Please try to perform following command:
# setup the environment variables in the root directory of the tool
$ source tool/init_env.sh
# compile the program and get bit code
$ cd $ROOT_DIR/evaluation/ConVul-CVE-Benchmarks/CVE-2009-3547
$ ./cleanDIR.sh
$ clang++ -g -emit-llvm -c ./2009-3547.cpp -o 2009-3547.bc
# perform static analysis
$ $ROOT_DIR/tool/staticAnalysis/staticAnalysis.sh 2009-3547
# complie the instrumented program with ASAN
$ export Con_PATH=$ROOT_DIR/evaluation/ConVul-CVE-Benchmarks/CVE-2009-3547/ConConfig.2009-3547
$ $ROOT_DIR/tool/staticAnalysis/DBDS-INSTRU/dbds-clang-fast++ -g -fsanitize=address ./2009-3547.cpp -o 2009-3547 -lpthread -ldl
# perform DBDS
$ $ROOT_DIR/tool/DBDS/run_PDS.py -d 1 ./2009-3547Then you will get the results.
Start Testing!
test 0001
test 0002
...The ASAN output:
AddressSanitizer:DEADLYSIGNAL
=================================================================
==1010==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000004 (pc 0x0000004c6f50 bp 0x000000000000 sp 0x7f06afbe8e60 T1)
==1010==The signal is caused by a WRITE memory access.
==1010==Hint: address points to the zero page.
#0 0x4c6f50 (/workdir/ConFuzz/evaluation/ConVul-CVE-Benchmarks/CVE-2009-3547/2009-3547+0x4c6f50)
#1 0x7f06b387f6da (/lib/x86_64-linux-gnu/libpthread.so.0+0x76da)
#2 0x7f06b285da3e (/lib/x86_64-linux-gnu/libc.so.6+0x121a3e)
AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/workdir/ConFuzz/evaluation/ConVul-CVE-Benchmarks/CVE-2009-3547/2009-3547+0x4c6f50)
Thread T1 created by T0 here:
#0 0x47fa0a (/workdir/ConFuzz/evaluation/ConVul-CVE-Benchmarks/CVE-2009-3547/2009-3547+0x47fa0a)
#1 0x4c6d9d (/workdir/ConFuzz/evaluation/ConVul-CVE-Benchmarks/CVE-2009-3547/2009-3547+0x4c6d9d)
#2 0x7f06b275db96 (/lib/x86_64-linux-gnu/libc.so.6+0x21b96)
==1010==ABORTINGUse addr2line -e ./2009-3547 0x4c6f50 to see the debug info
/workdir/ConFuzz/evaluation/ConVul-CVE-Benchmarks/CVE-2009-3547/./2009-3547.cpp:43