search

simsong / bulk_extractor

This is the development tree. Production downloads are at:
https://github.com/simsong/bulk_extractor/releases
Other
1.04k stars 184 forks source link

AddressSanitizer identifies buffer underflow in scan_aes.cpp create_aes128_schedule() #413

Closed juliapaluch closed 1 year ago

juliapaluch commented 1 year ago

Contents of src/test-suite.log:

==============================================
   BULK_EXTRACTOR 2.0.2: src/test-suite.log
==============================================

# TOTAL: 1
# PASS:  0
# SKIP:  0
# XFAIL: 0
# FAIL:  1
# XPASS: 0
# ERROR: 0

.. contents:: :depth: 2

FAIL: test_be
=============

## output in "/var/folders/fx/kzt5c3c94_98fzrr5_9p29_c0000gq/T/be_tmp53d21982a1b8fdbf" for email
## output in "/var/folders/fx/kzt5c3c94_98fzrr5_9p29_c0000gq/T/be_tmp5eada83d8519cbb6" for email
check "./tests"
Test directory: "./tests"
## output in "/var/folders/fx/kzt5c3c94_98fzrr5_9p29_c0000gq/T/be_tmp5514bbfa35e3a2de" for pdf
## output in "/var/folders/fx/kzt5c3c94_98fzrr5_9p29_c0000gq/T/be_tmp435d019040bee458" for email
## output in "/var/folders/fx/kzt5c3c94_98fzrr5_9p29_c0000gq/T/be_tmpd17e0cfed27bda27" for exif
## output in "/var/folders/fx/kzt5c3c94_98fzrr5_9p29_c0000gq/T/be_tmp5a27c93e8240ee1f" for exif
## output in "/var/folders/fx/kzt5c3c94_98fzrr5_9p29_c0000gq/T/be_tmp9b79c92562d1242" for exif
## output in "/var/folders/fx/kzt5c3c94_98fzrr5_9p29_c0000gq/T/be_tmp3abd233e681d7f9c" for json
## output in "/var/folders/fx/kzt5c3c94_98fzrr5_9p29_c0000gq/T/be_tmp71bbf8a38751825e" for vcard_carved
## output in "/var/folders/fx/kzt5c3c94_98fzrr5_9p29_c0000gq/T/be_tmp5b85e73d2ad86a76" for wordlist
## output in "/var/folders/fx/kzt5c3c94_98fzrr5_9p29_c0000gq/T/be_tmp9fd3482253727ac7" for winprefetch
## output in "/var/folders/fx/kzt5c3c94_98fzrr5_9p29_c0000gq/T/be_tmpe8c3df2343358264" for zip
## image_fname: ram_2pages.bin outdir: "/var/folders/fx/kzt5c3c94_98fzrr5_9p29_c0000gq/T/be_tmp317ae31addb99d1"
=================================================================
==28672==ERROR: AddressSanitizer: stack-buffer-underflow on address 0x7ff7b045a02c at pc 0x00010fc84bb5 bp 0x7ff7b0459c30 sp 0x7ff7b0459c28
READ of size 4 at 0x7ff7b045a02c thread T0
    #0 0x10fc84bb4 in create_aes128_schedule(unsigned char const*, unsigned char*) scan_aes.cpp
    #1 0x11003ae32 in validate_aes128_key(unsigned char*) test_be2.cpp:308
    #2 0x11003b2e6 in ____C_A_T_C_H____T_E_S_T____4() test_be2.cpp:329
    #3 0x10febb5c2 in Catch::RunContext::invokeActiveTestCase() catch.hpp:13016
    #4 0x10feb217c in Catch::RunContext::runCurrentTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >&) catch.hpp:12989
    #5 0x10feafeba in Catch::RunContext::runTest(Catch::TestCase const&) catch.hpp:12750
    #6 0x10fec94e0 in Catch::Session::runInternal() catch.hpp:13549
    #7 0x10fec6204 in Catch::Session::run() catch.hpp:13505
    #8 0x10ff2f0d1 in main catch.hpp:17504
    #9 0x11548752d in start+0x1cd (dyld:x86_64+0x552d)

Address 0x7ff7b045a02c is located in stack of thread T0 at offset 12 in frame
    #0 0x10febb2ff in Catch::RunContext::invokeActiveTestCase() catch.hpp:13014

  This frame has 3 object(s):
    [32, 56) 'sigStack.i' (line 10928)
    [96, 112) 'sa.i' (line 10933)
    [128, 136) '_' (line 13015)
HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
      (longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-underflow scan_aes.cpp in create_aes128_schedule(unsigned char const*, unsigned char*)
Shadow bytes around the buggy address:
  0x1ffef608b3b0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x1ffef608b3c0: 00 00 f2 f2 f2 f2 f2 f2 f2 f2 00 00 00 00 00 f3
  0x1ffef608b3d0: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
  0x1ffef608b3e0: 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2 00 00 f2 f2
  0x1ffef608b3f0: 00 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
=>0x1ffef608b400: 00 00 00 00 f1[f1]f1 f1 f8 f8 f8 f2 f2 f2 f2 f2
  0x1ffef608b410: f8 f8 f2 f2 00 f3 f3 f3 00 00 00 00 00 00 00 00
  0x1ffef608b420: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00
  0x1ffef608b430: 00 00 00 00 f2 f2 f2 f2 f8 f8 f2 f2 f8 f8 f8 f8
  0x1ffef608b440: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f2 f2 f2
  0x1ffef608b450: f2 f2 f2 f2 f2 f2 f8 f2 f8 f8 f8 f2 f2 f2 f2 f2
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==28672==ABORTING

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
test_be is a Catch v2.13.6 host application.
Run with -? for options

-----------------------------------------------------------------------------------------------------------------------
schedule_aes
-----------------------------------------------------------------------------------------------------------------------
test_be2.cpp:323
.......................................................................................................................

