCHECK} ${CPPCHECK_FLAGS} .
unused:
-${MAKE} test_positive | grep True | awk '{print $$4}' | sort -u > /tmp/junk
@@ -127,18 +131,20 @@ coverage-testdriver: testdriver-gcov
lcov -b . --directory . --capture --output-file libinjection.info
lcov -b . --directory . --remove libinjection.info '/usr/include*' -o libinjection.info
lcov -b . --directory . --remove libinjection.info 'testdriver' -o libinjection.info
- genhtml -o lcov-html libinjection.info
+ genhtml --branch-coverage -o lcov-html libinjection.info
coverage-reader: reader-gcov
rm -f libinjection.info
rm -rf lcov-html
mkdir lcov-html
lcov -b . --directory . --zerocounters
- -./reader-gcov -q ../data/*.txt
+ -./reader-gcov -q ../data/sqli-*.txt
+ -./reader-gcov -q -x ../data/xss-*.txt
lcov -b . --directory . --capture --output-file libinjection.info
lcov -b . --directory . --remove libinjection.info '/usr/include*' -o libinjection.info
lcov -b . --directory . --remove libinjection.info 'reader' -o libinjection.info
- genhtml -o lcov-html libinjection.info
+ genhtml --branch-coverage -o lcov-html libinjection.info
+
.PHONY: coverage-reader coverage-testdriver
@@ -156,6 +162,9 @@ clean:
@rm -rf core* a.out
@rm -f gmon.out nosetests.xml valgrind-*.txt
@rm -f reader is_sqli lcov-reader sqli fptool testdriver example1
- @rm -f reader-gcov testdriver-gcov
+ @rm -f reader-gcov testdriver-gcov reader-gprof
@rm -f fingerprints-orig.txt
+ @rm -f *.ll *.ll.out
+# *.ll *.ll.out are produced by "stack"
+# https://github.com/xiw/stack
View
37 libs/libinjection/c/clang-static-analyzer.sh
@@ -0,0 +1,37 @@
+#!/bin/bash
+
+rm -f testdriver
+
+scan-build --status-bugs \
+-enable-checker alpha.core.BoolAssignment \
+-enable-checker alpha.core.CastSize \
+-enable-checker alpha.core.CastToStruct \
+-enable-checker alpha.core.FixedAddr \
+-enable-checker alpha.core.PointerArithm \
+-enable-checker alpha.core.SizeofPtr \
+-enable-checker alpha.deadcode.IdempotentOperations \
+-enable-checker alpha.deadcode.UnreachableCode \
+-enable-checker alpha.security.ArrayBound \
+-enable-checker alpha.security.MallocOverflow \
+-enable-checker alpha.security.ReturnPtrRange \
+-enable-checker alpha.unix.cstring.BufferOverlap \
+-enable-checker alpha.unix.cstring.OutOfBounds \
+-enable-checker security.FloatLoopCounter \
+-enable-checker security.insecureAPI.rand \
+make testdriver
+
+# notes 2013-10-24
+
+# do not understand
+# -no-failure-reports
+
+# seems broken or I don't understand it
+# -enable-checker alpha.core.PointerSub
+
+#
+# probably good.. used in testdriver as a hack
+#-enable-checker security.insecureAPI.strcpy
+
+# has problem with "backwards array iteration"
+# used in is_backslash_escaped
+#-enable-checker alpha.security.ArrayBoundV2
View
17 libs/libinjection/c/clang.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+
+#
+# adjust as needed for your clang setup
+#
+# -Wno-padded padding can change by OS/version this check is really
+# for embedded systems so it's ok to skip
+#
+# -Wno-covered-switch-default Don't warn if we have a switch that
+# covers all of an enum AND we have a default. enums are only losely
+# typed, it's good to have a default: assert(0) in case someone does
+# a bad cast, etc also this conflicts with GCC checks.
