Commit 5ad922d2 by Thomas Barabosch Committed by Enkelmann

Adds clang as second compiler for test cases (#27)

* Added feature to compiler test cases with more than one compiler. Added clang as first examples. Fixed test cases to work with gcc

* Added acceptance tests for clang x64, adjusted Travis scripts (now
runs also unittests), install_cross_compilers installs also clang.

* Skips test for cwe415, which is broken on clang + Ubuntu 16.04

* Added feature to compiler test cases with more than one compiler. Added clang as first examples. Fixed test cases to work with gcc

* Added acceptance tests for clang x64, adjusted Travis scripts (now
runs also unittests), install_cross_compilers installs also clang.

* Skips test for cwe415, which is broken on clang + Ubuntu 16.04

* Added change to CHANGES.md

* Fixed test issue: test for json output was pre-compiler suffix.
parent 1d9991f1
#!/bin/bash
#!/bin/bash
cd test/artificial_samples/
./install_cross_compilers.sh
scons
......
#!/bin/bash
dune runtest
pytest
......@@ -2,6 +2,7 @@ dev
====
- Added more documentation to checks (PR #26)
- Added clang as another compiler for test cases, added tests for clang compiled test cases (PR #27)
- Fixed check CWE367: use symbols defined in config.json (PR #28)
- Refactoring of logging and JSON support via --json (PR #30)
- Added file output support via --out (PR #30)
......
......@@ -2,27 +2,27 @@ import os
import subprocess
def build_bap_cmd(filename, target, arch):
def build_bap_cmd(filename, target, arch, compiler):
if 'travis' in os.environ['USER']:
abs_path = os.path.abspath('test/artificial_samples/build/cwe_%s_%s.out' % (filename, arch))
abs_path = os.path.abspath('test/artificial_samples/build/cwe_%s_%s_%s.out' % (filename, arch, compiler))
cmd = 'docker run --rm -v %s:/tmp/input cwe-checker:latest bap /tmp/input --pass=cwe-checker --cwe-checker-partial=CWE%s --cwe-checker-config=/home/bap/cwe_checker/src/config.json' % (abs_path, target)
else:
cmd = 'bap test/artificial_samples/build/cwe_%s_%s.out --pass=cwe-checker --cwe-checker-partial=CWE%s --cwe-checker-config=src/config.json' % (filename, arch, target)
cmd = 'bap test/artificial_samples/build/cwe_%s_%s_%s.out --pass=cwe-checker --cwe-checker-partial=CWE%s --cwe-checker-config=src/config.json' % (filename, arch, compiler, target)
return cmd.split()
def build_bap_emulation_cmd(filename, target, arch):
def build_bap_emulation_cmd(filename, target, arch, compiler):
if 'travis' in os.environ['USER']:
abs_path = os.path.abspath('test/artificial_samples/build/cwe_%s_%s.out' % (filename, arch))
abs_path = os.path.abspath('test/artificial_samples/build/cwe_%s_%s_%s.out' % (filename, arch, compiler))
cmd = 'docker run --rm -v %s:/tmp/input cwe-checker:latest bap /tmp/input --recipe=recipes/emulation' % abs_path
else:
cmd = 'bap test/artificial_samples/build/cwe_%s_%s.out --recipe=recipes/emulation' % (filename, arch)
cmd = 'bap test/artificial_samples/build/cwe_%s_%s_%s.out --recipe=recipes/emulation' % (filename, arch, compiler)
return cmd.split()
def execute_and_check_occurence(filename, target, arch, string):
def execute_and_check_occurence(filename, target, arch, compiler, string):
occurence = 0
bap_cmd = build_bap_cmd(filename, target, arch)
bap_cmd = build_bap_cmd(filename, target, arch, compiler)
output = subprocess.check_output(bap_cmd)
for l in output.splitlines():
if string in l:
......@@ -30,9 +30,9 @@ def execute_and_check_occurence(filename, target, arch, string):
return occurence
def execute_emulation_and_check_occurence(filename, target, arch, string):
def execute_emulation_and_check_occurence(filename, target, arch, compiler, string):
occurence = 0
bap_cmd = build_bap_emulation_cmd(filename, target, arch)
bap_cmd = build_bap_emulation_cmd(filename, target, arch, compiler)
output = subprocess.check_output(bap_cmd)
for l in output.splitlines():
if string in l:
......