test_be2.cpp:323: FAILED:
due to a fatal error condition:
  SIGABRT - Abort (abnormal termination) signal

=======================================================================================================================
test cases:  23 |  22 passed | 1 failed
assertions: 207 | 206 passed | 1 failed

FAIL test_be (exit status: 134)

Output of git show:

commit 59b412fb6a4e6781a9b552a95a232c74825e4063 (HEAD -> main, origin/main, origin/HEAD)
Merge: 6a18edd 1e10b9c
Author: Simson L. Garfinkel <simsong@acm.org>
Date:   Sun Apr 16 15:29:20 2023 -0400

    Merge pull request #410 from simsong/slg-dev

    update to 2.0.4

Output of ./bootstrap.sh && LDFLAGS="-fsanitize=address -fno-omit-frame-pointer" CXXFLAGS="-fsanitize=address -fno-omit-frame-pointer -g -Og" ./configure:

The bootstrap.sh is complete. Be sure to run ./configure.

configure: Compiling under .
configure: checking /usr/local/include
configure:  *** ADDING /usr/local/include to CPPFLAGS *** 
configure:  *** ADDING /usr/local/lib to LDFLAGS *** 
configure: checking /opt/local/include
configure: checking /sw/include
configure: checking /usr/local/ssl/include
configure:  CPPFLAGS =  -I/usr/local/include 
configure:  LDFLAGS = -fsanitize=address -fno-omit-frame-pointer -L/usr/local/lib 
configure: be20_api/be20_configure.m4 start
checking whether C++ compiler understands ... checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables... 
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether the compiler supports GNU C... yes
checking whether gcc accepts -g... yes
checking for gcc option to enable C11 features... none needed
checking whether gcc understands -c and -o together... yes
Adding -pthread to CXXFLAGS
checking for stdio.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for strings.h... yes
checking for sys/stat.h... yes
checking for sys/types.h... yes
checking for unistd.h... yes
checking whether byte ordering is bigendian... no
checking for dlfcn.h... yes
checking for fcntl.h... yes
checking for limits.h... yes
checking for limits/limits.h... no
checking for linux/if_ether.h... no
checking for net/ethernet.h... yes
checking for netinet/if_ether.h... yes
checking for netinet/in.h... yes
checking for pcap.h... yes
checking for pcap/pcap.h... yes
checking for sqlite3.h... yes
checking for sys/cdefs.h... yes
checking for sys/mman.h... yes
checking for sys/stat.h... (cached) yes
checking for sys/time.h... yes
checking for sys/types.h... (cached) yes
checking for sys/vmmeter.h... yes
checking for unistd.h... (cached) yes
checking for windows.h... no
checking for windows.h... (cached) no
checking for windowsx.h... no
checking for winsock2.h... no
checking for wpcap/pcap.h... no
checking for mach/mach.h... yes
checking for mach-o/dyld.h... yes
checking for gmtime_r... yes
checking for ishexnumber... yes
checking for isxdigit... yes
checking for localtime_r... yes
checking for unistd.h... no
checking for mmap... yes
checking for err... yes
checking for errx... yes
checking for warn... yes
checking for warnx... yes
checking for pread64... no
checking for pread... yes
checking for strptime... yes
checking for _lseeki64... no
checking for task_info... yes
checking for utimes... yes
checking for host_statistics64... yes
checking for sqlite3_libversion in -lsqlite3... yes
checking for sqlite3_create_function_v2... yes
checking for sysctlbyname... yes
configure: be20_api/be20_configure.m4 end
configure: dfxml_cpp/src/dfxml_configure.m4 start
checking for expat.h... yes
checking for sys/resource.h... yes
checking for sys/utsname.h... yes
checking for unistd.h... (cached) yes
checking for winsock2.h... (cached) no
checking for boost/version.hpp... yes
checking for pwd.h... yes
checking for uuid/uuid.h... yes
checking for gmtime_r... (cached) yes
checking for getuid... yes
checking for gethostname... yes
checking for getpwuid... yes
checking for getrusage... yes
checking for vasprintf... yes
configure: dfxml_cpp/src/dfxml_configure.m4 checked initial headers and funcs
checking for expat.h... (cached) yes
checking for XML_ParserCreate in -lexpat... yes
checking for git... yes
configure: git commit 85471cf-511-g59b412f-dirty
configure: dfxml_cpp/src/dfxml_configure.m4 mingw check1
configure: dfxml_cpp/src/dfxml_configure.m4 crypto check
checking for CommonCrypto/CommonDigest.h... yes
checking for gcrypt.h... no
checking for gpg_strerror in -lgpg-error... no
checking for gcry_md_open in -lgcrypt... no
checking for openssl/aes.h... no
checking for openssl/bio.h... no
checking for openssl/evp.h... no
checking for openssl/hmac.h... no
checking for openssl/md5.h... no
checking for openssl/pem.h... no
checking for openssl/rand.h... no
checking for openssl/rsa.h... no
checking for openssl/sha.h... no
checking for openssl/pem.h... (cached) no
checking for openssl/x509.h... no
checking for EVP_get_digestbyname in -lcrypto... no
checking for SSL_library_init in -lssl... no
checking for gcry_md_open... no
checking for CC_MD2_Init... yes
configure: dfxml_cpp/src/dfxml_configure.m4 end
checking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a race-free mkdir -p... ./build-aux/install-sh -c -d
checking for gawk... no
checking for mawk... no
checking for nawk... no
checking for awk... awk
checking whether make sets $(MAKE)... yes
checking whether make supports the include directive... yes (GNU style)
checking whether make supports nested variables... yes
checking dependency style of gcc... gcc3
checking whether to enable maintainer-specific portions of Makefiles... no
checking for prefix by checking for bulk_extractor... /usr/local/bin/bulk_extractor
checking for gcc... (cached) gcc
checking whether the compiler supports GNU C... (cached) yes
checking whether gcc accepts -g... (cached) yes
checking for gcc option to enable C11 features... (cached) none needed
checking whether gcc understands -c and -o together... (cached) yes
checking for g++... g++
checking whether the compiler supports GNU C++... yes
checking whether g++ accepts -g... yes
checking for g++ option to enable C++11 features... none needed