+#
+make clean
+export CC=clang
+export CFLAGS="-g -O3 -Werror -Weverything -Wno-padded -Wno-covered-switch-default"
+make -e test
View
11 libs/libinjection/c/example1.c
@@ -4,9 +4,10 @@
int main(int argc, const char* argv[])
{
+ char fingerprint[8];
const char* input;
size_t slen;
- struct libinjection_sqli_state state;
+ int issqli;
if (argc < 2) {
fprintf(stderr, "Usage: %s inputstring\n", argv[0]);
@@ -16,12 +17,14 @@ int main(int argc, const char* argv[])
input = argv[1];
slen = strlen(input);
- libinjection_sqli_init(&state, input, slen, FLAG_NONE);
- int issqli = libinjection_is_sqli(&state);
+
+ issqli = libinjection_sqli(input, slen, fingerprint);
if (issqli) {
- printf("sqli with fingerprint of '%s'\n", state.fingerprint);
+ printf("sqli with fingerprint of '%s'\n", fingerprint);
} else {
printf("not sqli\n");
}
+
+
return issqli;
}
View
708 libs/libinjection/c/fingerprints.txt
@@ -46,7 +46,6 @@
&1os1
&1osU
&1osf
-&1oso
&1osv
&1ov(
&1ovU
@@ -81,7 +80,6 @@
&nos1
&nosU
&nosf
-&noso
&nosv
&nov(
&novU
@@ -104,20 +102,17 @@
&so1U
&so1f
&so1n
-&so1o
&so1s
&so1v
&sof(
&son(
&son1
&sonU
&sonf
-&sono
&sos(
&sos1
&sosU
&sosf
-&soso
&sosv
&sov(
&sovU
@@ -141,7 +136,6 @@
&vos1
&vosU
&vosf
-&voso
&vosv
)UE(1
)UE(f
@@ -174,7 +168,6 @@
1&(En
1&(Eo
1&(Es
-1&(Et
1&(Ev
1&(f(
1&(n&
@@ -185,7 +178,6 @@
1&(s)
1&(s,
1&(so
-1&(t(
1&(v&
1&(v)
1&(v,
@@ -273,7 +265,6 @@
1&f(f
1&f(n
1&f(s
-1&f(t
1&f(v
1&k&(
1&k&1
@@ -389,12 +380,6 @@
1&sv;
1&svc
1&svo
-1&t(1
-1&t(E
-1&t(f
-1&t(n
-1&t(s
-1&t(v
1&v
1&v&(
1&v&1
@@ -615,7 +600,6 @@
1)o(f
1)o(n
1)o(s
-1)o(t
1)o(v
1)o1
1)o1&
@@ -625,7 +609,6 @@
1)o1U
1)o1c
1)o1k
-1)o1o
1)of(
1)on&
1)on)
@@ -634,7 +617,6 @@
1)onU
1)onc
1)onk
-1)ono
1)os
1)os&
1)os)
@@ -643,7 +625,6 @@
1)osU
1)osc
1)osk
-1)oso
1)ov
1)ov&
1)ov)
@@ -674,20 +655,7 @@
1,f(f
1,f(n
1,f(s
-1,f(t
1,f(v
-1,v),
-1,v)o
-1,vB(
-1,vB1
-1,vBf
-1,vBn
-1,vBs
-1,vBv
-1,vUE