......@@ -8,28 +8,33 @@ class TestCwe190(unittest.TestCase):
self.target = '190'
self.string = b'Integer Overflow or Wraparound'
def test_cwe190_01_arm(self):
def test_cwe190_01_arm_gcc(self):
expect_res = 3
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe190_01_x86(self):
def test_cwe190_01_x86_gcc(self):
expect_res = 3
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe190_01_x64(self):
def test_cwe190_01_x64_gcc(self):
expect_res = 3
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe190_01_x64_clang(self):
expect_res = 3
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Depends on proper MIPS support in BAP")
def test_cwe190_01_mips(self):
def test_cwe190_01_mips_gcc(self):
expect_res = 3
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe190_01_ppc(self):
def test_cwe190_01_ppc_gcc(self):
expect_res = 3
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', 'gcc', self.string)
self.assertEqual(res, expect_res)
......@@ -9,27 +9,32 @@ class TestCwe215(unittest.TestCase):
self.filename = '476'
self.string = b'Information Exposure Through Debug Information'
def test_cwe215_01_arm(self):
def test_cwe215_01_arm_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.filename, self.target, 'arm', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.filename, self.target, 'arm', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe215_01_x86(self):
def test_cwe215_01_x86_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.filename, self.target, 'x86', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.filename, self.target, 'x86', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe215_01_x64(self):
def test_cwe215_01_x64_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.filename, self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.filename, self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe215_01_ppc(self):
def test_cwe215_01_x64_clang(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.filename, self.target, 'ppc', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.filename, self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
def test_cwe215_01_mips(self):
def test_cwe215_01_ppc_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.filename, self.target, 'mips', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.filename, self.target, 'ppc', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe215_01_mips_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.filename, self.target, 'mips', 'gcc', self.string)
self.assertEqual(res, expect_res)
......@@ -8,55 +8,65 @@ class TestCwe243(unittest.TestCase):
self.target = '243'
self.string = b'The program utilizes chroot without dropping privileges and/or changing the directory'
def test_cwe243_01_arm(self):
def test_cwe243_01_arm_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe243_01_x86(self):
def test_cwe243_01_x86_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe243_01_x64(self):
def test_cwe243_01_x64_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe243_01_ppc(self):
def test_cwe243_01_x64_clang(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
def test_cwe243_01_ppc_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Depends on proper MIPS support in BAP")
def test_cwe243_01_mips(self):
def test_cwe243_01_mips_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe243_02_arm(self):
def test_cwe243_02_arm_gcc(self):
expect_res = 0
res = cwe_checker_testlib.execute_and_check_occurence(self.target + "_clean", self.target, 'arm', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target + "_clean", self.target, 'arm', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Investigate and fix this issue")
def test_cwe243_02_x86(self):
def test_cwe243_02_x86_gcc(self):
expect_res = 0
res = cwe_checker_testlib.execute_and_check_occurence(self.target + "_clean", self.target, 'x86', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe243_02_x64_gcc(self):
expect_res = 0
res = cwe_checker_testlib.execute_and_check_occurence(self.target + "_clean", self.target, 'x86', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target + "_clean", self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe243_02_x64(self):
def test_cwe243_02_x64_clang(self):
expect_res = 0
res = cwe_checker_testlib.execute_and_check_occurence(self.target + "_clean", self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target + "_clean", self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
