{"id":13840033,"url":"https://github.com/snorez/srcinv","last_synced_at":"2025-07-11T07:31:58.417Z","repository":{"id":134672254,"uuid":"163363281","full_name":"snorez/srcinv","owner":"snorez","description":"source code audit tool","archived":false,"fork":false,"pushed_at":"2021-05-09T11:33:14.000Z","size":2892,"stargazers_count":48,"open_issues_count":0,"forks_count":12,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-08-05T17:24:37.389Z","etag":null,"topics":["audit","fuzzing","kernel","linux","open-source","qa"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/snorez.png","metadata":{"files":{"readme":"README.md","changelog":"ChangeLog-next","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2018-12-28T03:51:41.000Z","updated_at":"2023-09-30T13:16:57.000Z","dependencies_parsed_at":"2023-07-03T01:01:22.238Z","dependency_job_id":null,"html_url":"https://github.com/snorez/srcinv","commit_stats":null,"previous_names":[],"tags_count":15,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/snorez%2Fsrcinv","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/snorez%2Fsrcinv/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/snorez%2Fsrcinv/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/snorez%2Fsrcinv/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/snorez","download_url":"https://codeload.github.com/snorez/srcinv/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225705163,"owners_count":17511237,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["audit","fuzzing","kernel","linux","open-source","qa"],"created_at":"2024-08-04T17:00:40.974Z","updated_at":"2024-11-21T09:30:49.386Z","avatar_url":"https://github.com/snorez.png","language":"C++","readme":"# SRCINV v0.6\nSRCINV, a source code audit tool.\nTested linux-5.3.y with gcc 8.3.0, both vmlinux and single module.\n\nTwo branches: [master](https://github.com/hardenedlinux/srcinv/tree/master) and [dev](https://github.com/hardenedlinux/srcinv/tree/dev)\n\n[Implementation English doc](https://github.com/hardenedlinux/srcinv/blob/dev/doc/README_en.md)\n\n# TODO\n[TODO list](https://github.com/hardenedlinux/srcinv/blob/dev/doc/TODO.md)\n\n# How TO Fix A Bug In SRCINV\n[How-to-fix-a-bug-in-srcinv.txt](https://github.com/hardenedlinux/srcinv/blob/dev/doc/How-to-fix-a-bug-in-srcinv.txt)\n\n### Build srcinv\nDependencies to build this project:\n+\tlibncurses\n+\tlibreadline\n+\tlibcapstone\n+\t[clib: use the latest version](https://github.com/snorez/clib/)\n+\tgcc-plugin, test gcc/g++ 8.3.0\n\nAbout SELF\\_CFLAGS in the main Makefile:\n- `CLIB_PATH`: path to clib\n- `SRCINV_ROOT`: path to srcinv\n- `GCC_PLUGIN_INC`: path to gcc plugin headers folder\n- `CONFIG_ANALYSIS_THREAD`: how many threads to parse resfile\n- `CONFIG_DEBUG_MOODE`: output more messages\n- `HAVE_CLIB_DBG_FUNC`: multi-thread backtrace support\n- `USE_NCURSES`: use ncurses to show detail of each phase\n- `Wno-packed-not-aligned`: not used\n- `fno-omit-frame-pointer`: not used\n- `CONFIG_THREAD_STACKSZ`: the size of thread to parse\n- `CONFIG_ID_VALUE_BITS`: bits to represent the value of siid\n- `CONFIG_ID_TYPE_BITS`: bits to represent the type of siid\n- `CONFIG_SRC_BUF_START`: start of the src memory area, the global si pointer\n- `CONFIG_SRC_BUF_BLKSZ`: the size of each time we expand the src memory area\n- `CONFIG_SRC_BUF_END`: end of the src memory area\n- `CONFIG_RESFILE_BUF_START`: start of resfile area, where we load the resfile\n- `CONFIG_RESFILE_BUF_SIZE`: size of each time we expand resfile area\n- `CONFIG_SI_PATH_MAX`: length of src path\n- `CONFIG_SRC_ID_LEN`: length of src id\n- `CONFIG_MAX_OBJS_PER_FILE`: max objects we collect for each source file\n- `CONFIG_MAX_SIZE_PER_FILE`: max size for each source file\n- `CONFIG_SAVED_SRC`: the filename to save the src content\n- `GCC_CONTAIN_FREE_SSANAMES`: set if you want to collect the freed ssanames\n\nRun `make` and `make install`\n\n### Usage\n**NOTE**: you should modify config/module.json before you want to use a\nspecific module. e.g. you code a new module for hacking, you should add it\ninto config/module.json file before running it.