-1,vo(
-1,vof
-1,vos
1;E(1
1;E(E
1;E(f
@@ -715,7 +683,6 @@
1;Enc
1;Enk
1;Eno
-1;Eo(
1;Es,
1;Es;
1;EsT
@@ -741,7 +708,6 @@
1;T1f
1;T1k
1;T1o
-1;T1t
1;T;
1;T;c
1;TT(
@@ -770,7 +736,6 @@
1;Tnn
1;Tno
1;Tns
-1;Tnt
1;Tnv
1;To(
1;Ts,
@@ -780,15 +745,13 @@
1;Tsf
1;Tsk
1;Tso
-1;Tst
1;Tv,
1;Tv;
1;TvT
1;Tvc
1;Tvf
1;Tvk
1;Tvo
-1;Tvt
1;n:T
1A(f(
1A(n)
@@ -839,7 +802,6 @@
1B1&v
1B1,(
1B1,f
-1B1,v
1B1;
1B1;c
1B1B(
@@ -882,7 +844,6 @@
1Bn&v
1Bn,(
1Bn,f
-1Bn,v
1Bn;
1Bn;c
1BnB(
@@ -913,7 +874,6 @@
1Bs&v
1Bs,(
1Bs,f
-1Bs,v
1Bs;
1Bs;c
1BsB(
@@ -945,11 +905,7 @@
1Bv&s
1Bv&v
1Bv,(
-1Bv,1
1Bv,f
-1Bv,n
-1Bv,s
-1Bv,v
1Bv;
1Bv;c
1BvB(
@@ -1078,7 +1034,6 @@
1U(vo
1U1,(
1U1,f
-1U1,v
1U1c
1U1o(
1U1of
@@ -1191,7 +1146,6 @@
1Un(v
1Un,(
1Un,f
-1Un,v
1Un1(
1Un1,
1Un1o
@@ -1217,7 +1171,6 @@
1Uons
1Us,(
1Us,f
-1Us,v
1Usc
1Uso(
1Uso1
@@ -1226,11 +1179,7 @@
1Usos
1Usov
1Uv,(
-1Uv,1
1Uv,f
-1Uv,n
-1Uv,s
-1Uv,v
1Uvc
1Uvo(
1Uvof
@@ -1478,24 +1427,16 @@
1o(Ek
1o(En
1o(Es
-1o(Et
1o(Ev
1o(f(
1o(n&
1o(n)
1o(n,
1o(no
-1o(o(
-1o(o1
-1o(of
-1o(on
-1o(os
-1o(ov
1o(s&
1o(s)
1o(s,
1o(so
-1o(t(
1o(v&
1o(v)
1o(v,
@@ -1509,7 +1450,6 @@
1of(f
1of(n
1of(s
-1of(t
1of(v
1ok&(
1ok&1
@@ -1545,7 +1485,6 @@
1os&k
1os&n
1os&s
-1os&t
1os&v
1os(E
1os(U
@@ -1560,7 +1499,6 @@
1os)o
1os,(
1os,f
-1os,v
1os1(
1os1U
1os1f
@@ -1617,27 +1555,11 @@
1oskn
1osks
1oskv
-1oso(
-1oso1
-1osoU
-1osof
-1osok
-1oson
-1osos
-1osot
-1osov
1osv(
1osvU
1osvf
1osvo
1osvs
-1ot(1
-1ot(E
-1ot(f
-1ot(n
-1ot(s
-1ot(t
-1ot(v
1ov
1ov&(
1ov&1
@@ -1647,7 +1569,6 @@
1ov&k
1ov&n
1ov&s
-1ov&t
1ov&v
1ov(E
1ov(U
@@ -1661,11 +1582,7 @@
1ov)k
1ov)o
1ov,(
-1ov,1
1ov,f
-1ov,n
-1ov,s
-1ov,v
1ov;
1ov;E
1ov;T
@@ -1721,7 +1638,6 @@
1ovof
1ovok
1ovos
-1ovot
1ovs(
1ovs1
1ovsU
@@ -1765,7 +1681,6 @@
1vos1
1vosU
1vosf
-1voso
1vosv
1vs
1vs;
@@ -1822,15 +1737,13 @@ E(Ek1
E(Ekf
E(Ekn
E(Eks
-E(Ekt
E(Ekv
E(En&
E(En)
E(Eno
E(Es&
E(Es)
E(Eso
-E(Et(
E(Ev&
E(Ev)
E(Evo
