cve-toolkit

CVE helper toolkit
git clone git://git.finwo.net/app/cve-toolkit
Log | Files | Refs | README | LICENSE

main.c (2627B)

      1 #include <stdio.h>
      2 #include <string.h>
      3 
      4 #include "detector/setup.h"
      5 #include "license_data.h"
      6 
      7 static void print_supported_cves(void) {
      8   fprintf(stdout, "Supported CVEs:\n");
      9   for (int i = 0; i < detector_queue_length; i++) {
     10     fprintf(stdout, "  %-30s %s\n", detector_queue[i]->name, detector_queue[i]->alias ? detector_queue[i]->alias : "");
     11   }
     12 }
     13 
     14 int main(int argc, char **argv) {
     15   setvbuf(stderr, NULL, _IONBF, 0);
     16   setvbuf(stdout, NULL, _IONBF, 0);
     17 
     18   for (int i = 1; i < argc; i++) {
     19     if (strcmp(argv[i], "-v") == 0 || strcmp(argv[i], "--verbose") == 0) {
     20       g_cve_ctx.verbose = 1;
     21     } else if (strcmp(argv[i], "-h") == 0 || strcmp(argv[i], "--help") == 0) {
     22       fprintf(stdout,
     23               "Usage: cve-toolkit [OPTIONS]\n"
     24               "\n"
     25               "Options:\n"
     26               "  (no arguments)   Run vulnerability detection\n"
     27               "  -v, --verbose    Run detection with verbose logging\n"
     28               "  -h, --help       Show this help message\n"
     29               "  --license        Print license and exit\n"
     30               "\n");
     31       print_supported_cves();
     32       fprintf(stdout,
     33               "\n"
     34               "Copyright (c) 2026 finwo\n"
     35               "https://git.finwo.net/app/cve-toolkit/file/README.md.html\n");
     36       return 0;
     37     } else if (strcmp(argv[i], "--license") == 0) {
     38       fwrite(LICENSE_md, 1, LICENSE_md_len, stdout);
     39       return 0;
     40     }
     41   }
     42 
     43   for (int i = 0; i < detector_queue_length; i++) {
     44     struct detector_queue_entry *entry  = detector_queue[i];
     45     int                          result = entry->handler(&g_cve_ctx);
     46     detector_total++;
     47     if (result == 0) {
     48       fprintf(stderr, "[pass] %s\n", entry->name);
     49       detector_pass++;
     50     } else {
     51       fprintf(stderr, "[fail] %s\n", entry->name);
     52       detector_fail++;
     53     }
     54     entry->result = result;
     55   }
     56 
     57   fprintf(stderr, "\n====[ REPORT ]====\n");
     58   fprintf(stderr, "pass: %d\n", detector_pass);
     59   fprintf(stderr, "fail: %d\n", detector_fail);
     60 
     61   fprintf(stderr, "\n====[ REMEDIATION ]====\n");
     62   for (int i = 0; i < detector_queue_length; i++) {
     63     struct detector_queue_entry *entry = detector_queue[i];
     64     if (entry->result) {
     65       fprintf(stderr, "\n");
     66       fprintf(stdout, "%s", entry->name);
     67       fprintf(stderr, ":");
     68       if (entry->alias) {
     69         fprintf(stderr, " %s", entry->alias);
     70       }
     71       fprintf(stdout, "\n");
     72       if (entry->remediation) {
     73         fprintf(stderr, "  %s\n", entry->remediation);
     74       } else {
     75         fprintf(stderr, "  No remediation suggestion available\n");
     76       }
     77     }
     78   }
     79 
     80   if (detector_fail > 0) {
     81     return 1;
     82   }
     83 
     84   return 0;
     85 }