checking dependency style of g++... gcc3
checking for flex... flex
checking for lex output file root... lex.yy
checking for lex library... none needed
checking whether yytext is a pointer... yes
checking whether g++ supports C++17 features with -std=c++17... yes
checking for filesystem... yes
checking for string... yes
configure: C++ Warnings to test: -Wall -MD -Wpointer-arith     -Wshadow -Wwrite-strings -Wcast-align      -Wredundant-decls -Wdisabled-optimization     -Wfloat-equal -Wmultichar -Wmissing-noreturn     -Woverloaded-virtual -Wsign-promo     -funit-at-a-time  -Weffc++
checking whether g++ understands -Wall... yes
checking whether g++ understands -MD... yes
checking whether g++ understands -Wpointer-arith... yes
checking whether g++ understands -Wshadow... yes
checking whether g++ understands -Wwrite-strings... yes
checking whether g++ understands -Wcast-align... yes
checking whether g++ understands -Wredundant-decls... yes
checking whether g++ understands -Wdisabled-optimization... yes
checking whether g++ understands -Wfloat-equal... yes
checking whether g++ understands -Wmultichar... yes
checking whether g++ understands -Wmissing-noreturn... yes
checking whether g++ understands -Woverloaded-virtual... yes
checking whether g++ understands -Wsign-promo... yes
checking whether g++ understands -funit-at-a-time... yes
checking whether g++ understands -Weffc++... yes
configure: flex supports -R
checking for int64_t... yes
checking for special C compiler options needed for large files... no
checking for _FILE_OFFSET_BITS value needed for large files... no
checking POSIX termios... yes
checking for dlfcn.h... (cached) yes
checking for fcntl.h... (cached) yes
checking for inttypes.h... (cached) yes
checking for libgen.h... yes
checking for limits.h... (cached) yes
checking for mmap.h... no
checking for pwd.h... (cached) yes
checking for signal.h... yes
checking for stdint.h... (cached) yes
checking for sys/cdefs.h... (cached) yes
checking for curses.h... yes
checking for sys/disk.h... yes
checking for sys/fcntl.h... yes
checking for sys/ioctl.h... yes
checking for sys/mman.h... (cached) yes
checking for sys/mmap.h... no
checking for sys/mount.h... yes
checking for sys/param.h... yes
checking for sys/socket.h... yes
checking for sys/stat.h... (cached) yes
checking for sys/types.h... (cached) yes
checking for sys/time.h... (cached) yes
checking for sys/resource.h... (cached) yes
checking for sys/sysctl.h... yes
checking for sys/vmmeter.h... (cached) yes
checking for term.h... yes
checking for time.h... yes
checking for unistd.h... (cached) yes
checking for windows.h... (cached) no
checking for CoreServices/CoreServices.h... yes
checking for mach-o/dyld.h... (cached) yes
checking for getuid... (cached) yes
checking for getpwuid... (cached) yes
checking for gethostname... (cached) yes
checking for getrusage... (cached) yes
checking for gmtime_r... (cached) yes
checking for getprogname... yes
checking for isxdigit... (cached) yes
checking for ishexnumber... (cached) yes
checking for le64toh... no
checking for localtime_r... (cached) yes
checking for _lseeki64... (cached) no
checking for inet_ntop... yes
checking for ioctl... yes
checking for isatty... yes
checking for pread64... (cached) no
checking for pread... (cached) yes
checking for printf... yes
checking for mmap... (cached) yes
checking for munmap... yes
checking for MD5... no
checking for mkstemp... yes
checking for mktemp... yes
checking for sleep... yes
checking for SleepEx... no
checking for strptime... (cached) yes
checking for usleep... yes
checking for vasprintf... (cached) yes
checking for _NSGetExecutablePath... yes
checking for CreateProcess... no
checking for LoadLibrary... no
checking for IncrementAtomic... no
checking for InterlockedIncrement... no
checking for tgetstr in -ltermcap... yes
checking for dlopen in -ldl... yes
checking for dlopen... yes
checking for dlopen_preflight... yes
checking for arpa/inet.h... yes
checking for netinet/in.h... (cached) yes
checking for wsipx.h... no
checking for netinet/ip.h... yes
checking for struct winsize.ws_col... yes
checking for struct sockaddr_in.sin_len... yes
checking for uncompress in -lz... yes
checking for expat.h... (cached) yes
checking for XML_ParserCreate in -lexpat... (cached) yes
checking for main in -lstdc++... yes
configure: libewf is yes
checking for libewf.h... yes
checking for libewf_get_version in -lewf... yes
checking for libewf_handle_get_utf8_header_value_notes... no
checking for libewf_error_backtrace_fprint... yes
checking for libewf_handle_close... yes
checking for libewf_handle_free... yes
checking for libewf_handle_read_buffer_at_offset... no
checking for libewf_handle_read_random... yes
configure: libewf is now yes
configure: adding -O3 to CFLAGS and CXXFLAGS
configure: *************************************
configure: *************************************
configure:   PACKAGE_NAME:     BULK_EXTRACTOR
configure:   PACKAGE_VERSION:  2.0.4
configure:   CC:               gcc
configure:   CXX:              g++ -std=c++17
configure:   CPPFLAGS:          -I/usr/local/include -DUTC_OFFSET=+0000
configure:   CFLAGS:           -g -g -O2 -fPIC -O3
configure:   CXXFLAGS:         -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3
configure:   LIBS:             -lewf -lstdc++ -lexpat -lz -ldl -ltermcap -lexpat -lsqlite3 
configure:   LDFLAGS:          -fsanitize=address -fno-omit-frame-pointer -L/usr/local/lib
checking that generated files are newer than configure... done
configure: creating ./config.status
config.status: creating Makefile
config.status: creating doc/Makefile
config.status: creating doc/latex_manuals/Makefile
config.status: creating src/Makefile
config.status: creating src/tests/Makefile
config.status: creating man/Makefile
config.status: creating python/Makefile
config.status: creating specfiles/Makefile
config.status: creating specfiles/bulk_extractor.spec.m4
config.status: creating tests/Makefile
config.status: creating config.h
config.status: executing depfiles commands