@@ -1840,7 +1753,6 @@ E(f(E
E(f(f
E(f(n
E(f(s
-E(f(t
E(f(v
E(n&(
E(n&1
@@ -1904,12 +1816,6 @@ E(sos
E(sov
E(sv)
E(svo
-E(t(1
-E(t(E
-E(t(f
-E(t(n
-E(t(s
-E(t(v
E(v&(
E(v&1
E(v&f
@@ -1978,9 +1884,6 @@ E1,(n
E1,(s
E1,(v
E1,f(
-E1,v,
-E1,vk
-E1,vo
E1;(E
E1B(1
E1B(f
@@ -2042,7 +1945,6 @@ E1o(E
E1o(f
E1o(n
E1o(s
-E1o(t
E1o(v
E1of(
E1os&
@@ -2055,7 +1957,6 @@ E1osB
E1osU
E1osf
E1osk
-E1oso
E1osv
E1ov&
E1ov(
@@ -2113,7 +2014,6 @@ Ef(s&
Ef(s)
Ef(s,
Ef(so
-Ef(t(
Ef(v&
Ef(v)
Ef(v,
@@ -2133,7 +2033,6 @@ Ek(Ef
Ek(Ek
Ek(En
Ek(Es
-Ek(Et
Ek(Ev
Ek(f(
Ek(n&
@@ -2151,7 +2050,6 @@ Ek(s1
Ek(sf
Ek(so
Ek(sv
-Ek(t(
Ek(v&
Ek(v(
Ek(v)
@@ -2174,7 +2072,6 @@ Ek1)k
Ek1)o
Ek1,(
Ek1,f
-Ek1,v
Ek1;(
Ek1B(
Ek1B1
@@ -2221,7 +2118,6 @@ Ekf(f
Ekf(n
Ekf(o
Ekf(s
-Ekf(t
Ekf(v
Ekn&(
Ekn&1
@@ -2242,7 +2138,6 @@ Ekn)k
Ekn)o
Ekn,(
Ekn,f
-Ekn,v
Ekn1
Ekn1;
Ekn1c
@@ -2287,7 +2182,6 @@ Eks)k
Eks)o
Eks,(
Eks,f
-Eks,v
Eks1
Eks1;
Eks1c
@@ -2322,13 +2216,6 @@ Eksvc
Eksvf
Eksvk
Eksvo
-Ekt(1
-Ekt(E
-Ekt(f
-Ekt(n
-Ekt(s
-Ekt(t
-Ekt(v
Ekv&(
Ekv&1
Ekv&f
@@ -2343,11 +2230,7 @@ Ekv)c
Ekv)k
Ekv)o
Ekv,(
-Ekv,1
Ekv,f
-Ekv,n
-Ekv,s
-Ekv,v
Ekv;(
EkvB(
EkvB1
@@ -2421,9 +2304,6 @@ En,(n
En,(s
En,(v
En,f(
-En,v,
-En,vk
-En,vo
En1;
En1;c
En1c
@@ -2488,7 +2368,6 @@ Eno(E
Eno(f
Eno(n
Eno(s
-Eno(t
Eno(v
Enof(
Enos&
@@ -2501,7 +2380,6 @@ EnosB
EnosU
Enosf
Enosk
-Enoso
Enosv
Enov&
Enov(
@@ -2514,15 +2392,6 @@ Enovf
Enovk
Enovo
Enovs
-Eo(1,
-Eo(1o
-Eo(f(
-Eo(n,
-Eo(no
-Eo(s,
-Eo(so
-Eo(v,
-Eo(vo
Eok(E
Eoknk
Es&(1
@@ -2567,9 +2436,6 @@ Es,(n
Es,(s
Es,(v
Es,f(
-Es,v,
-Es,vk
-Es,vo
Es1
Es1;
Es1;c
@@ -2634,7 +2500,6 @@ Eso(E
Eso(f
Eso(n
Eso(s
-Eso(t
Eso(v
Eso1&
Eso1(
@@ -2646,7 +2511,6 @@ Eso1U
Eso1f
Eso1k
Eso1n
-Eso1o
Eso1s
Eso1v
Esof(
@@ -2660,7 +2524,6 @@ EsonB
EsonU
Esonf
Esonk
-Esono
Esos&
Esos(
Esos)
@@ -2671,7 +2534,6 @@ EsosB
EsosU
Esosf
Esosk
-Esoso
Esosv
Esov&
Esov(
@@ -2691,27 +2553,6 @@ Esvc
Esvo(
Esvof
Esvos
-Et(1&
