Small check for semantic unit tests (3.2)

Starting with a few simple patterns, like for checking for non-variables at left hand side like [[ LHS == $value ]]. The file is supposed be amended in the future.

This fixes #3074 for 3.2
This commit is contained in:
Dirk Wetter
2026-07-12 14:36:45 +02:00
parent eb4d8183ee
commit 5518ea9da8
2 changed files with 66 additions and 3 deletions
+63
View File
@@ -0,0 +1,63 @@
#!/usr/bin/env perl
# Basics: are there semantic errors which are easy to spot?
use strict;
use Test::More;
my $tests = 0;
my $prg="testssl.sh";
my $os="$^O";
if ( $os eq "darwin" ){
plan skip_all => 'No checks on MacOS';
}
#1
printf "\n%s\n", "Testing for missing vars at left hand side in double square brackets ...";
# I know this isn't nice but perl doesn't seem for this so great either
my @matches = `grep -n '\\[\\[ [[:alpha:]]' $prg`;
is(scalar(@matches), 0, "Checking bad '[[ LHS' patterns")
or diag(@matches);
$tests++;
# The following works only on GNU grep
#2
printf "\n%s\n", "Testing for backticks ...";
my @matches = qx(grep -nP '`[^`]*`' $prg);
is(scalar(@matches), 0, "Checking bad backtick patterns")
or diag(@matches);
$tests++;
#3
printf "\n%s\n", "Sourcing without checking the file exists #1 ...";
my @matches = qx(grep -nP '^\s*\.\s+\$' $prg);
is(scalar(@matches), 0, "Checking bad sourcing pattern #1")
or diag(@matches);
$tests++;
#4
printf "\n%s\n", "Sourcing without checking the file exists #2 ...";
my @matches = qx(grep -nP '^\s*source\s+\$' $prg);
is(scalar(@matches), 0, "Checking bad sourcing pattern #2")
or diag(@matches);
$tests++;
# We have three eval already, a) re-analyse + exempt them
#my @matches = qx(grep -nP '\beval\b' $prg);
# more would go here
printf "\n";
done_testing($tests);
# vim:ts=5:sw=5:expandtab
+3 -3
View File
@@ -433,7 +433,7 @@ KEY_EXCH_SCORE=100 # Keeps track of the score for category
CIPH_STR_BEST=0 # Keeps track of the best bit size for category 3 "Cipher Strength" CIPH_STR_BEST=0 # Keeps track of the best bit size for category 3 "Cipher Strength"
CIPH_STR_WORST=100000 # Keeps track of the worst bit size for category 3 "Cipher Strength" CIPH_STR_WORST=100000 # Keeps track of the worst bit size for category 3 "Cipher Strength"
# Intentionally set very high, so it can be set to 0, if necessary # Intentionally set very high, so it can be set to 0, if necessary
TRUSTED1ST="" # Contains the `-trusted_first` flag, if this version of openssl supports it TRUSTED1ST="" # Contains the "-trusted_first" flag, if this version of openssl supports it
########### Global variables for parallel mass testing ########### Global variables for parallel mass testing
# #
@@ -17801,7 +17801,7 @@ run_renego() {
tmp_result=2 tmp_result=2
rm -f $TEMPDIR/was_killed rm -f $TEMPDIR/was_killed
fi fi
if [[ $tmp_result -eq 1 ]] && [[ loop_reneg -eq 1 ]]; then if [[ $tmp_result -eq 1 ]] && [[ $loop_reneg -eq 1 ]]; then
tmp_result=3 tmp_result=3
fi fi
if [[ $SERVICE != HTTP ]]; then if [[ $SERVICE != HTTP ]]; then
@@ -19023,7 +19023,7 @@ run_drown() {
if [[ $(has_server_protocol ssl2) -ne 1 ]]; then if [[ $(has_server_protocol ssl2) -ne 1 ]]; then
sslv2_sockets sslv2_sockets
else else
[[ aaa == bbb ]] # provoke return code=1 false
fi fi
case $? in case $? in