Output of make -j8 check:

Making check in doc
make[1]: Nothing to be done for `check'.
Making check in doc/latex_manuals
make[1]: Nothing to be done for `check'.
Making check in man
make[1]: Nothing to be done for `check'.
Making check in src
depbase=`echo be20_api/feature_recorder.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT be20_api/feature_recorder.o -MD -MP -MF $depbase.Tpo -c -o be20_api/feature_recorder.o be20_api/feature_recorder.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo be20_api/feature_recorder_file.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT be20_api/feature_recorder_file.o -MD -MP -MF $depbase.Tpo -c -o be20_api/feature_recorder_file.o be20_api/feature_recorder_file.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo be20_api/feature_recorder_set.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT be20_api/feature_recorder_set.o -MD -MP -MF $depbase.Tpo -c -o be20_api/feature_recorder_set.o be20_api/feature_recorder_set.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo be20_api/feature_recorder_sql.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT be20_api/feature_recorder_sql.o -MD -MP -MF $depbase.Tpo -c -o be20_api/feature_recorder_sql.o be20_api/feature_recorder_sql.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo be20_api/path_printer.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT be20_api/path_printer.o -MD -MP -MF $depbase.Tpo -c -o be20_api/path_printer.o be20_api/path_printer.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo be20_api/pcap_fake.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT be20_api/pcap_fake.o -MD -MP -MF $depbase.Tpo -c -o be20_api/pcap_fake.o be20_api/pcap_fake.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo be20_api/sbuf.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT be20_api/sbuf.o -MD -MP -MF $depbase.Tpo -c -o be20_api/sbuf.o be20_api/sbuf.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo be20_api/sbuf_stream.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT be20_api/sbuf_stream.o -MD -MP -MF $depbase.Tpo -c -o be20_api/sbuf_stream.o be20_api/sbuf_stream.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo be20_api/scan_sha1_test.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT be20_api/scan_sha1_test.o -MD -MP -MF $depbase.Tpo -c -o be20_api/scan_sha1_test.o be20_api/scan_sha1_test.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo be20_api/scanner_config.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT be20_api/scanner_config.o -MD -MP -MF $depbase.Tpo -c -o be20_api/scanner_config.o be20_api/scanner_config.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo be20_api/scanner_params.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT be20_api/scanner_params.o -MD -MP -MF $depbase.Tpo -c -o be20_api/scanner_params.o be20_api/scanner_params.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo be20_api/scanner_set.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT be20_api/scanner_set.o -MD -MP -MF $depbase.Tpo -c -o be20_api/scanner_set.o be20_api/scanner_set.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo be20_api/threadpool.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT be20_api/threadpool.o -MD -MP -MF $depbase.Tpo -c -o be20_api/threadpool.o be20_api/threadpool.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo be20_api/utils.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT be20_api/utils.o -MD -MP -MF $depbase.Tpo -c -o be20_api/utils.o be20_api/utils.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo be20_api/word_and_context_list.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT be20_api/word_and_context_list.o -MD -MP -MF $depbase.Tpo -c -o be20_api/word_and_context_list.o be20_api/word_and_context_list.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo base64_forensic.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT base64_forensic.o -MD -MP -MF $depbase.Tpo -c -o base64_forensic.o base64_forensic.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo bulk_extractor.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT bulk_extractor.o -MD -MP -MF $depbase.Tpo -c -o bulk_extractor.o bulk_extractor.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
In file included from be20_api/scanner_set.cpp:30:
../src/be20_api/machine_stats.h:31:9: warning: 'sprintf' is deprecated: This function is provided for compatibility reasons only.  Due to security concerns inherent in the design of sprintf(3), it is highly recommended that you use snprintf(3) instead. [-Wdeprecated-declarations]
        sprintf(buf,"ps -O %ccpu %d",'%',getpid());
        ^
/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/usr/include/stdio.h:188:1: note: 'sprintf' has been explicitly marked deprecated here
__deprecated_msg("This function is provided for compatibility reasons only.  Due to security concerns inherent in the design of sprintf(3), it is highly recommended that you use snprintf(3) instead.")
^
/Library/Developer/CommandLineTools/SDKs/MacOSX.sdk/usr/include/sys/cdefs.h:215:48: note: expanded from macro '__deprecated_msg'
        #define __deprecated_msg(_msg) __attribute__((__deprecated__(_msg)))
                                                      ^
depbase=`echo image_process.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT image_process.o -MD -MP -MF $depbase.Tpo -c -o image_process.o image_process.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo notify_thread.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT notify_thread.o -MD -MP -MF $depbase.Tpo -c -o notify_thread.o notify_thread.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo phase1.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT phase1.o -MD -MP -MF $depbase.Tpo -c -o phase1.o phase1.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo sbuf_decompress.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT sbuf_decompress.o -MD -MP -MF $depbase.Tpo -c -o sbuf_decompress.o sbuf_decompress.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo bulk_extractor_scanners.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT bulk_extractor_scanners.o -MD -MP -MF $depbase.Tpo -c -o bulk_extractor_scanners.o bulk_extractor_scanners.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_aes.