-Et(1)
-Et(1o
-Et(E(
-Et(E1
-Et(Ef
-Et(Ek
-Et(En
-Et(Es
-Et(Ev
-Et(f(
-Et(n&
-Et(n)
-Et(no
-Et(s&
-Et(s)
-Et(so
-Et(t(
-Et(v&
-Et(v)
-Et(vo
Ev&(1
Ev&(E
Ev&(f
@@ -2753,19 +2594,7 @@ Ev,(f
Ev,(n
Ev,(s
Ev,(v
-Ev,1,
-Ev,1k
-Ev,1o
Ev,f(
-Ev,n,
-Ev,nk
-Ev,no
-Ev,s,
-Ev,sk
-Ev,so
-Ev,v,
-Ev,vk
-Ev,vo
Ev;(E
EvB(1
EvB(f
@@ -2832,7 +2661,6 @@ Evo(E
Evo(f
Evo(n
Evo(s
-Evo(t
Evo(v
Evof(
Evos&
@@ -2845,7 +2673,6 @@ EvosB
EvosU
Evosf
Evosk
-Evoso
Evosv
Evs
Evs;
@@ -2925,7 +2752,6 @@ T1o(s
T1o(v
T1of(
T1osf
-T1oso
T1ovf
T1ovo
Tf()f
@@ -2965,7 +2791,6 @@ Tno(s
Tno(v
Tnof(
Tnosf
-Tnoso
Tnovf
Tnovo
Tns;
@@ -2989,12 +2814,9 @@ Tso(n
Tso(s
Tso(v
Tso1f
-Tso1o
Tsof(
Tsonf
-Tsono
Tsosf
-Tsoso
Tsovf
Tsovo
Tvf(1
@@ -3009,7 +2831,6 @@ Tvo(s
Tvo(v
Tvof(
Tvosf
-Tvoso
U(E(1
U(E(f
U(E(k
@@ -3050,7 +2871,6 @@ UE(vo
UE1
UE1,(
UE1,f
-UE1,v
UE1;
UE1;c
UE1c
@@ -3103,7 +2923,6 @@ UEkvo
UEn()
UEn,(
UEn,f
-UEn,v
UEn;
UEn;c
UEnc
@@ -3120,7 +2939,6 @@ UEnov
UEs
UEs,(
UEs,f
-UEs,v
UEs;
UEs;c
UEsc
@@ -3138,11 +2956,7 @@ UEsos
UEsov
UEv
UEv,(
-UEv,1
UEv,f
-UEv,n
-UEv,s
-UEv,v
UEv;
UEv;c
UEvc
@@ -3161,17 +2975,13 @@ Uf(no
Uf(so
Uf(vo
X
-echo
-echo;
-echoc
f()&(
f()&1
f()&E
f()&f
f()&k
f()&n
f()&s
-f()&t
f()&v
f(),(
f(),1
@@ -3249,7 +3059,6 @@ f()of
f()ok
f()on
f()os
-f()ot
f()ov
f()s(
f()s1
@@ -3286,7 +3095,6 @@ f(1)s
f(1)v
f(1,(
f(1,f
-f(1,v
f(1o(
f(1of
f(1os
@@ -3307,7 +3115,6 @@ f(Ek1
f(Ekf
f(Ekn
f(Eks
-f(Ekt
f(Ekv
f(En&
f(En)
@@ -3317,7 +3124,6 @@ f(Es&
f(Es)
f(Esk
f(Eso
-f(Et(
f(Ev&
f(Ev)
f(Evk
@@ -3328,7 +3134,6 @@ f(f(E
f(f(f
f(f(n
f(f(s
-f(f(t
f(f(v
f(k()
f(k,(
@@ -3357,7 +3162,6 @@ f(n)s
f(n)v
f(n,(
f(n,f
-f(n,v
f(no(
f(nof
f(nos
@@ -3386,27 +3190,14 @@ f(s)s
f(s)v
f(s,(
f(s,f
-f(s,v
f(so(
f(so1
f(sof
f(son
f(sos
f(sov
-f(t(1
-f(t(E
-f(t(f
-f(t(n
-f(t(s
-f(t(t
-f(t(v
-f(t),
f(t,(
-f(t,1
f(t,f
-f(t,n
-f(t,s
-f(t,v
f(v&(
f(v&1
f(v&f
@@ -3430,11 +3221,7 @@ f(v)o
f(v)s
f(v)v
f(v,(