def test_cwe243_02_ppc(self):
def test_cwe243_02_ppc_gcc(self):
expect_res = 0
res = cwe_checker_testlib.execute_and_check_occurence(self.target + "_clean", self.target, 'ppc', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target + "_clean", self.target, 'ppc', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Depends on proper MIPS support in BAP")
def test_cwe476_02_mips(self):
def test_cwe476_02_mips_gcc(self):
expect_res = 0
res = cwe_checker_testlib.execute_and_check_occurence(self.target + "_clean", self.target, 'mips', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target + "_clean", self.target, 'mips', 'gcc', self.string)
self.assertEqual(res, expect_res)
......@@ -8,30 +8,35 @@ class TestCwe248(unittest.TestCase):
self.target = '248'
self.string = b'Possibly Uncaught Exception'
def test_cwe248_01_arm(self):
def test_cwe248_01_arm_gcc(self):
expect_res = 2
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Fix CPP compilation issue for x86")
def test_cwe248_01_x86(self):
def test_cwe248_01_x86_gcc(self):
expect_res = 2
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe248_01_x64(self):
def test_cwe248_01_x64_gcc(self):
expect_res = 2
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe248_01_x64_clang(self):
expect_res = 2
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Depends on proper MIPS support in BAP")
def test_cwe248_01_mips(self):
def test_cwe248_01_mips_gcc(self):
expect_res = 2
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("FIXME")
def test_cwe248_01_ppc(self):
def test_cwe248_01_ppc_gcc(self):
expect_res = 2
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', 'gcc', self.string)
self.assertEqual(res, expect_res)
......@@ -8,28 +8,33 @@ class TestCwe332(unittest.TestCase):
self.target = '332'
self.string = b'Insufficient Entropy in PRNG'
def test_cwe332_01_arm(self):
def test_cwe332_01_arm_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe332_01_x86(self):
def test_cwe332_01_x86_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe332_01_x64(self):
def test_cwe332_01_x64_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe332_01_x64_clang(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Depends on proper MIPS support in BAP")
def test_cwe332_01_mips(self):
def test_cwe332_01_mips_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe332_01_ppc(self):
def test_cwe332_01_ppc_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', 'gcc', self.string)
self.assertEqual(res, expect_res)
......@@ -8,28 +8,33 @@ class TestCwe367(unittest.TestCase):
self.target = '367'
self.string = b'Time-of-check Time-of-use Race Condition'
def test_cwe367_01_arm(self):
def test_cwe367_01_arm_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe367_01_x86(self):
def test_cwe367_01_x86_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe367_01_x64(self):
def test_cwe367_01_x64_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe367_01_x64_clang(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Depends on proper MIPS support in BAP")
def test_cwe367_01_mips(self):
def test_cwe367_01_mips_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe367_01_ppc(self):
def test_cwe367_01_ppc_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', 'gcc', self.string)
self.assertEqual(res, expect_res)
......@@ -8,29 +8,35 @@ class TestCwe415(unittest.TestCase):
self.target = '415'
self.string = b'Double Free'
def test_cwe415_01_arm(self):
def test_cwe415_01_arm_gcc(self):
expect_res = 5
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'arm', self.string)
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'arm', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe415_01_x86(self):
def test_cwe415_01_x86_gcc(self):
expect_res = 5
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'x86', self.string)
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'x86', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("FIXME: broken on Ubuntu 18.04 with the corresponding gcc version")
def test_cwe415_01_x64(self):
def test_cwe415_01_x64_gcc(self):
expect_res = 9
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("FIXME: broken on Ubuntu 18.04 with the corresponding clang version")
def test_cwe415_01_x64_clang(self):
expect_res = 9
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Depends on proper MIPS support in BAP")
def test_cwe415_01_mips(self):
def test_cwe415_01_mips_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'mips', self.string)