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_aes.o -MD -MP -MF $depbase.Tpo -c -o scan_aes.o scan_aes.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_base64.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_base64.o -MD -MP -MF $depbase.Tpo -c -o scan_base64.o scan_base64.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_ccns2.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_ccns2.o -MD -MP -MF $depbase.Tpo -c -o scan_ccns2.o scan_ccns2.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_elf.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_elf.o -MD -MP -MF $depbase.Tpo -c -o scan_elf.o scan_elf.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_evtx.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_evtx.o -MD -MP -MF $depbase.Tpo -c -o scan_evtx.o scan_evtx.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_exif.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_exif.o -MD -MP -MF $depbase.Tpo -c -o scan_exif.o scan_exif.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo exif_reader.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT exif_reader.o -MD -MP -MF $depbase.Tpo -c -o exif_reader.o exif_reader.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo exif_entry.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT exif_entry.o -MD -MP -MF $depbase.Tpo -c -o exif_entry.o exif_entry.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_exiv2.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_exiv2.o -MD -MP -MF $depbase.Tpo -c -o scan_exiv2.o scan_exiv2.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_facebook.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_facebook.o -MD -MP -MF $depbase.Tpo -c -o scan_facebook.o scan_facebook.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_find.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_find.o -MD -MP -MF $depbase.Tpo -c -o scan_find.o scan_find.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
1 warning generated.
depbase=`echo scan_gzip.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_gzip.o -MD -MP -MF $depbase.Tpo -c -o scan_gzip.o scan_gzip.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_hiberfile.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_hiberfile.o -MD -MP -MF $depbase.Tpo -c -o scan_hiberfile.o scan_hiberfile.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo pyxpress.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        gcc -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -g -O2 -fPIC -O3 -MT pyxpress.o -MD -MP -MF $depbase.Tpo -c -o pyxpress.o pyxpress.c &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_httplogs.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_httplogs.o -MD -MP -MF $depbase.Tpo -c -o scan_httplogs.o scan_httplogs.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_json.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_json.o -MD -MP -MF $depbase.Tpo -c -o scan_json.o scan_json.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_kml.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_kml.o -MD -MP -MF $depbase.Tpo -c -o scan_kml.o scan_kml.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_msxml.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_msxml.o -MD -MP -MF $depbase.Tpo -c -o scan_msxml.o scan_msxml.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_net.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_net.o -MD -MP -MF $depbase.Tpo -c -o scan_net.o scan_net.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_ntfsindx.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_ntfsindx.o -MD -MP -MF $depbase.Tpo -c -o scan_ntfsindx.o scan_ntfsindx.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_ntfslogfile.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_ntfslogfile.o -MD -MP -MF $depbase.Tpo -c -o scan_ntfslogfile.o scan_ntfslogfile.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_ntfsmft.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_ntfsmft.o -MD -MP -MF $depbase.Tpo -c -o scan_ntfsmft.o scan_ntfsmft.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_ntfsusn.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_ntfsusn.o -MD -MP -MF $depbase.Tpo -c -o scan_ntfsusn.o scan_ntfsusn.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_outlook.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_outlook.o -MD -MP -MF $depbase.Tpo -c -o scan_outlook.o scan_outlook.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_pdf.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_pdf.o -MD -MP -MF $depbase.Tpo -c -o scan_pdf.o scan_pdf.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_rar.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_rar.o -MD -MP -MF $depbase.Tpo -c -o scan_rar.o scan_rar.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_sqlite.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_sqlite.o -MD -MP -MF $depbase.Tpo -c -o scan_sqlite.o scan_sqlite.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_utmp.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_utmp.o -MD -MP -MF $depbase.Tpo -c -o scan_utmp.o scan_utmp.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_vcard.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_vcard.o -MD -MP -MF $depbase.Tpo -c -o scan_vcard.o scan_vcard.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_windirs.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_windirs.o -MD -MP -MF $depbase.Tpo -c -o scan_windirs.o scan_windirs.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_winlnk.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_winlnk.o -MD -MP -MF $depbase.Tpo -c -o scan_winlnk.o scan_winlnk.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_winpe.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_winpe.o -MD -MP -MF $depbase.Tpo -c -o scan_winpe.o scan_winpe.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_winprefetch.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_winprefetch.o -MD -MP -MF $depbase.Tpo -c -o scan_winprefetch.o scan_winprefetch.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_wordlist.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_wordlist.o -MD -MP -MF $depbase.Tpo -c -o scan_wordlist.o scan_wordlist.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_xor.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_xor.o -MD -MP -MF $depbase.Tpo -c -o scan_xor.o scan_xor.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo scan_zip.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT scan_zip.o -MD -MP -MF $depbase.Tpo -c -o scan_zip.o scan_zip.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo pcap_writer.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT pcap_writer.o -MD -MP -MF $depbase.Tpo -c -o pcap_writer.o pcap_writer.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo main.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT main.o -MD -MP -MF $depbase.Tpo -c -o main.o main.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo test_be1.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT test_be1.o -MD -MP -MF $depbase.Tpo -c -o test_be1.o test_be1.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo test_be2.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT test_be2.o -MD -MP -MF $depbase.Tpo -c -o test_be2.o test_be2.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
depbase=`echo test_be3.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
        g++ -std=c++17 -DHAVE_CONFIG_H -I. -I..  -I../src/be20_api -I../src/be20_api/utfcpp/source -I/usr/local/include -DUTC_OFFSET=+0000  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3 -MT test_be3.o -MD -MP -MF $depbase.Tpo -c -o test_be3.o test_be3.cpp &&\
        mv -f $depbase.Tpo $depbase.Po
g++ -std=c++17  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3  -fsanitize=address -fno-omit-frame-pointer -L/usr/local/lib -o bulk_extractor  be20_api/abstract_image_reader.o be20_api/atomic_unicode_histogram.o be20_api/feature_recorder.o be20_api/feature_recorder_file.o be20_api/feature_recorder_set.o be20_api/feature_recorder_sql.o be20_api/histogram_def.o be20_api/path_printer.o be20_api/pcap_fake.o be20_api/pos0.o be20_api/regex_vector.o be20_api/sbuf.o be20_api/sbuf_stream.o be20_api/scan_sha1_test.o be20_api/scanner_config.o be20_api/scanner_params.o be20_api/scanner_set.o be20_api/threadpool.o be20_api/unicode_escape.o be20_api/utils.o be20_api/word_and_context_list.o base64_forensic.o bulk_extractor.o image_process.o notify_thread.o phase1.o sbuf_decompress.o bulk_extractor_scanners.o scan_aes.o scan_base64.o scan_ccns2.o scan_elf.o scan_evtx.o scan_exif.o exif_reader.o exif_entry.o scan_exiv2.o scan_facebook.o scan_find.o scan_gzip.o scan_hiberfile.o pyxpress.o scan_httplogs.o scan_json.o scan_kml.o scan_msxml.o scan_net.o scan_ntfsindx.o scan_ntfslogfile.o scan_ntfsmft.o scan_ntfsusn.o scan_outlook.o scan_pdf.o scan_rar.o scan_sqlite.o scan_utmp.o scan_vcard.o scan_windirs.o scan_winlnk.o scan_winpe.o scan_winprefetch.o scan_wordlist.o scan_xor.o scan_zip.o pcap_writer.o scan_base16.o scan_accts.o scan_email.o scan_gps.o  rar/arccmt.o rar/archive.o rar/arcread.o rar/cmddata.o rar/coder.o rar/crc.o rar/encname.o rar/errhnd.o rar/extinfo.o rar/extract.o rar/file.o rar/filefn.o rar/filestr.o rar/getbits.o rar/global.o rar/match.o rar/model.o rar/suballoc.o rar/options.o rar/pathfn.o rar/rar.o rar/rarpch.o rar/rarvmtbl.o rar/rawread.o rar/rdwrfn.o rar/resource.o rar/rs.o rar/savepos.o rar/smallfn.o rar/strfn.o rar/strlist.o rar/system.o rar/timefn.o rar/unicode.o rar/unpack.o main.o  -lewf -lstdc++ -lexpat -lz -ldl -ltermcap -lexpat -lsqlite3 
g++ -std=c++17  -g -fsanitize=address -fno-omit-frame-pointer -g -Og -pthread -Wall -MD -Wpointer-arith -Wshadow -Wwrite-strings -Wcast-align -Wredundant-decls -Wdisabled-optimization -Wfloat-equal -Wmultichar -Wmissing-noreturn -Woverloaded-virtual -Wsign-promo -funit-at-a-time -Weffc++ -fPIC -O3  -fsanitize=address -fno-omit-frame-pointer -L/usr/local/lib -o test_be  be20_api/abstract_image_reader.o be20_api/atomic_unicode_histogram.o be20_api/feature_recorder.o be20_api/feature_recorder_file.o be20_api/feature_recorder_set.o be20_api/feature_recorder_sql.o be20_api/histogram_def.o be20_api/path_printer.o be20_api/pcap_fake.o be20_api/pos0.o be20_api/regex_vector.o be20_api/sbuf.o be20_api/sbuf_stream.o be20_api/scan_sha1_test.o be20_api/scanner_config.o be20_api/scanner_params.o be20_api/scanner_set.o be20_api/threadpool.o be20_api/unicode_escape.o be20_api/utils.o be20_api/word_and_context_list.o base64_forensic.o bulk_extractor.o image_process.o notify_thread.o phase1.o sbuf_decompress.o bulk_extractor_scanners.o scan_aes.o scan_base64.o scan_ccns2.o scan_elf.o scan_evtx.o scan_exif.o exif_reader.o exif_entry.o scan_exiv2.o scan_facebook.o scan_find.o scan_gzip.o scan_hiberfile.o pyxpress.o scan_httplogs.o scan_json.o scan_kml.o scan_msxml.o scan_net.o scan_ntfsindx.o scan_ntfslogfile.o scan_ntfsmft.o scan_ntfsusn.o scan_outlook.o scan_pdf.o scan_rar.o scan_sqlite.o scan_utmp.o scan_vcard.o scan_windirs.o scan_winlnk.o scan_winpe.o scan_winprefetch.o scan_wordlist.o scan_xor.o scan_zip.o pcap_writer.o scan_base16.o scan_accts.o scan_email.o scan_gps.o  rar/arccmt.o rar/archive.o rar/arcread.o rar/cmddata.o rar/coder.o rar/crc.o rar/encname.o rar/errhnd.o rar/extinfo.o rar/extract.o rar/file.o rar/filefn.o rar/filestr.o rar/getbits.o rar/global.o rar/match.o rar/model.o rar/suballoc.o rar/options.o rar/pathfn.o rar/rar.o rar/rarpch.o rar/rarvmtbl.o rar/rawread.o rar/rdwrfn.o rar/resource.o rar/rs.o rar/savepos.o rar/smallfn.o rar/strfn.o rar/strlist.o rar/system.o rar/timefn.o rar/unicode.o rar/unpack.o test_be1.o test_be2.o test_be3.o  -lewf -lstdc++ -lexpat -lz -ldl -ltermcap -lexpat -lsqlite3 
/Library/Developer/CommandLineTools/usr/bin/make  test_be
make[2]: `test_be' is up to date.
/Library/Developer/CommandLineTools/usr/bin/make  check-TESTS
../build-aux/test-driver: line 112: 32759 Abort trap: 6           "$@" >> "$log_file" 2>&1
FAIL: test_be
============================================================================
Testsuite summary for BULK_EXTRACTOR 2.0.4
============================================================================
# TOTAL: 1
# PASS:  0
# SKIP:  0
# XFAIL: 0
# FAIL:  1
# XPASS: 0
# ERROR: 0
============================================================================
See src/test-suite.log
Please report to bugs@digitalcorpora.org
============================================================================
make[3]: *** [test-suite.log] Error 1
make[2]: *** [check-TESTS] Error 2
make[1]: *** [check-am] Error 2
make: *** [check-recursive] Error 1
jonstewart commented 1 year ago