-f(v,1
f(v,f
-f(v,n
-f(v,s
-f(v,v
f(vo(
f(vof
f(vos
@@ -3483,15 +3270,12 @@ k1,(n
k1,(s
k1,(v
k1,f(
-k1,vc
-k1,vo
k1A(f
k1A(n
k1A(s
k1A(v
k1Af(
k1Aso
-k1Ato
k1Avo
k1k(1
k1k(f
@@ -3518,7 +3302,6 @@ k1os1
k1osA
k1osf
k1osk
-k1oso
k1osv
k1ov(
k1ov,
@@ -3546,15 +3329,12 @@ kn,(n
kn,(s
kn,(v
kn,f(
-kn,vc
-kn,vo
knA(f
knA(n
knA(s
knA(v
knAf(
knAso
-knAto
knAvo
knk(1
knk(f
@@ -3575,15 +3355,12 @@ ks,(n
ks,(s
ks,(v
ks,f(
-ks,vc
-ks,vo
ksA(f
ksA(n
ksA(s
ksA(v
ksAf(
ksAso
-ksAto
ksAvo
ksk(1
ksk(f
@@ -3609,7 +3386,6 @@ kso1A
kso1f
kso1k
kso1n
-kso1o
kso1s
kso1v
ksof(
@@ -3619,14 +3395,12 @@ kson1
ksonA
ksonf
ksonk
-ksono
ksos(
ksos,
ksos1
ksosA
ksosf
ksosk
-ksoso
ksosv
ksov(
ksov,
@@ -3640,22 +3414,13 @@ kv,(f
kv,(n
kv,(s
kv,(v
-kv,1c
-kv,1o
kv,f(
-kv,nc
-kv,no
-kv,sc
-kv,so
-kv,vc
-kv,vo
kvA(f
kvA(n
kvA(s
kvA(v
kvAf(
kvAso
-kvAto
kvAvo
kvk(1
kvk(f
@@ -3682,7 +3447,6 @@ kvos1
kvosA
kvosf
kvosk
-kvoso
kvosv
n&(1&
n&(1)
@@ -3695,24 +3459,16 @@ n&(Ek
n&(En
n&(Eo
n&(Es
-n&(Et
n&(Ev
n&(f(
n&(n&
n&(n)
n&(n,
n&(no
-n&(o(
-n&(o1
-n&(of
-n&(on
-n&(os
-n&(ov
n&(s&
n&(s)
n&(s,
n&(so
-n&(t(
n&(v&
n&(v)
n&(v,
@@ -3797,7 +3553,6 @@ n&f(E
n&f(f
n&f(n
n&f(s
-n&f(t
n&f(v
n&k&(
n&k&1
@@ -3906,12 +3661,6 @@ n&sv
n&sv;
n&svc
n&svo
-n&t(1
-n&t(E
-n&t(f
-n&t(n
-n&t(s
-n&t(v
n&v
n&v&(
n&v&1
@@ -3966,6 +3715,7 @@ n(1of
n(1os
n(1ov
n(Ef(
+n(Ekf
n(Ekn
n(Enk
n(U(E
@@ -4167,7 +3917,6 @@ n)o(E
n)o(f
n)o(n
n)o(s
-n)o(t
n)o(v
n)o1&
n)o1)
@@ -4176,7 +3925,6 @@ n)o1B
n)o1U
n)o1c
n)o1k
-n)o1o
n)of(
n)on
n)on&
@@ -4186,7 +3934,6 @@ n)onB
n)onU
n)onc
n)onk
-n)ono
n)os
n)os&
n)os)
@@ -4195,7 +3942,6 @@ n)osB
n)osU
n)osc
n)osk
-n)oso
n)ov
n)ov&
n)ov)
@@ -4225,26 +3971,7 @@ n,f(1
n,f(f
n,f(n
n,f(s
-n,f(t
n,f(v
-n,v),
-n,v)o
-n,v,(
-n,v,1
-n,v,f
-n,v,n
-n,v,s
-n,v,v
-n,vB(
-n,vB1
-n,vBf
-n,vBn
-n,vBs
-n,vBv
-n,vUE
-n,vo(
-n,vof
-n,vos
n1UE
n1UE;
n1UEc
@@ -4265,7 +3992,6 @@ n1os(
n1os1
n1osU
n1osf
-n1oso