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'mips', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe415_01_ppc(self):
def test_cwe415_01_ppc_gcc(self):
expect_res = 3
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'ppc', self.string)
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'ppc', 'gcc', self.string)
self.assertEqual(res, expect_res)
......@@ -8,29 +8,35 @@ class TestCwe416(unittest.TestCase):
self.target = '416'
self.string = b'Use After Free'
def test_cwe416_01_arm(self):
def test_cwe416_01_arm_gcc(self):
expect_res = 2
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'arm', self.string)
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'arm', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe416_01_x86(self):
def test_cwe416_01_x86_gcc(self):
expect_res = 2
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'x86', self.string)
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'x86', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("FIXME: broken on Ubuntu 18.04 with the corresponding gcc version")
def test_cwe416_01_x64(self):
def test_cwe416_01_x64_gcc(self):
expect_res = 4
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("FIXME: broken on Ubuntu 18.04 with the corresponding clang version")
def test_cwe416_01_x64_clang(self):
expect_res = 4
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Depends on proper MIPS support in BAP")
def test_cwe416_01_mips(self):
def test_cwe416_01_mips_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'mips', self.string)
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'mips', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe416_01_ppc(self):
def test_cwe416_01_ppc_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'ppc', self.string)
res = cwe_checker_testlib.execute_emulation_and_check_occurence(self.target, self.target, 'ppc', 'gcc', self.string)
self.assertEqual(res, expect_res)
......@@ -8,29 +8,34 @@ class TestCwe426(unittest.TestCase):
self.target = '426'
self.string = b'Untrusted Search Path'
def test_cwe426_01_arm(self):
def test_cwe426_01_arm_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("FIXME")
def test_cwe426_01_x86(self):
def test_cwe426_01_x86_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe426_01_x64(self):
def test_cwe426_01_x64_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe426_01_x64_clang(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Depends on proper MIPS support in BAP")
def test_cwe426_01_mips(self):
def test_cwe426_01_mips_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe426_01_ppc(self):
def test_cwe426_01_ppc_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', 'gcc', self.string)
self.assertEqual(res, expect_res)
......@@ -9,31 +9,37 @@ class TestCwe457(unittest.TestCase):
self.string = b'Use of Uninitialized Variable'
@unittest.skip("FIXME")
def test_cwe457_01_arm(self):
def test_cwe457_01_arm_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("FIXME")
def test_cwe457_01_x86(self):
def test_cwe457_01_x86_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("FIXME")
def test_cwe457_01_x64(self):
def test_cwe457_01_x64_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("FIXME")
def test_cwe457_01_x64_clang(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Depends on proper MIPS support in BAP")
def test_cwe457_01_mips(self):
def test_cwe457_01_mips_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("FIXME")
def test_cwe457_01_ppc(self):
def test_cwe457_01_ppc_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', 'gcc', self.string)
self.assertEqual(res, expect_res)
......@@ -8,29 +8,34 @@ class TestCwe467(unittest.TestCase):
self.target = '467'
self.string = b'Use of sizeof on a Pointer Type'
def test_cwe467_01_arm(self):
def test_cwe467_01_arm_gcc(self):
expect_res = 2
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("FIXME")
def test_cwe467_01_x86(self):
def test_cwe467_01_x86_gcc(self):
expect_res = 2
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe467_01_x64(self):
def test_cwe467_01_x64_gcc(self):
expect_res = 2
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe467_01_x64_clang(self):
expect_res = 2
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Depends on proper MIPS support in BAP")
def test_cwe467_01_mips(self):
def test_cwe467_01_mips_gcc(self):
expect_res = 2
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe467_01_ppc(self):
def test_cwe467_01_ppc_gcc(self):
