testing-0.1

Testing Script

Not providing the binaries
Just a convenient script, for POSIX/Linux systems (including cygwin on windows provided you have installed bash, make, git, cc/gcc, zlib, liblzma and gdb), that can download compile with debug flags, install and check with a single call.

Zlib is a temporary dependency, it will be phased out eventually.

Just download this somewhere on your computer which you don't mind littering with source, just make sure to replace ./checkswf.sh with the correct path

and then run

./checkswf.sh -r -o path/to/include/folder path/to/path path/to/swf/folder

On Most systems, path/to/include/folder would be /usr/include/
path/to/path on linux can be ~/.local/bin/ and on cygwin /usr/local/bin/

So for linux the command will be

./checkswf.sh -r -o /usr/include/ ~/.local/bin path/to/swf/folder

On Cygwin(windows)

./checkswf.sh -r -o /usr/include/ /usr/local/bin/ path/to/swf/folder

After it has been compiled once, for each version, you can simply run

./checkswf.sh path/to/swf/folder

Remember to replace path/to/swf/folder with the path to your swf folder

For windows users:

Download cygwin here

The recommend mirror to download the packages is "ftp.kr.freebsd.org"

Make sure to install the make, gcc-core, zlib, liblzma-dev and gdb packages

Download and install git here

Reporting

At the end of the script's execution, if there were any errors, it will list all the files that errored out.

And ~/.gdb/gdbtrace.log should contain the stacktrace. This is the file you should report with, alongside possibly a link to each of the swfs somewhere.

Caching

Using find everytime is slow, so you can use -cr path/to/cachefile to cache find results
and then -c path/to/cachefile to use those results.

Even on cygwin, with it's notoriously slow shell, this cuts the time taken to check everything in roughly half.

Usage

The flag must be ordered in the following order
./checkFC (-h)? (-r ( (-o) | (path/to/libswftag path/to/swfcheck) ) path/to/include/folder path/to/path)? (-c(r)? path/to/cachefile )? (-n)? (paths/to/swf)?

()? indicates that it's optional.

Generally speaking:
-h invokes this help
-r flags tells the script to recompile swfcheck
-o flags tells it to fetch repos online. If it's not specied, then the next two arguments must be the path to supported libswftag 0.1 and swfcheck 0.1 source code

-c* flag invokes the cachefile.
If the flag is only -c, then it will read the cachfile provided, otherwise (for example if it's -cr or -cwrite) it will write to the cachefile

-n disables gdb trace logging

paths/to/swf : Are the paths to swf used when either -c* is not specified, or the write version is specified
If omitted, the current directory is used

The search is recursive

The script tries to strip absolute path information that may contain compromising information, but you should double check before uploading the trace anyway.