"""
from __future__ import division, print_function, absolute_import
-import ConfigParser
+import hashlib
+import six.moves.configparser
import os
import re
import anteater.utils.anteater_logger as antlog
-import anteater.src.get_lists as get_lists
from binaryornot.check import is_binary
+from . import get_lists
+
logger = antlog.Logger(__name__).getLogger()
-config = ConfigParser.RawConfigParser()
+config = six.moves.configparser.RawConfigParser()
config.read('anteater.conf')
reports_dir = config.get('config', 'reports_dir')
-gate_checks = config.get('config', 'gate_checks')
+master_list = config.get('config', 'master_list')
ignore_dirs = ['.git']
+hasher = hashlib.sha256()
def prepare_project(project, project_dir):
lists = get_lists.GetLists()
# Get binary white list
- binary_list, binary_project_list = lists.binary_list(project)
+ binary_list = lists.binary_list(project)
# Get file name black list and project waivers
file_audit_list, file_audit_project_list = lists.file_audit_list(project)
licence_ignore = lists.licence_ignore()
# Perform rudimentary scans
- scan_file(project_dir, project, binary_list, binary_project_list,
- file_audit_list, file_audit_project_list, file_content_list,
+ scan_file(project_dir, project, binary_list,file_audit_list,
+ file_audit_project_list, file_content_list,
project_content_list)
# Perform licence header checks
licence_root_check(project_dir, project)
-def scan_file(project_dir, project, binary_list, binary_project_list,
- file_audit_list, file_audit_project_list, file_content_list,
+def scan_file(project_dir, project, binary_list, file_audit_list,
+ file_audit_project_list, file_content_list,
project_content_list):
"""Searches for banned strings and files that are listed """
for root, dirs, files in os.walk(project_dir):
format(match.group()))
else:
# Check if Binary is whitelisted
- if not binary_list.search(full_path) \
- and not binary_project_list.search(full_path):
- logger.error('Non Whitelisted Binary: {0}'.
- format(full_path))
- with open(reports_dir + "binaries-" + project + ".log",
- "a") \
- as gate_report:
- gate_report.write('Non Whitelisted Binary: {0}\n'.
- format(full_path))
+ hashlist = get_lists.GetLists()
+ binary_hash = hashlist.binary_hash(project, full_path)
+ if not binary_list.search(full_path):
+ with open(full_path, 'rb') as afile:
+ buf = afile.read()
+ hasher.update(buf)
+ if hasher.hexdigest() in binary_hash:
+ logger.info('Found matching file hash for file: {0}'.
+ format(full_path))
+ else:
+ logger.error('Non Whitelisted Binary file: {0}'.
+ format(full_path))
+ logger.error('Please submit patch with this hash: {0}'.
+ format(hasher.hexdigest()))
+ with open(reports_dir + "binaries-" + project + ".log",
+ "a") \
+ as gate_report:
+ gate_report.write('Non Whitelisted Binary: {0}\n'.
+ format(full_path))
def licence_root_check(project_dir, project):