expect_res = 2
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', 'gcc', self.string)
self.assertEqual(res, expect_res)
......@@ -8,29 +8,35 @@ class TestCwe476(unittest.TestCase):
self.target = '476'
self.string = b'NULL Pointer Dereference'
def test_cwe476_01_arm(self):
def test_cwe476_01_arm_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe476_01_x86(self):
def test_cwe476_01_x86_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe476_01_x64(self):
def test_cwe476_01_x64_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("FIXME")
def test_cwe476_01_x64_clang(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Depends on proper MIPS support in BAP")
def test_cwe476_01_mips(self):
def test_cwe476_01_mips_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', 'gcc', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Fix issue in CWE476 implementation to support PPC")
def test_cwe476_01_ppc(self):
def test_cwe476_01_ppc_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', 'gcc', self.string)
self.assertEqual(res, expect_res)
......@@ -9,28 +9,33 @@ class TestCwe560(unittest.TestCase):
self.string = b'Use of umask() with chmod-style Argument'
@unittest.skip("Args of umask to not seem to be found by BAP. Investigate in the future")
def test_cwe560_01_arm(self):
def test_cwe560_01_arm_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe560_01_x86(self):
def test_cwe560_01_x86_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe560_01_x64(self):
def test_cwe560_01_x64_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe560_01_x64_clang(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Depends on proper MIPS support in BAP")
def test_cwe560_01_mips(self):
def test_cwe560_01_mips_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe560_01_ppc(self):
def test_cwe560_01_ppc_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', 'gcc', self.string)
self.assertEqual(res, expect_res)
......@@ -8,28 +8,33 @@ class TestCwe676(unittest.TestCase):
self.target = '676'
self.string = b'Use of Potentially Dangerous Function'
def test_cwe676_01_arm(self):
def test_cwe676_01_arm_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'arm', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe676_01_x86(self):
def test_cwe676_01_x86_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x86', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe676_01_x64(self):
def test_cwe676_01_x64_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe676_01_x64_clang(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
@unittest.skip("Depends on proper MIPS support in BAP")
def test_cwe676_01_mips(self):
def test_cwe676_01_mips_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'mips', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe676_01_ppc(self):
def test_cwe676_01_ppc_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'ppc', 'gcc', self.string)
self.assertEqual(res, expect_res)
......@@ -8,7 +8,12 @@ class TestCwe782(unittest.TestCase):
self.target = '782'
self.string = b'Exposed IOCTL with Insufficient Access Control'
def test_cwe782_01_x64(self):
def test_cwe782_01_x64_gcc(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', self.string)
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'gcc', self.string)
self.assertEqual(res, expect_res)
def test_cwe782_01_x64_clang(self):
expect_res = 1
res = cwe_checker_testlib.execute_and_check_occurence(self.target, self.target, 'x64', 'clang', self.string)
self.assertEqual(res, expect_res)
......@@ -7,10 +7,10 @@ class TestJson(unittest.TestCase):
def setUp(self):
if 'travis' in os.environ['USER']:
abs_path = os.path.abspath('test/artificial_samples/build/cwe_190_x64.out')
abs_path = os.path.abspath('test/artificial_samples/build/cwe_190_x64_gcc.out')
self.cmd = 'docker run --rm -v %s:/tmp/input cwe-checker:latest bap /tmp/input --pass=cwe-checker --cwe-checker-config=/home/bap/cwe_checker/src/config.json --cwe-checker-json' % abs_path
else:
self.cmd = 'bap test/artificial_samples/build/cwe_190_x64.out --pass=cwe-checker --cwe-checker-config=src/config.json --cwe-checker-json'
self.cmd = 'bap test/artificial_samples/build/cwe_190_x64_gcc.out --pass=cwe-checker --cwe-checker-config=src/config.json --cwe-checker-json'
def test_can_output_json(self):
output = subprocess.check_output(self.cmd.split())
......
......@@ -4,19 +4,19 @@ build_path = 'build'
supported_architectures = ['x64', 'x86', 'arm', 'mips', 'ppc']