n1osv
n1ov(
n1ovU
@@ -4308,7 +4034,6 @@ n;EnT
n;Enc
n;Enk
n;Eno
-n;Eo(
n;Es,
n;Es;
n;EsT
@@ -4334,7 +4059,6 @@ n;T1c
n;T1f
n;T1k
n;T1o
-n;T1t
n;T;
n;T;c
n;TT(
@@ -4364,7 +4088,6 @@ n;Tnk
n;Tnn
n;Tno
n;Tns
-n;Tnt
n;Tnv
n;To(
n;Ts,
@@ -4374,15 +4097,13 @@ n;Tsc
n;Tsf
n;Tsk
n;Tso
-n;Tst
n;Tv,
n;Tv;
n;TvT
n;Tvc
n;Tvf
n;Tvk
n;Tvo
-n;Tvt
n;n:T
nA(f(
nA(n)
@@ -4433,7 +4154,6 @@ nB1&s
nB1&v
nB1,(
nB1,f
-nB1,v
nB1;
nB1;c
nB1B(
@@ -4475,7 +4195,6 @@ nBn&s
nBn&v
nBn,(
nBn,f
-nBn,v
nBn;
nBn;c
nBnB(
@@ -4506,7 +4225,6 @@ nBs&s
nBs&v
nBs,(
nBs,f
-nBs,v
nBs;
nBs;c
nBsB(
@@ -4538,11 +4256,7 @@ nBv&n
nBv&s
nBv&v
nBv,(
-nBv,1
nBv,f
-nBv,n
-nBv,s
-nBv,v
nBv;
nBv;c
nBvB(
@@ -4642,7 +4356,6 @@ nU(v)
nU(vo
nU1,(
nU1,f
-nU1,v
nU1c
nU1o(
nU1of
@@ -4754,7 +4467,6 @@ nUn(s
nUn(v
nUn,(
nUn,f
-nUn,v
nUn1(
nUn1,
nUn1o
@@ -4780,7 +4492,6 @@ nUonf
nUons
nUs,(
nUs,f
-nUs,v
nUsc
nUso(
nUso1
@@ -4789,11 +4500,7 @@ nUson
nUsos
nUsov
nUv,(
-nUv,1
nUv,f
-nUv,n
-nUv,s
-nUv,v
nUvc
nUvo(
nUvof
@@ -4997,24 +4704,16 @@ no(Ef
no(Ek
no(En
no(Es
-no(Et
no(Ev
no(f(
no(n&
no(n)
no(n,
no(no
-no(o(
-no(o1
-no(of
-no(on
-no(os
-no(ov
no(s&
no(s)
no(s,
no(so
-no(t(
no(v&
no(v)
no(v,
@@ -5028,7 +4727,6 @@ nof(E
nof(f
nof(n
nof(s
-nof(t
nof(v
nok&(
nok&1
@@ -5064,7 +4762,6 @@ nos&f
nos&k
nos&n
nos&s
-nos&t
nos&v
nos(E
nos(U
@@ -5079,7 +4776,6 @@ nos)k
nos)o
nos,(
nos,f
-nos,v
nos1(
nos1U
nos1f
@@ -5136,27 +4832,11 @@ noskf
noskn
nosks
noskv
-noso(
-noso1
-nosoU
-nosof
-nosok
-noson
-nosos
-nosot
-nosov
nosv(
nosvU
nosvf
nosvo
nosvs
-not(1
-not(E
-not(f
-not(n
-not(s
-not(t
-not(v
nov&(
nov&1
nov&E
@@ -5165,7 +4845,6 @@ nov&f
nov&k
nov&n
nov&s
-nov&t
nov&v
nov(E
nov(U
@@ -5179,11 +4858,7 @@ nov)c
nov)k
nov)o
nov,(
-nov,1
nov,f
-nov,n
-nov,s
-nov,v
nov;
nov;E
nov;T
@@ -5239,7 +4914,6 @@ novoU
novof
novok
novos
-novot
novs(
novs1
novsU
@@ -5292,16 +4966,6 @@ o1UEk
o1UEn
o1UEs
o1UEv
-o1o(1
-o1o(f
-o1o(n
