summaryrefslogtreecommitdiffhomepage
path: root/tools/nogo/check/main.go
blob: 69bdfe502159ae6702ba845fcba45acf6e96aa67 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
// Copyright 2019 The gVisor Authors.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

// Binary check is the nogo entrypoint.
package main

import (
	"encoding/json"
	"flag"
	"fmt"
	"io/ioutil"
	"log"
	"os"

	"gvisor.dev/gvisor/tools/nogo"
)

var (
	packageFile    = flag.String("package", "", "package configuration file (in JSON format)")
	stdlibFile     = flag.String("stdlib", "", "stdlib configuration file (in JSON format)")
	findingsOutput = flag.String("findings", "", "output file (or stdout, if not specified)")
	factsOutput    = flag.String("facts", "", "output file for facts (optional)")
	escapesOutput  = flag.String("escapes", "", "output file for escapes (optional)")
)

func loadConfig(file string, config interface{}) interface{} {
	// Load the configuration.
	f, err := os.Open(file)
	if err != nil {
		log.Fatalf("unable to open configuration %q: %v", file, err)
	}
	defer f.Close()
	dec := json.NewDecoder(f)
	dec.DisallowUnknownFields()
	if err := dec.Decode(config); err != nil {
		log.Fatalf("unable to decode configuration: %v", err)
	}
	return config
}

func main() {
	// Parse all flags.
	flag.Parse()

	var (
		findings []nogo.Finding
		factData []byte
		err      error
	)

	// Check & load the configuration.
	if *packageFile != "" && *stdlibFile != "" {
		log.Fatalf("unable to perform stdlib and package analysis; provide only one!")
	}

	// Run the configuration.
	if *stdlibFile != "" {
		// Perform basic analysis.
		c := loadConfig(*stdlibFile, new(nogo.StdlibConfig)).(*nogo.StdlibConfig)
		findings, factData, err = nogo.CheckStdlib(c, nogo.AllAnalyzers)

	} else if *packageFile != "" {
		// Perform basic analysis.
		c := loadConfig(*packageFile, new(nogo.PackageConfig)).(*nogo.PackageConfig)
		findings, factData, err = nogo.CheckPackage(c, nogo.AllAnalyzers, nil)

		// Do we need to do escape analysis?
		if *escapesOutput != "" {
			escapes, _, err := nogo.CheckPackage(c, nogo.EscapeAnalyzers, nil)
			if err != nil {
				log.Fatalf("error performing escape analysis: %v", err)
			}
			if err := nogo.WriteFindingsToFile(escapes, *escapesOutput); err != nil {
				log.Fatalf("error writing escapes to %q: %v", *escapesOutput, err)
			}
		}
	} else {
		log.Fatalf("please provide at least one of package or stdlib!")
	}

	// Check that analysis was successful.
	if err != nil {
		log.Fatalf("error performing analysis: %v", err)
	}

	// Save facts.
	if *factsOutput != "" {
		if err := ioutil.WriteFile(*factsOutput, factData, 0644); err != nil {
			log.Fatalf("error saving findings to %q: %v", *factsOutput, err)
		}
	}

	// Write all findings.
	if *findingsOutput != "" {
		if err := nogo.WriteFindingsToFile(findings, *findingsOutput); err != nil {
			log.Fatalf("error writing findings to %q: %v", *findingsOutput, err)
		}
	} else {
		for _, finding := range findings {
			fmt.Fprintf(os.Stdout, "%s\n", finding.String())
		}
	}
}