c_compilers = {'x64': 'gcc',
'x86': './dockcross-linux-x86 gcc',
'arm': 'arm-linux-gnueabi-gcc',
'mips': 'mips-linux-gnu-gcc',
'ppc': 'powerpc-linux-gnu-gcc'}
c_compilers = {'x64': ['gcc', 'clang'],
'x86': ['./dockcross-linux-x86 gcc'],
'arm': ['arm-linux-gnueabi-gcc'],
'mips': ['mips-linux-gnu-gcc'],
'ppc': ['powerpc-linux-gnu-gcc']}
c_linkers = {'x86': './dockcross-linux-x86 gcc -m32'}
cpp_compilers = {'x64': 'g++',
'x86': './dockcross-linux-x86 g++',
'arm': 'arm-linux-gnueabi-g++',
'mips': 'mips-linux-gnu-g++',
'ppc': 'powerpc-linux-gnu-g++'}
cpp_compilers = {'x64': ['g++', 'clang'],
'x86': ['./dockcross-linux-x86 g++'],
'arm': ['arm-linux-gnueabi-g++'],
'mips': ['mips-linux-gnu-g++'],
'ppc': ['powerpc-linux-gnu-g++']}
c_flags = {'x64': '-g -fno-stack-protector -std=c11',
'x86': '-g -m32 -fno-stack-protector -std=c11',
......@@ -49,50 +49,59 @@ def optimize(filename):
else:
return ' -O0'
def get_compiler_abrev(compiler_name):
if 'clang' in compiler_name:
return 'clang'
else:
return 'gcc'
def compile_only_on_x64(filename, arch):
only_x64 = ['cwe_782.c']
return filename in only_x64 and arch != 'x64'
def build_c(arch):
if which(c_compilers[arch]) is not None:
def build_c(arch, compiler):
if which(compiler) is not None:
c_programs = Glob('*.c')
for p in c_programs:
if compile_only_on_x64(str(p), arch):
print('Skipping architecture %s for %s' % (arch, str(p)))
continue
env = Environment()
env['CC'] = c_compilers[arch]
env['CC'] = compiler
env['CCFLAGS'] = c_flags[arch] + optimize(str(p))
if arch in c_linkers:
env['LINK'] = c_linkers[arch]
env.Program('%s/%s_%s.out' % (build_path, str(p).split('.')[0], arch),
env.Object(target='%s/%s_%s.o' % (build_path, str(p), arch),
compiler_abrev = get_compiler_abrev(compiler)
env.Program('%s/%s_%s_%s.out' % (build_path, str(p).split('.')[0], arch, compiler_abrev),
env.Object(target='%s/%s_%s_%s.o' % (build_path, str(p), arch, compiler_abrev),
source='%s/%s' % (build_path, str(p))))
else:
print('Compiler %s for architecture %s is not installed!' % (c_compilers[arch], arch))
print('Compiler %s for architecture %s is not installed!' % (compiler, arch))
def build_cpp(arch):
if which(cpp_compilers[arch]) is not None:
def build_cpp(arch, compiler):
if which(compiler) is not None:
cpp_programs = Glob('*.cpp')
for p in cpp_programs:
env = Environment()
env['CCP'] = cpp_compilers[arch]
env['CCP'] = compiler
env['CCPFLAGS'] = cpp_flags[arch] + optimize(str(p))
if arch in c_linkers:
env['CPPLINK'] = cpp_linkers[arch]
env.Program('%s/%s_%s.out' % (build_path, str(p).split('.')[0], arch),
env.Object(target='%s/%s_%s.o' % (build_path, str(p), arch),
compiler_abrev = get_compiler_abrev(compiler)
env.Program('%s/%s_%s_%s.out' % (build_path, str(p).split('.')[0], arch, compiler_abrev),
env.Object(target='%s/%s_%s_%s.o' % (build_path, str(p), arch, compiler_abrev),
source='%s/%s' % (build_path, str(p))))
else:
print('Compiler %s for architecture %s is not installed!' % (cpp_compilers[arch], arch))
print('Compiler %s for architecture %s is not installed!' % (compiler, arch))
VariantDir(build_path, '.', duplicate=0)
for arch in supported_architectures:
print('Building for architecture %s' % arch)
build_c(arch)
build_cpp(arch)
for compiler in c_compilers[arch]:
build_c(arch, compiler)
build_cpp(arch, compiler)
......@@ -29,7 +29,7 @@ void nested_for_loop(){
free(bla);
}
void main(){
int main(){
if_statement();
for_loop();
nested_for_loop();
......
......@@ -5,7 +5,7 @@
#include <fcntl.h>
#include <string.h>
void main(){
int main(){
if (access("file", W_OK) != 0) {
exit(1);
......
......@@ -14,7 +14,7 @@ void func2(){
free(data);
}
void main() {
int main() {
func1();
func2();
......
......@@ -22,4 +22,6 @@ echo "Installing dependencies for x86 compilation"
sudo docker pull dockcross/linux-x86
sudo docker run --rm dockcross/linux-x86 > ./dockcross-linux-x86
chmod +x ./dockcross-linux-x86
echo "Installing clang for x64 architecture"
sudo apt install clang
echo "Done."
......@@ -2,7 +2,7 @@ all:
bapbundle remove cwe_checker_unit_tests.plugin
bapbuild -r -Is analysis,checkers,utils cwe_checker_unit_tests.plugin -pkgs core,alcotest,yojson,unix,ppx_jane,cwe_checker_core
bapbundle install cwe_checker_unit_tests.plugin
bap ../artificial_samples/build/arrays_x64.out --pass=cwe-checker-unit-tests
bap ../artificial_samples/build/arrays_x64_gcc.out --pass=cwe-checker-unit-tests
bapbundle remove cwe_checker_unit_tests.plugin
clean:
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment