- 27 Jul, 2020 1 commit
-
-
Added a simple check that prints an error message when no dynamic symbol calls could be resolved.
Melvin Klimke authored
-
- 21 Jul, 2020 1 commit
-
-
Added brand new (and still experimental) checks for CWEs 415 and 416 together with a new interprocedural data-flow analysis engine written in Rust. Add `-partial=Memory` as command line flag to try out the new checks.
Enkelmann authored
-
- 28 Apr, 2020 1 commit
-
-
Added a new symbol structure enabling more precise handling of extern symbols.
Melvin Klimke authored
-
- 05 Apr, 2020 1 commit
-
-
Add "--version" to command line options.
Enkelmann authored
-
- 04 Dec, 2019 1 commit
-
-
Added cwe_checker executable allowing shorter command line calls
Melvin Klimke authored
-
- 11 Sep, 2019 1 commit
-
-
adds check_path flag to cwe_checker for finding paths from user input functions to CWE hits.
Thomas Barabosch authored
-
- 30 Jul, 2019 1 commit
-
-
* Fixed some stuff mentioned in review; added flag --no-logging to surpress logging to STDOUT; * Changes.md
Thomas Barabosch authored
-
- 24 Jul, 2019 1 commit
-
-
* Removes old version of log_utils, prototypes for new version. * Implemented native logging * Json-Output basically working. * Added acceptance test for JSON parsing * Adds some odoc to log_utils. * Added support for file output (--cwe-checker-out) * Add acceptance test for file output
Thomas Barabosch authored
-
- 19 Jun, 2019 1 commit
-
-
* Initial version of CWE560 check * CWE560 identifies calls to umask, missing the check of the umask calls. * Initial version of CWE560 check * CWE560 identifies calls to umask, missing the check of the umask calls. * [cwe560] works for x64, fix function check_umask_call to detect on other arches * Initial version of CWE560 check * CWE560 identifies calls to umask, missing the check of the umask calls. * Initial version of CWE560 check * [cwe560] works for x64, fix function check_umask_call to detect on other arches * Now working on the other architectures * Refactored version of check for CWE 560 that work on several architectures. Added first unit tests for the checkers code base * Fixes some dune warnings. * Added CWE 560 to CHANGES.md. Fixes another dune warning. * Requested change: Private module as a wrapper for unit tests
Thomas Barabosch authored
-
- 18 Jun, 2019 1 commit
-
-
Enkelmann authored
-
- 17 Jun, 2019 1 commit
-
-
This ensures that cwe_checker is deployable with opam.
Enkelmann authored
-
- 05 Apr, 2019 1 commit
-
-
* Initial version of Type inference
Enkelmann authored
-
- 22 Feb, 2019 1 commit
-
-
* improved CWE476-check with dataflow analysis
Enkelmann authored
-
- 21 Jan, 2019 2 commits
-
-
This adds a check for CWE248: Uncaught Exception
Enkelmann authored -
--cwe-checker-partial=CWE476,CWE782 to just run the analysis for CWE476 and CWE782.
Thomas Barabosch authored
-
- 18 Jan, 2019 2 commits
-
-
Thomas Barabosch authored
-
checks. Ready to implement partial analyses.
Thomas Barabosch authored
-
- 08 Oct, 2018 1 commit
-
-
Thomas Barabosch authored
-
