Using GRaTS

GRaTS can be started in a variety of ways.
Using the included batch file is the easiest.
You can also type "perl grats.plx" into a command prompt if you have browsed to the GRaTS folder on your hard drive.

Once GRaTS has started you will be presented with a screen like the one below:

Click the "Browse" button to select a C source code file you would like to scan.

Once you have selected a file click the "Scan" button to have GRaTS begin scanning the file.
When scanning is complete you will see a screen similar to the one below:

If you click on a variable or a line number from the tree on the left information about it will be displayed on the right:
Each variable that GRaTS tracked is listed on the tree on the left. Each number under a variable is a line where that variable was located.

Clicking on the variable name itself will cause every line where that variable was found to be displayed on the right.

Clicking any individual line will display just that line.
You can also click and drag to select a group of lines, or ctrl+click to select lines that are not next to each other.

The information displayed on the right is in the format Line_Number:Line (EX 127:gets(buffer);)
Lines marked with a hash/pound symbol (#) have vulnerability information from RATS.
This is information that RATS has for the particular function that is being used in that line.

Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License