Pedant, a static analysis tool for NASL
If you have Ruby 1.9.3+ and Rubygems installed, you can simply do:
gem install nasl-pedant
To check a script, run this:
pedant check scriptname.nasl. You can check
.inc files the same way. Multiple files can be checked at the same time.
[WARN] but there's no explanation of the problem? Try adding
This project uses Bundler.
If you have a brand-new Debian machine, do this as root:
apt-get install ruby-dev rubygems git gem install bundler
As your regular user:
git clone https://github.com/tenable/pedant cd pedant bundle install --path vendor/bundle bundle exec rake test
All the tests should pass!
To run the Pedant command line, do
bundle exec ./bin/pedant, which should give
a help message.
If you get an error like this, try prefixing your command with
/usr/lib/ruby/2.x.x/rubygems/core_ext/kernel_require.rb:NN:in `require': cannot load such file -- libname (LoadError)
- Only works for up to 5.2 code (will not fix, the
naslinterpreter can now export an AST)
- Some of the checks have inconsistent titles in terms of "truthiness"
- Iron out some of the semantics:
- Currently files are all checked independently: what should be done when
.naslfiles in one invocation?
- Currently files are all checked independently: what should be done when we're given
- Add a control-flow graph?
- Add some kind of taint tracking?