Grade: 6

Bugs

  • The program uses a function rargs_get_option_string that is not included in the code or standard libraries, leading to potential compilation errors.
  • The macro sormc and the function sormq used for database operations are not clearly defined or included, leading to potential undefined behavior.
  • The device name resolution function, resolve_device_name, uses non-standard open flags (O_RDONLY on devices that might need root access), which might not handle certain errors effectively.
  • Undefined behavior with accessing keycode_to_char when ev.code is out of bounds.

Optimizations

  • Use a more robust argument parsing library or method for flexibility and improved error handling.
  • Implement signal handling to gracefully terminate the program and close all file descriptors properly.
  • Introduce error checks after snprintf, open, and ioctl to handle all possible failure cases.
  • Optimize keycode_to_char lookup to avoid potential segmentation faults by verifying index bounds.
  • Replace repetitive printf statements that are redundant for better performance.

Good points

  • Thoroughly maps keycodes to their respective character representations, facilitating better understanding of captured events.
  • Logs keyboard events including timestamps to a database efficiently.
  • Provides informative console output for the user with detailed event information.

Summary

The code aims to capture and log keyboard events efficiently while offering some degree of user configuration for device selection. However, it suffers from missing or undefined functions and potential bugs due to unsafe access patterns. It can benefit from enhanced error handling and argument parsing to make it more robust and user-friendly. This program requires completion of the missing library functions and improvements in error checking and handling.

Open source alternatives

  • logkeys: An open-source keylogger for Linux that logs keystrokes in a similar fashion.
  • Keylogger: A Python-based keylogger using the pynput library for cross-platform keylogging.
  • Linux-dirty-injector: A more advanced tool but includes keylogging among other functionalities.