I get the same, not sure what it is yet.

simsong commented 1 year ago

Thanks for the report. Can you tell me what platform you are using? Specifically, which compiler and which OS?

jonstewart commented 1 year ago

I’m macOS Catalina, 10.15.7, Intel, Apple clang 12.0.0. I believe Julia has an Intel Mac, too. Let me check on my M1…

simsong commented 1 year ago

So it may be the new compiler?

simsong commented 1 year ago

Happy to report that I have replicated this on my M1 mac.

(base) simsong@Seasons bulk_extractor % src/test_be                                                                                               (slg-dev)bulk_extractor
## output in "/var/folders/hp/8jsmkdrj6cnfk_0x105st5zr0000gn/T/be_tmp3f9307f58827cbe" for email
## output in "/var/folders/hp/8jsmkdrj6cnfk_0x105st5zr0000gn/T/be_tmp55fc8dc0b351b8de" for email
check "/Users/simsong/gits/bulk_extractor/src/tests"
Test directory: "/Users/simsong/gits/bulk_extractor/src/tests"
## output in "/var/folders/hp/8jsmkdrj6cnfk_0x105st5zr0000gn/T/be_tmp873ebbe1ab07c542" for pdf
## output in "/var/folders/hp/8jsmkdrj6cnfk_0x105st5zr0000gn/T/be_tmp7fb7eca5b04d1067" for email
## output in "/var/folders/hp/8jsmkdrj6cnfk_0x105st5zr0000gn/T/be_tmpd4ca5e511ebd80d5" for exif
## output in "/var/folders/hp/8jsmkdrj6cnfk_0x105st5zr0000gn/T/be_tmp107498d013e30c3a" for exif
## output in "/var/folders/hp/8jsmkdrj6cnfk_0x105st5zr0000gn/T/be_tmp3a37008cac2f82d3" for exif
## output in "/var/folders/hp/8jsmkdrj6cnfk_0x105st5zr0000gn/T/be_tmp1dd8b2bf797e8515" for json
## output in "/var/folders/hp/8jsmkdrj6cnfk_0x105st5zr0000gn/T/be_tmpb57b7ce0365a3915" for vcard_carved
## output in "/var/folders/hp/8jsmkdrj6cnfk_0x105st5zr0000gn/T/be_tmpaf2671a1c4a01a97" for wordlist
## output in "/var/folders/hp/8jsmkdrj6cnfk_0x105st5zr0000gn/T/be_tmp9c499a58b338df3" for winprefetch
## output in "/var/folders/hp/8jsmkdrj6cnfk_0x105st5zr0000gn/T/be_tmp8b1a326b391ffe51" for zip
## image_fname: ram_2pages.bin outdir: "/var/folders/hp/8jsmkdrj6cnfk_0x105st5zr0000gn/T/be_tmpa761e9dd71566d8e"
=================================================================
==23770==ERROR: AddressSanitizer: stack-buffer-underflow on address 0x00016aef1ccc at pc 0x0001050755b4 bp 0x00016aef18d0 sp 0x00016aef18c8
READ of size 4 at 0x00016aef1ccc thread T0
    #0 0x1050755b0 in create_aes128_schedule(unsigned char const*, unsigned char*) scan_aes.cpp
    #1 0x105368090 in validate_aes128_key(unsigned char*) test_be2.cpp:308
    #2 0x1053684bc in ____C_A_T_C_H____T_E_S_T____4() test_be2.cpp:329
    #3 0x10522fbfc in Catch::RunContext::runCurrentTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&) catch.hpp:12989
    #4 0x10522dc90 in Catch::RunContext::runTest(Catch::TestCase const&) catch.hpp:12750
    #5 0x10523fb18 in Catch::Session::runInternal() catch.hpp:13549
    #6 0x10523d470 in Catch::Session::run() catch.hpp:13505
    #7 0x1052935a4 in main catch.hpp:17504
    #8 0x1a983bf24  (<unknown module>)

Address 0x00016aef1ccc is located in stack of thread T0 at offset 12 in frame
    #0 0x10522f7ac in Catch::RunContext::runCurrentTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char>>&) catch.hpp:12963

  This frame has 6 object(s):
    [32, 96) 'testCaseSection' (line 12965)
    [128, 144) 'ref.tmp.sroa.5' (line 12970)
    [160, 296) 'redirectedStreams' (line 12978)
    [368, 370) 'dummyReaction' (line 12998)
    [384, 408) 'ref.tmp38' (line 12999)
    [448, 560) 'testCaseSectionStats' (line 13010)
HINT: this may be a false positive if your program uses some custom stack unwind mechanism, swapcontext or vfork
      (longjmp and C++ exceptions *are* supported)
SUMMARY: AddressSanitizer: stack-buffer-underflow scan_aes.cpp in create_aes128_schedule(unsigned char const*, unsigned char*)
Shadow bytes around the buggy address:
  0x00702d5fe340: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
  0x00702d5fe350: 00 00 f2 f2 f2 f2 f2 f2 f2 f2 00 00 00 00 00 f3
  0x00702d5fe360: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
  0x00702d5fe370: 00 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 f2 f2
  0x00702d5fe380: 00 00 f2 f2 00 00 f3 f3 00 00 00 00 00 00 00 00
=>0x00702d5fe390: 00 00 00 00 00 00 00 00 f1[f1]f1 f1 00 00 00 00
  0x00702d5fe3a0: 00 00 00 00 f2 f2 f2 f2 f8 f8 f2 f2 f8 f8 f8 f8
  0x00702d5fe3b0: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f2 f2 f2
  0x00702d5fe3c0: f2 f2 f2 f2 f2 f2 f8 f2 f8 f8 f8 f2 f2 f2 f2 f2
  0x00702d5fe3d0: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f3 f3
  0x00702d5fe3e0: f3 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==23770==ABORTING