\n\nI **HIGHLY RECOMMEND** you to do all the six steps, till you get the\n`src.saved` file. I still can not figure out why it fails when I try\nto skip over STEP1. So I just put it on TODO lists.\n\n- **collect**: Do this in the target project root directory, not srcinv root.\n\t- Each `make` should generate only ONE executable file.\n\t- For a project that may generate more than one executable file, you need to modify the Makefile(s), and generate them one by one.\n\t- Example, for linux kernel\n\t\t- `make mrproper`\n\t\t- `make localmodconfig` to prepare the `.config` file\n\t\t- `make EXTRA_CFLAGS+='-fplugin=/path/to/srcinv/collect/c.so -fplugin-arg-c-output=/path/to/srcinv/tmp/xxx/resfile' vmlinux -jx` to generate builtin resfile\n\t\t- `make EXTRA_CFLAGS+='-fplugin=/path/to/srcinv/collect/c.so -fplugin-arg-c-output=/path/to/srcinv/tmp/xxx/tty.resfile' -C . M=drivers/tty/ modules` to get the tty module resfile\n\n- **analysis**: in srcinv root directory, `./si_core`\n\t- `load_srcfile xxx`, xxx is the folder in srcinv/tmp where you just put the resfile(s) into\n\t- `analysis` into analysis mode\n\t- `help` list supported commands\n\t- `parse resfile 1 1 0` the first `1` is set for kernel project, the second `1` is for the core(for linux kernel, it is vmlinux; `0` for `tty.resfile`). You can also parse the resfile by:\n\t\t- `parse resfile 1 1 1`\n\t\t- `parse resfile 1 1 2`\n\t\t- `parse resfile 1 1 3`\n\t\t- `parse resfile 1 1 4`\n\t\t- `parse resfile 1 1 5`\n\t\t- `parse resfile 1 1 6`\n\n- **hacking**: do anything you want to do\n\t- in `SRCINV\u003e` mode, run `hacking`\n\t- `help` list supported commands\n\n\n\n### screenshots parsing linux kernel\n![step_1_0](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase1_0.png)\n![step_1_1](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase1_1.png)\n![step_1_2](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase1_2.png)\n![step_1_3](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase1_3.png)\n![step_1_4](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase1_4.png)\n![step_2_0](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase2_0.png)\n![step_2_1](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase2_1.png)\n![step_3_0](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase3_0.png)\n![step_3_1](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase3_1.png)\n![step_3_2](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase3_2.png)\n![step_3_3](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase3_3.png)\n![step_4_0](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase4_0.png)\n![step_4_1](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase4_1.png)\n![step_5_0](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase5_0.png)\n![step_5_1](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase5_1.png)\n![step_5_2](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase5_2.png)\n![step_6_0](https://github.com/hardenedlinux/srcinv/blob/dev/doc/phase6_0.png)\n![indcfg_0](https://github.com/hardenedlinux/srcinv/blob/dev/doc/indcfg_0.png)\n![indcfg_1](https://github.com/hardenedlinux/srcinv/blob/dev/doc/indcfg_1.png)\n\n# LICENSE\nThis project is under GPL v3 license. See the LICENSE for more details.\n","funding_links":[],"categories":["C++","C++ (225)"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsnorez%2Fsrcinv","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsnorez%2Fsrcinv","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsnorez%2Fsrcinv/lists"}