-o1o(s
-o1o(v
-o1of(
-o1osU
-o1oso
-o1ovU
-o1ovo
oUE(1
oUE(f
oUE(n
@@ -5340,37 +5004,13 @@ onUEk
onUEn
onUEs
onUEv
-ono(1
-ono(f
-ono(n
-ono(s
-ono(v
-onof(
-onosU
-onoso
-onovU
-onovo
osUE(
osUE1
osUEf
osUEk
osUEn
osUEs
osUEv
-oso(1
-oso(f
-oso(n
-oso(s
-oso(v
-oso1U
-oso1o
-osof(
-osonU
-osono
-ososU
-ososo
-osovU
-osovo
ovUE(
ovUE1
ovUEf
@@ -5385,7 +5025,6 @@ ovo(s
ovo(v
ovof(
ovosU
-ovoso
s&(1&
s&(1)
s&(1,
@@ -5397,7 +5036,6 @@ s&(Ek
s&(En
s&(Eo
s&(Es
-s&(Et
s&(Ev
s&(f(
s&(n&
@@ -5408,7 +5046,6 @@ s&(s&
s&(s)
s&(s,
s&(so
-s&(t(
s&(v&
s&(v)
s&(v,
@@ -5494,7 +5131,6 @@ s&f(E
s&f(f
s&f(n
s&f(s
-s&f(t
s&f(v
s&k&(
s&k&1
@@ -5611,12 +5247,6 @@ s&sv
s&sv;
s&svc
s&svo
-s&t(1
-s&t(E
-s&t(f
-s&t(n
-s&t(s
-s&t(v
s&v
s&v&(
s&v&1
@@ -5837,7 +5467,6 @@ s)o(E
s)o(f
s)o(n
s)o(s
-s)o(t
s)o(v
s)o1
s)o1&
@@ -5847,7 +5476,6 @@ s)o1B
s)o1U
s)o1c
s)o1k
-s)o1o
s)of(
s)on&
s)on)
@@ -5856,7 +5484,6 @@ s)onB
s)onU
s)onc
s)onk
-s)ono
s)os
s)os&
s)os)
@@ -5865,7 +5492,6 @@ s)osB
s)osU
s)osc
s)osk
-s)oso
s)ov
s)ov&
s)ov)
@@ -5896,20 +5522,7 @@ s,f(1
s,f(f
s,f(n
s,f(s
-s,f(t
s,f(v
-s,v),
-s,v)o
-s,vB(
-s,vB1
-s,vBf
-s,vBn
-s,vBs
-s,vBv
-s,vUE
-s,vo(
-s,vof
-s,vos
s1UE
s1UE;
s1UEc
@@ -5931,7 +5544,6 @@ s1os(
s1os1
s1osU
s1osf
-s1oso
s1osv
s1ov(
s1ovU
@@ -5975,7 +5587,6 @@ s;EnT
s;Enc
s;Enk
s;Eno
-s;Eo(
s;Es,
s;Es;
s;EsT
@@ -6001,7 +5612,6 @@ s;T1c
s;T1f
s;T1k
s;T1o
-s;T1t
s;T;
s;T;c
s;TT(
@@ -6031,7 +5641,6 @@ s;Tnk
s;Tnn
s;Tno
s;Tns
-s;Tnt
s;Tnv
s;To(
s;Ts,
@@ -6041,15 +5650,13 @@ s;Tsc
s;Tsf
s;Tsk
s;Tso
-s;Tst
s;Tv,
s;Tv;
s;TvT
s;Tvc
s;Tvf
s;Tvk
s;Tvo
-s;Tvt
s;n:T
sA(f(
sA(n)
@@ -6100,7 +5707,6 @@ sB1&s
sB1&v
sB1,(
sB1,f
-sB1,v
sB1;
sB1;c
sB1B(
@@ -6143,7 +5749,6 @@ sBn&s
sBn&v
sBn,(
sBn,f
-sBn,v
sBn;
sBn;c
sBnB(
@@ -6174,7 +5779,6 @@ sBs&s
sBs&v
sBs,(
sBs,f
-sBs,v
sBs;
sBs;c
sBsB(
@@ -6206,11 +5810,7 @@ sBv&n
sBv&s
sBv&v
sBv,(
-sBv,1
sBv,f
-sBv,n
-sBv,s
-sBv,v
sBv;
sBv;c