commit a8fe0d6409813695f23637bbbc2825d8609e3252
parent 2dd7720d6294a48af6f227e6d4be2e5657b79933
Author: finwo <finwo@pm.me>
Date: Fri, 8 May 2026 12:42:30 +0200
Add separate return codes for each detector
Diffstat:
3 files changed, 19 insertions(+), 4 deletions(-)
diff --git a/src/detector/cve-2026-31431.c b/src/detector/cve-2026-31431.c
@@ -24,7 +24,7 @@ int detector_cve_2026_31431(int num) {
return 0;
}
- return 1;
+ return 2;
}
__attribute__((constructor)) void detector_cve_2026_31431_setup() {
diff --git a/src/detector/dirtyfrag.c b/src/detector/dirtyfrag.c
@@ -2076,14 +2076,14 @@ int detector_dirtyfrag(int num) {
(void)num;
if (detector_su_already_patched() || detector_passwd_already_patched())
- return 1;
+ return 3;
{ /* ESP / xfrm path */
char *argv[] = {"dirtyfrag", "--corrupt-only", NULL};
if (su_lpe_main(2, argv) == 0 && detector_su_already_patched()) {
/* System is vulnerable — restore su before returning. */
revert_su();
- return 1;
+ return 3;
}
/* Backup was created by su_lpe_main; restore su to its
* original state (harmless if the binary was never corrupted). */
@@ -2096,7 +2096,7 @@ int detector_dirtyfrag(int num) {
int rc = rxrpc_lpe_main(2, argv);
unsetenv("DIRTYFRAG_CORRUPT_ONLY");
if (rc == 0 && detector_passwd_already_patched())
- return 1;
+ return 3;
}
return 0;
diff --git a/src/main.c b/src/main.c
@@ -1,8 +1,15 @@
#include <stdio.h>
+#ifndef MAX
+#define MAX(A, B) ((A) > (B) ? (A) : (B))
+#endif
+
#include "detector/setup.h"
int main() {
+ int resultcode = 0; // 0 = not vulnerable
+ // 1+ = vulnerable (returns code-1)
+
for (int i = 0; i < detector_queue_length; i++) {
struct detector_queue_entry *entry = detector_queue[i];
int result = entry->handler(i);
@@ -15,6 +22,8 @@ int main() {
detector_fail++;
}
entry->result = result;
+
+ resultcode = MAX(resultcode, result);
}
printf("\n====[ REPORT ]====\n");
@@ -39,4 +48,10 @@ int main() {
}
}
}
+
+ if (resultcode) {
+ return resultcode - 1;
+ }
+
+ return 0;
}
