search

GaloisInc / MATE

MATE is a suite of tools for interactive program analysis with a focus on hunting for bugs in C and C++ code using Code Property Graphs.
https://galoisinc.github.io/MATE/
BSD 3-Clause "New" or "Revised" License
177 stars 12 forks source link

No POIs in vulnerable program #66

Open sherkat69 opened 8 months ago

sherkat69 commented 8 months ago

hi

i am trying to test a code with MATE:

int main(){

    int x = 1;
    if (x=0){
     x=3;
     }
    int y = x/0;

    int size = 5;
    char *src = "xxxxxxxxxx";
    int *dest = malloc(size + 1);
    memcpy(dest, src, size);

    int* alc_mem__ptr = malloc(5);
    memcpy(alc_mem__ptr, src, 9);
    free(alc_mem__ptr);
    memcpy(alc_mem__ptr, src, 9);

    return 0;
}

this code has several issues; redundancy, use after free, overflow ... but i am not getting any reports in POI or any other sections.

to make sure that i correctly installed MATE, i analyzed "authentication.c" file and two problems are shown in POI section.

p.s: how to delete the scanned project in build section?

langston-barrett commented 8 months ago

@sherkat69 MATE only checks for certain kinds of POIs (e.g., it checks for UAF but not overflow). Additionally, I wouldn't be surprised if the compiler has optimized away the straightforward UB in your program, you can check this by compiling with clang -emit-llvm and inspecting the bitcode to see if the UB is still present.

sherkat69 commented 8 months ago

is there any command to clear all previous builds?