ANNOUNCEMENT: Live Wireshark University & Allegro Packets online APAC Wireshark Training Session
April 17th, 2024 | 14:30-16:00 SGT (UTC+8) | Online
Wireshark logo

Wireshark-dev: Re: [Wireshark-dev] checkapi

Date Prev · Date Next · Thread Prev · Thread Next
Date Index · Thread Index · Other Months · All Mailing Lists
From: Jeff Morriss <jeff.morriss.ws@xxxxxxxxx>
Date: Fri, 22 Apr 2016 10:24:27 -0400


On Fri, Apr 22, 2016 at 3:28 AM, Graham Bloice <graham.bloice@xxxxxxxxxxxxx> wrote:
Just thinking for this for about 30 secs, is there another way?  checkAPIs seems to be a very rudimentary (not meant in any derogatory way just because it's written in Perl :_)) static code analyser.  Is there any way an actual code analyser could be used with a configuration file listing the banned API's etc.?  I guess one issue with that approach is that all the static analysers I've used are quite slow, although that's maybe because I have them turned up to 11.

There are; someone (Evan?) suggested a couple of options a few years ago but I guess no one had enough interest to do anything about it.  But either my memory is wrong or my Google-fu isn't working well today because all I'm finding is a suggestion from Sebastien way back in 2008 (I really thought it was discussed more recently than that--and with more suggestions):

https://www.wireshark.org/lists/wireshark-dev/200805/msg00128.html

Of course I doubt such tools could fully replace checkAPIs: it has a lot of custom stuff in there like ensuring various arrays are NULL terminated and that hf fields are appropriate (writing the regex to match all the hf array entries was all sorts of challenging fun :-)).

(You really should just come on over to the world of Perl; eventually you'll wonder how you ever got along without it! ;-))
Wireshark logo footer

© Wireshark Foundation · Privacy Policy

Facebook·Mastodon·Twitter·YouTube