/rs/ is a Regular Expression file search tool developed to help source code audits. It allows you to find all files which' names/paths or and/or content match a (number of) regular expression(s). You can execute commands on these based on sub-matches.https://github.com/SkyLined/rs/releases/tag/20180924 …
-
Show this thread
-
i.e. `redef.cmd` will search C source for a struct/function/macro definition and output the relevant source:
@rs -r "/struct\s+%1\s*{|typedef(\s+\w+)+\s+%1\b|#define\s+%1\b|typedef\s+(\w+\s+)*\w+\**\s*\(\s*\*\s*%1\)|\w+\s*\**\s*%~1\(/" -p "/\.[ch](pp|xx)?$/i" -l -1+16 %2 %3 %41 reply 0 retweets 2 likesShow this thread -
You can also use to: * search for risky function (/strcpy|system|.../) * Search for SQL statements (/SELECT|INSERT|.../) * allocs a multiplcation that calculates size (/alloc\([^\)]+\*/), etc... * open/rename all files that match a regular expression. * etc.
1 reply 0 retweets 4 likesShow this thread -
When I start a new code review of a massive project, I've got a list of searches I use to identify code that is likely to be vulnerable to common security issues so I can look at that first. Every time I find a new variant, I update the list so I'll catch it faster next time.
2 replies 1 retweet 5 likesShow this thread
Here' the `--help` output for this tool:https://github.com/SkyLined/rs/blob/master/README.md …
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.