Skip to main content

custom_filter/
custom_filter.rs

1#!/usr/bin/env cargo
2//! Custom filtering and analysis example
3//! 
4//! Run with: cargo run --example custom_filter
5
6use execheck::{analyze_files, collect_executable_files, ScanOptions, SecurityCheck};
7use std::path::PathBuf;
8
9fn main() -> Result<(), Box<dyn std::error::Error>> {
10    // Collect executable files from a directory
11    let scan_path = PathBuf::from("/usr/bin");
12    let options = ScanOptions {
13        recursive: false,
14        ..Default::default()
15    };
16    let files = collect_executable_files(&scan_path, &options)?;
17    
18    println!("Found {} executable files in {}", files.len(), scan_path.display());
19    
20    // Analyze files with the same options
21    let report = analyze_files(files, &options)?;
22    
23    // Custom filtering: find files missing stack canaries
24    let files_without_canary: Vec<&SecurityCheck> = report.files
25        .iter()
26        .filter(|check| {
27            check.checks.get("canary").map_or(false, |v| v.contains("No Canary"))
28        })
29        .collect();
30    
31    println!("\n=== Files Missing Stack Canaries ===");
32    if files_without_canary.is_empty() {
33        println!("All files have stack canary protection! ✓");
34    } else {
35        for check in files_without_canary {
36            println!("⚠️  {} ({})", check.file_path, check.file_type);
37        }
38    }
39    
40    // Custom filtering: find files with RPATH issues
41    let files_with_rpath: Vec<&SecurityCheck> = report.files
42        .iter()
43        .filter(|check| {
44            check.checks.get("rpath").map_or(false, |v| v == "RPATH") ||
45            check.checks.get("runpath").map_or(false, |v| v == "RUNPATH")
46        })
47        .collect();
48    
49    println!("\n=== Files with RPATH/RUNPATH Issues ===");
50    if files_with_rpath.is_empty() {
51        println!("No RPATH/RUNPATH issues found! ✓");
52    } else {
53        for check in files_with_rpath {
54            println!("⚠️  {} ({})", check.file_path, check.file_type);
55            if let Some(rpath) = check.checks.get("rpath") {
56                if rpath == "RPATH" {
57                    println!("    - Has RPATH");
58                }
59            }
60            if let Some(runpath) = check.checks.get("runpath") {
61                if runpath == "RUNPATH" {
62                    println!("    - Has RUNPATH");
63                }
64            }
65        }
66    }
67    
68    // Security score calculation
69    let total_checks = report.files.len();
70    let security_score = if total_checks > 0 {
71        (report.summary.secure_files as f64 / total_checks as f64) * 100.0
72    } else {
73        0.0
74    };
75    
76    println!("\n=== Security Score ===");
77    println!("Overall security score: {:.1}%", security_score);
78    println!("({}/{} files are secure)", report.summary.secure_files, total_checks);
79    
80    Ok(())
81}