A SARIF viewer for the command-line.

Related tags

Command-line sarif_cli
Overview

sarif_cli

A SARIF viewer for the command-line.

Because numerous static analysis tools, such as #CodeQL and #semgrep, use the SARIF format. I decided to create a command-line application to display the alerts and learn some more Rust in the process.

At the moment this is WIP and only supports C, it may not work as expected yet.

Example

% ./target/debug/sarif_cli
Usage: ./target/debug/sarif_cli <file_path> <source_dir>
% ./target/debug/sarif_cli tests/flexarray.sarif ~/kernels/linux-5.13.12
/Users/jordy/kernels/linux-5.13.12/block/blk-map.c:32:2
================================
21: static struct bio_map_data *bio_alloc_map_data(struct iov_iter *data,
22: 					       gfp_t gfp_mask)
23: {
24: 	struct bio_map_data *bmd;
25:
26: 	if (data->nr_segs > UIO_MAXIOV)
27: 		return NULL;
28:
29: 	bmd = kmalloc(struct_size(bmd, iov, data->nr_segs), gfp_mask);
30: 	if (!bmd)
31: 		return NULL;
32: 	memcpy(bmd->iov, data->iov, sizeof(struct iovec) * data->nr_segs);
------^
ALERT: "This memcpy has a flexible-array-member as a destination: [call to memcpy](1)"
-------
33: 	bmd->iter = *data;
34: 	bmd->iter.iov = bmd->iov;
35: 	return bmd;
36: }

Todo

  • Test this on real SARIF output
  • Visualize data-flow
  • Add support for more languages
  • Clean up code
You might also like...
Pink is a command-line tool inspired by the Unix man command.

Pink is a command-line tool inspired by the Unix man command. It displays custom-formatted text pages in the terminal using a subset of HTML-like tags.

null 3 Nov 2, 2023
Checkline: checkbox line picker for stdin line input

checkline is a Unix command line interface (CLI) terminal user interface (TUI) that prompts you to check each line of stdin, to pick each line to output to stdout

SixArm 4 Dec 4, 2022
A full featured, fast Command Line Argument Parser for Rust

clap Command Line Argument Parser for Rust It is a simple-to-use, efficient, and full-featured library for parsing command line arguments and subcomma

null 10.4k Jan 10, 2023
Docopt for Rust (command line argument parser).

THIS CRATE IS UNMAINTAINED This crate is unlikely to see significant future evolution. The primary reason to choose this crate for a new project is if

null 743 Jan 1, 2023
Parse command line arguments by defining a struct.

StructOpt Parse command line arguments by defining a struct. It combines clap with custom derive. Documentation Find it on Docs.rs. You can also check

Guillaume P. 2.6k Jan 5, 2023
A command line progress reporting library for Rust
A command line progress reporting library for Rust

indicatif Documentation A Rust library for indicating progress in command line applications to users. This currently primarily provides progress bars

Armin Ronacher 3.2k Dec 30, 2022
Low-level Rust library for implementing terminal command line interface, like in embedded systems.

Terminal CLI Need to build an interactive command prompt, with commands, properties and with full autocomplete? This is for you. Example, output only

HashMismatch 47 Nov 25, 2022
⚡️ Lightning-fast and minimal calendar command line. Written in Rust 🦀
⚡️ Lightning-fast and minimal calendar command line. Written in Rust 🦀

⚡️ Lightning-fast and minimal calendar command line. It's similar to cal. Written in Rust 🦀

Arthur Henrique 36 Jan 1, 2023
Command-Line program that takes images and produces the copy of the image with a thin frame and palette made of the 10 most frequent colors.
Command-Line program that takes images and produces the copy of the image with a thin frame and palette made of the 10 most frequent colors.

paleatra v.0.0.1 Command-Line program that takes an image and produces the copy of the image with a thin frame and palette made of the 10 most frequen

Beka Modebadze 24 Dec 29, 2022
Owner
Jordy Zomer
Popping the stack all day, everyday.
Jordy Zomer
GitHub
📺(tv) Tidy Viewer is a cross-platform CLI csv pretty printer that uses column styling to maximize viewer enjoyment.

??(tv) Tidy Viewer is a cross-platform CLI csv pretty printer that uses column styling to maximize viewer enjoyment.

Alex Hallam 1.8k Jan 2, 2023
Small command-line tool to switch monitor inputs from command line

swmon Small command-line tool to switch monitor inputs from command line Installation git clone https://github.com/cr1901/swmon cargo install --path .

William D. Jones 5 Aug 20, 2022
Command-line HTTP client for sending a POST request to specified URI on each stdin line.

line2httppost Simple tool to read lines from stdin and post each line as separate POST request to a specified URL (TCP connection is reused though). G

Vitaly Shukela 3 Jan 3, 2023
Simple terminal alignment viewer

Alen Simple terminal sequence alignment viewer. What is Alen? It's a command-like program to view DNA or protein alignments in FASTA formats. Alen is

Jakob Nybo Nissen 51 Dec 19, 2022
TUI image viewer

Picterm TUI image viewer install $ cargo install picterm or $ git clone https://github.com/ksk001100/picterm $ cd picterm $ cargo install --path . usa

Keisuke Toyota 41 Dec 31, 2022
hexyl is a simple hex viewer for the terminal. It uses a colored output to distinguish different categories of bytes

hexyl is a simple hex viewer for the terminal. It uses a colored output to distinguish different categories of bytes (NULL bytes, printable ASCII characters, ASCII whitespace characters, other ASCII characters and non-ASCII).

David Peter 7.3k Dec 29, 2022
An AST viewer UI for languages with an AST.

AST Viewer UI This project was inspired by "Zoom Out": The missing feature of IDEs. I want to create a GUI with text fields, boxes, arrows, etc. and g

West 3 Dec 22, 2022
A simple cross-platform easy to use STL Viewer with GUI and CLI options

Stlvi STL viewer written in Rust. This project is still in development. It is available in both CLI and GUI mode. Supported OS Linux Windows Mac Scree

Mantresh Khurana 4 Mar 2, 2023
A ranger-like flake.lock viewer [maintainer=@figsoda]

nix-melt A ranger-like flake.lock viewer Usage nix run github:nix-community/nix-melt Usage: nix-melt [OPTIONS] [PATH] Arguments: [PATH] Path to th

Nix community projects 120 Jun 28, 2023
mhv is a minimalist hexadecimal viewer.

MHV How it works? The color legend ⬛ Null byte ?? ASCII Printable Characters ?? Space Characters ?? Control Characters ?? ASCII Extended Codes Install

Júlio César de Brito Gardona 11 Dec 3, 2023