-
Notifications
You must be signed in to change notification settings - Fork 0
lihebi/verisec-orig
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
-= Directory Structure of the Verisec Suite =- /lib contains stubs (simple implementations) of library functions in a file stubs.c which should be linked into each testcase at analysis time. It also includes two header files, stubs.h and base.h. The header file stubs.h is #included in every testcase in the suite and itself #includes base.h. The file base.h #defines the macro BASE_SZ which sets the base buffer size for all testcases. This macro can be changed either by directly modifying base.h or, if a tool supports it, by overriding it at the command line, e.g., via the -D option in SatAbs and CBMC. /programs/apps contains the testcases which are first organized into directories by program, e.g., as shown in Figure 1 below, sendmail, OpenSER, and MADWiFi. Within each directory is a README file containing a brief description of the related program. Then there is a directory for each vulnerability in the program for which we developed testcases. Each vulnerability has a README file which explains the vulnerability and briefly describes its testcases. There are typically multiple testcases capturing the vulnerability. For example, in the figure, there are two sets of testcases for the CVE-2006-6749 vulnerability in OpenSER. These testcases are partitioned into directories according to the depth of the function in the calling context of the vulnerability. For example, in the figure below, in vulnerability CVE-2006-6749, the overflow occurs in function parse_expression which is called by function parse_expression_list. Thus, the testcases in the directory parse_expression only capture the body of parse_expression, whereas the testcases in the directory parse_expression_list capture the bodies of both functions, i.e., they include some of the calling context of parse_expression. Each testcase has unsafe and safe variants, indicated by the suffixes "bad" and "ok", respectively. The vulnerable statements in unsafe variants are indicated by the comment, "/* BAD */," on the line immediately preceding the statement. The corresponding statements in safe variants are indicated by the comment, "/* OK */." Some vulnerabilities include a subdirectory "complete", which includes a testcase capturing most of the calling context of the vulnerability. -------------------------------------------------------------------------- suite/ README.verisec_suite lib/ programs/ apps/ OpenSER/ README CVE-2006-6749/ README complete/ parse_expression/ guard_random_index_bad.c guard_random_index_ok.c guard_strchr_bad.c guard_strchr_ok.c guard_strstr_bad.c guard_strstr_ok.c parse_expression_list/ sendmail/ MADWiFi/ ... Fig. 1 -- Suite directory structure. --------------------------------------------------------------------------
About
No description, website, or topics provided.
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published