1 /*
2  * Copyright (c) 2001-2002 Secure Software, Inc
3  *
4  * This program is free software; you can redistribute it and/or
5  * modify it under the terms of the GNU General Public License
6  * as published by the Free Software Foundation; either version 2
7  * of the License, or (at your option) any later version.
8  *
9  * This program is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12  * GNU General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program; if not, write to the Free Software
16  * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
17  *
18  */
19 
20 #ifndef REPORT_H
21 #define REPORT_H
22 
23 #include "vuln_db.h"
24 #include "engine.h"
25 #ifndef _MSC_VER
26 #include <sys/time.h>
27 #endif
28 
29 
30 extern int total_lines;
31 #ifdef _MSC_VER
32 extern DWORD time_started;
33 extern DWORD time_finished;
34 #else
35 extern struct timeval time_started;
36 extern struct timeval time_finished;
37 #endif
38 
39 typedef enum _type_t type_t;
40 enum _type_t
41 {
42     BOProblem,
43     FSProblem,
44     InputProblem,
45     Info,
46     RaceConditionCheck,
47     RaceConditionUse,
48     StaticLocalBuffer,
49     StaticGlobalBuffer,
50     Reference,
51     PythonBacktick,
52     PhpBacktick,
53     PerlBacktick,
54 	RubyBacktick,
55     None
56 };
57 
58 typedef struct _toctou_use_t toctou_use_t;
59 struct _toctou_use_t
60 {
61     char *  name;
62     int     lineno;
63     int	    column;
64 };
65 
66 typedef struct _vulnerability_t vulnerability_t;
67 struct _vulnerability_t
68 {
69     char *              filename;
70     int                 lineno;
71     int			column;
72     Vuln_t *            data;
73     type_t              type;
74     Severity_t          severity;
75     toctou_use_t *      uses;
76     vulnerability_t *   next;
77     vulnerability_t *   prev;
78 };
79 
80 typedef struct _input_t input_t;
81 struct _input_t
82 {
83     char *      filename;
84     int         lineno;
85     int		column;
86     Vuln_t *    data;
87     input_t *   next;
88 };
89 
90 typedef struct _ignore_t ignore_t;
91 struct _ignore_t
92 {
93     char *      filename;
94     int         lineno;
95     char *      token;  /* can be NULL */
96     ignore_t *  next;
97 };
98 
99 extern int warning_level;
100 
101 extern void         log_staticbuffer(type_t type, int, int, Severity_t);
102 extern void         log_toctou(toctou_t **, int, int, int);
103 extern void	    log_pythonbacktick(int, int,Severity_t);
104 extern void         log_perlbacktick(int, int,Severity_t);
105 extern void         log_phpbacktick(int, int,Severity_t);
106 extern void         log_rubybacktick(int, int,Severity_t);
107 extern void         log_vulnerability(type_t, Severity_t);
108 extern void         record_input(void);
109 extern void         generate_report(void);
110 extern void         generate_xml(void);
111 extern void         generate_html(void);
112 extern ignore_t *   new_ignore(int lineno, char *token);
113 
114 #endif
115