search

NSSL-SJTU / SaTC

A prototype of Shared-keywords aware Taint Checking, a novel static analysis approach that tracks the data flow of the user input between front-end and back-end to precisely detect security vulnerabilities.
274 stars 48 forks source link

寻找时出错 #8

Open catsay217994 opened 2 years ago

catsay217994 commented 2 years ago

python satc.py -d /home/satc/xxxxx.extracted/squashfs-root -o /home/satc/res --ghidra_script=ref2sink_cmdi -b uhttpd --taint_check

提示了 ERROR REPORT: Import failed for file: /home/satc/_xxx.img.extracted/squashfs-root/etc/init.d/uhttpd (HeadlessAnalyzer)
No handlers could be found for logger "root" /home/satc/.virtualenvs/SaTC/local/lib/python2.7/site-packages/cffi/cparser.py:165: UserWarning: Global variable 'r' in cdef(): for consistency with C it should have a storage class specifier (usually 'extern') "(usually 'extern')" % (decl.name,)) Traceback (most recent call last): File "satc.py", line 293, in main() File "satc.py", line 284, in main taint_stain_analysis(bin_path, ghidra_result, args.output) File "/home/satc/SaTC/taint_check/main.py", line 129, in taint_stain_analysis conv_Ghidra_output.main(ghidra_analysis_result) File "/home/satc/SaTC/taint_check/conv_Ghidra_output.py", line 11, in main with open(filename,'r') as f: IOError: [Errno 2] No such file or directory: '/home/satc/res/ghidra_extract_result/uhttpd/uhttpd_ref2sink_bof.result'

发现他找到的是etc/init.d/uhttpd 而不是usr/sbin/uhttpd
但是参数-b不可以直接指定路径