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
test_be is a Catch v2.13.6 host application.
Run with -? for options

-----------------------------------------------------------------------------------------------------------------------
schedule_aes
-----------------------------------------------------------------------------------------------------------------------
test_be2.cpp:323
.......................................................................................................................

test_be2.cpp:323: FAILED:
due to a fatal error condition:
  SIGABRT - Abort (abnormal termination) signal

=======================================================================================================================
test cases:  23 |  22 passed | 1 failed
assertions: 207 | 206 passed | 1 failed

zsh: abort      src/test_be
(base) simsong@Seasons bulk_extractor %                                                                                                           (slg-dev)bulk_extractor

I should have this fixed by Sunday PM.

jonstewart commented 1 year ago

Repro’d on my M1, too. Do you mind giving us a week? This looks fun to debug. :-D

simsong commented 1 year ago 
(lldb) bt
* thread #1, queue = 'com.apple.main-thread', stop reason = Stack buffer underflow
  * frame #0: 0x000000010135cd2c libclang_rt.asan_osx_dynamic.dylib`__asan::AsanDie()
    frame #1: 0x0000000101376c38 libclang_rt.asan_osx_dynamic.dylib`__sanitizer::Die() + 192
    frame #2: 0x000000010135ac2c libclang_rt.asan_osx_dynamic.dylib`__asan::ScopedInErrorReport::~ScopedInErrorReport() + 1124
    frame #3: 0x0000000101359f04 libclang_rt.asan_osx_dynamic.dylib`__asan::ReportGenericError(unsigned long, unsigned long, unsigned long, unsigned long, bool, unsigned long, unsigned int, bool) + 1460
    frame #4: 0x000000010135b9b4 libclang_rt.asan_osx_dynamic.dylib`__asan_report_load_n + 56
    frame #5: 0x00000001001695b4 test_be`create_aes128_schedule(key=<unavailable>, computed="") at scan_aes.cpp:0:1 [opt]
    frame #6: 0x000000010045c094 test_be`validate_aes128_key(key="") at test_be2.cpp:308:5 [opt]
    frame #7: 0x000000010045c4c0 test_be`____C_A_T_C_H____T_E_S_T____4() at test_be2.cpp:329:5 [opt]
    frame #8: 0x0000000100323c00 test_be`Catch::RunContext::runCurrentTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >&) [inlined] Catch::TestCase::invoke(this=<unavailable>) const at catch.hpp:14156:15 [opt]
    frame #9: 0x0000000100323bc8 test_be`Catch::RunContext::runCurrentTest(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >&, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >&) [inlined] Catch::RunContext::invokeActiveTestCase(this=0x000000016fdfe660) at catch.hpp:13016:27 [opt]
    frame #10: 0x0000000100323bac test_be`Catch::RunContext::runCurrentTest(this=0x000000016fdfe660, redirectedCout=<unavailable>, redirectedCerr=<unavailable>) at catch.hpp:12989:17 [opt]
    frame #11: 0x0000000100321c94 test_be`Catch::RunContext::runTest(this=0x000000016fdfe660, testCase=<unavailable>) at catch.hpp:12750:13 [opt]
    frame #12: 0x0000000100333b1c test_be`Catch::Session::runInternal() at catch.hpp:13343:45 [opt]
    frame #13: 0x0000000100333794 test_be`Catch::Session::runInternal(this=<unavailable>) at catch.hpp:13549:39 [opt]
    frame #14: 0x0000000100331474 test_be`Catch::Session::run(this=0x000000016fdfeca0) at catch.hpp:13505:24 [opt]
    frame #15: 0x00000001003875a8 test_be`main [inlined] int Catch::Session::run<char>(this=0x000000016fdfeca0, argc=2, argv=<unavailable>) at catch.hpp:13227:30 [opt]
    frame #16: 0x0000000100387540 test_be`main(argc=<unavailable>, argv=<unavailable>) at catch.hpp:17504:29 [opt]
    frame #17: 0x00000001a983bf28 dyld`start + 2236
(lldb)
simsong commented 1 year ago

Repro’d on my M1, too. Do you mind giving us a week? This looks fun to debug. :-D

I was really planning on working out tonight. If you want, you can have until 8am tomorrow.

simsong commented 1 year ago

Okay, I found the bug. Let me know if/when you want me to push.

jonstewart commented 1 year ago

Nuts!On Apr 28, 2023, at 9:26 PM, Simson L. Garfinkel @.***> wrote: Okay, I found the bug. Let me know if/when you want me to push.

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you commented.Message ID: @.***>

simsong commented 1 year ago

I take it that's a yes/no/maybe?

sf-jonstewart commented 1 year ago

Yup, that looks like the right fix.

I was looking forward to accepting the challenge, right after I finished watching TV, and you just went ahead and fixed it... Nuts!

simsong commented 1 year ago

If you are looking for something fun, please try one of these:

Say the word and I will happily assign them to you.

jonstewart commented 1 year ago

We're working on scan_lightgrep and stumbled across this AES issue in so doing.