Skip to content

Latest commit

 

History

History

CVE-2016-7911

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
.gitignore
.gitignore
 
 
2016-7911.cpp
2016-7911.cpp
 
 
README.md
README.md
 
 
build.sh
build.sh
 
 
cleanDIR.sh
cleanDIR.sh
 
 

README.md

Test

Please try to perform following command:

# setup the environment variables in the root directory of the tool
$ source tool/init_env.sh

# compile the program and get bit code
$ cd $ROOT_DIR/evaluation/ConVul-CVE-Benchmarks/CVE-2016-7911
$ ./cleanDIR.sh
$ clang -g -emit-llvm -c ./2016-7911.cpp -o 2016-7911.bc

# perform static analysis
$ $ROOT_DIR/tool/staticAnalysis/staticAnalysis.sh 2016-7911

# complie the instrumented program with ASAN
$ export Con_PATH=$ROOT_DIR/evaluation/ConVul-CVE-Benchmarks/CVE-2016-7911/ConConfig.2016-7911
$ $ROOT_DIR/tool/staticAnalysis/DBDS-INSTRU/dbds-clang-fast++ -g -fsanitize=address ./2016-7911.cpp -o 2016-7911 -lpthread -ldl

# perform DBDS
$ $ROOT_DIR/tool/DBDS/run_PDS.py -d 3 ./2016-7911

Then you will get the results.

Start Testing!
test 0001
test 0002
...

The ASAN output:

AddressSanitizer:DEADLYSIGNAL
=================================================================
==78487==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000004 (pc 0x0000004c927f bp 0x000000000000 sp 0x7f729479feb0 T1)
==78487==The signal is caused by a READ memory access.
==78487==Hint: address points to the zero page.
    #0 0x4c927e  (/ConcurrencyFuzzer/evaluation/ConVul-CVE-Benchmarks/CVE-2016-7911/2016-7911+0x4c927e)
    #1 0x4c91bf  (/ConcurrencyFuzzer/evaluation/ConVul-CVE-Benchmarks/CVE-2016-7911/2016-7911+0x4c91bf)
    #2 0x7f72983716b9  (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
    #3 0x7f72973fa4dc  (/lib/x86_64-linux-gnu/libc.so.6+0x1074dc)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/ConcurrencyFuzzer/evaluation/ConVul-CVE-Benchmarks/CVE-2016-7911/2016-7911+0x4c927e)
Thread T1 created by T0 here:
    #0 0x47f19a  (/ConcurrencyFuzzer/evaluation/ConVul-CVE-Benchmarks/CVE-2016-7911/2016-7911+0x47f19a)
    #1 0x4c9468  (/ConcurrencyFuzzer/evaluation/ConVul-CVE-Benchmarks/CVE-2016-7911/2016-7911+0x4c9468)
    #2 0x7f729731383f  (/lib/x86_64-linux-gnu/libc.so.6+0x2083f)

==78487==ABORTING

Use addr2line -e ./2016-7911 0x4c9053 to see the debug info

/ConcurrencyFuzzer/evaluation/ConVul-CVE-Benchmarks/CVE-2016-7911/./2016-7911.cpp:68