From 2e59a5eac6245136ce08e282eac9997c4ca29da3 Mon Sep 17 00:00:00 2001
From: Brian Davis <brian.davis@stopso.com>
Date: Mon, 22 Feb 2016 10:59:54 -0500
Subject: [PATCH] updated tests to pass on error codes from lint failures #28
---
tests/json-checks.sh | 41 ++++++++++++++++++++++++++++-------------
tests/xml-checks.sh | 41 ++++++++++++++++++++++++++++-------------
2 files changed, 56 insertions(+), 26 deletions(-)
diff --git a/tests/json-checks.sh b/tests/json-checks.sh
index 8acd07f..05aecc1 100755
--- a/tests/json-checks.sh
+++ b/tests/json-checks.sh
@@ -4,54 +4,69 @@
echo "starting proc-all check - json"
../checksec --format json --proc-all > output.json
jsonlint output.json > /dev/null
-if [ $? != 0 ]; then
+RET=$?
+if [ $RET != 0 ]; then
echo "proc-all json validation failed"
- exit
+ exit $RET
fi
#check json for kernel
echo "starting kernel check - json"
../checksec --format json --kernel > output.json
jsonlint output.json > /dev/null
-if [ $? != 0 ]; then
+RET=$?
+if [ $RET != 0 ]; then
echo "kernel json validation failed"
- exit
+ exit $RET
fi
#check json against custom kernel config to trigger all checks
echo "starting custom kernel check - json"
../checksec --format json --kernel kernel.config > output.json
jsonlint output.json > /dev/null
-if [ $? != 0 ]; then
+RET=$?
+if [ $RET != 0 ]; then
echo "custom kernel json validation failed"
- exit
+ exit $RET
fi
#check json for file
echo "starting file check - json"
../checksec --format json --file /bin/ls > output.json
jsonlint output.json > /dev/null
-if [ $? != 0 ]; then
+RET=$?
+if [ $RET != 0 ]; then
echo "file json validation failed"
- exit
+ exit $RET
fi
#check json for fortify file
echo "starting fortify-file check - json"
+if [ -f /bin/ls ]; then
../checksec --format json --fortify-file /bin/ls > output.json
-jsonlint output.json > /dev/null
-if [ $? != 0 ]; then
+elif [ -f /bin/bash ]; then
+../checksec --format json --fortify-file /bin/bash > output.json
+elif [ -f /bin/sh ]; then
+../checksec --format json --fortify-file /bin/sh > output.json
+else
+ echo "could not find valid file to test"
+ exit 255
+fi
+jsonlint output.json > /dev/null
+RET=$?
+if [ $RET != 0 ]; then
echo "fortify-file json validation failed"
- exit
+ exit $RET
fi
#check json for dir
echo "starting dir check - json"
../checksec --format json --dir /sbin > output.json
jsonlint output.json > /dev/null
-if [ $? != 0 ]; then
+RET=$?
+if [ $RET != 0 ]; then
echo "dir json validation failed"
- exit
+ exit $RET
fi
diff --git a/tests/xml-checks.sh b/tests/xml-checks.sh
index de48e67..c165085 100755
--- a/tests/xml-checks.sh
+++ b/tests/xml-checks.sh
@@ -4,54 +4,69 @@
echo "starting proc-all check - xml"
../checksec --format xml --proc-all > output.xml
xmllint --noout output.xml
-if [ $? != 0 ]; then
+RET=$?
+if [ $RET != 0 ]; then
echo "proc-all xml validation failed"
- exit
+ exit $RET
fi
#check xml for kernel
echo "starting kernel check - xml"
../checksec --format xml --kernel > output.xml
xmllint --noout output.xml
-if [ $? != 0 ]; then
+RET=$?
+if [ $RET != 0 ]; then
echo "kernel xml validation failed"
- exit
+ exit $RET
fi
#check xml against custom kernel config to trigger all checks
echo "starting custom kernel check - xml"
../checksec --format xml --kernel kernel.config > output.xml
xmllint --noout output.xml
-if [ $? != 0 ]; then
+RET=$?
+if [ $RET != 0 ]; then
echo "custom kernel xml validation failed"
- exit
+ exit $RET
fi
#check xml for file
echo "starting file check - xml"
../checksec --format xml --file /bin/ls > output.xml
xmllint --noout output.xml
-if [ $? != 0 ]; then
+RET=$?
+if [ $RET != 0 ]; then
echo "file xml validation failed"
- exit
+ exit $RET
fi
#check xml for fortify file
echo "starting fortify-file check - xml"
-../checksec --format xml --fortify-file /bin/ls > output.xml
+if [ -f /bin/ls ]; then
+../checksec --format xml --fortify-file /bin/ls > output.json
+elif [ -f /bin/bash ]; then
+../checksec --format xml --fortify-file /bin/bash > output.json
+elif [ -f /bin/sh ]; then
+../checksec --format xml --fortify-file /bin/sh > output.json
+else
+ echo "could not find valid file to test"
+ exit 255
+fi
xmllint --noout output.xml
-if [ $? != 0 ]; then
+RET=$?
+if [ $RET != 0 ]; then
echo "fortify-file xml validation failed"
- exit
+ exit $RET
fi
#check xml for dir
echo "starting dir check - xml"
../checksec --format xml --dir /sbin > output.xml
xmllint --noout output.xml
-if [ $? != 0 ]; then
+RET=$?
+if [ $RET != 0 ]; then
echo "dir xml validation failed"
- exit
+ exit $RET
fi