Move test scripts to tests/scripts

tests/scripts/all.sh

@@ -71,11 +71,14 @@ msg()
 # Indicative running times are given for reference.
 
 msg "test: recursion.pl" # < 1s
-scripts/recursion.pl library/*.c
+tests/scripts/recursion.pl library/*.c
 
 msg "test: freshness of generated source files" # < 1s
 tests/scripts/check-generated-files.sh
 
+msg "test: doxygen markup outside doxygen blocks" # < 1s
+tests/scripts/check-doxy-blocks.pl
+
 msg "test/build: declared and exported names" # < 3s
 cleanup
 tests/scripts/check-names.sh

tests/scripts/check-doxy-blocks.pl

@@ -0,0 +1,57 @@
+#!/usr/bin/perl
+
+# Detect comment blocks that are likely meant to be doxygen blocks but aren't.
+#
+# More precisely, look for normal comment block containing '\'.
+# Of course one could use doxygen warnings, eg with:
+#   sed -e '/EXTRACT/s/YES/NO/' doxygen/mbedtls.doxyfile | doxygen -
+# but that would warn about any undocumented item, while our goal is to find
+# items that are documented, but not marked as such by mistake.
+
+use warnings;
+use strict;
+use File::Basename;
+
+# C/header files in the following directories will be checked
+my @directories = qw(include/mbedtls library doxygen/input);
+
+# very naive pattern to find directives:
+# everything with a backslach except '\0' and backslash at EOL
+my $doxy_re = qr/\\(?!0|\n)/;
+
+sub check_file {
+    my ($fname) = @_;
+    open my $fh, '<', $fname or die "Failed to open '$fname': $!\n";
+
+    # first line of the last normal comment block,
+    # or 0 if not in a normal comment block
+    my $block_start = 0;
+    while (my $line = <$fh>) {
+        $block_start = $.   if $line =~ m/\/\*(?![*!])/;
+        $block_start = 0    if $line =~ m/\*\//;
+        if ($block_start and $line =~ m/$doxy_re/) {
+            print "$fname:$block_start: directive on line $.\n";
+            $block_start = 0; # report only one directive per block
+        }
+    }
+
+    close $fh;
+}
+
+sub check_dir {
+    my ($dirname) = @_;
+    for my $file (<$dirname/*.[ch]>) {
+        check_file($file);
+    }
+}
+
+# locate root directory based on invocation name
+my $root = dirname($0) . '/..';
+chdir $root or die "Can't chdir to '$root': $!\n";
+
+# just do it
+for my $dir (@directories) {
+    check_dir($dir)
+}
+
+__END__

tests/scripts/recursion.pl

@@ -0,0 +1,44 @@
+#!/usr/bin/perl
+
+# Find functions making recursive calls to themselves.
+# (Multiple recursion where a() calls b() which calls a() not covered.)
+#
+# When the recursion depth might depend on data controlled by the attacker in
+# an unbounded way, those functions should use interation instead.
+#
+# Typical usage: scripts/recursion.pl library/*.c
+
+use warnings;
+use strict;
+
+use utf8;
+use open qw(:std utf8);
+
+# exclude functions that are ok:
+# - mpi_write_hlp: bounded by size of mbedtls_mpi, a compile-time constant
+# - x509_crt_verify_child: bounded by MBEDTLS_X509_MAX_INTERMEDIATE_CA
+my $known_ok = qr/mpi_write_hlp|x509_crt_verify_child/;
+
+my $cur_name;
+my $inside;
+my @funcs;
+
+die "Usage: $0 file.c [...]\n" unless @ARGV;
+
+while (<>)
+{
+    if( /^[^\/#{}\s]/ && ! /\[.*]/ ) {
+        chomp( $cur_name = $_ ) unless $inside;
+    } elsif( /^{/ && $cur_name ) {
+        $inside = 1;
+        $cur_name =~ s/.* ([^ ]*)\(.*/$1/;
+    } elsif( /^}/ && $inside ) {
+        undef $inside;
+        undef $cur_name;
+    } elsif( $inside && /\b\Q$cur_name\E\([^)]/ ) {
+        push @funcs, $cur_name unless /$known_ok/;
+    }
+}
+
+print "$_\n" for @funcs;
+exit @funcs;