Vulnerability Detection for a Single File

csl-ugent / ESSS

Static analysis tool to detect missing and incorrect error checks in C and C++ codebases without using a priori knowledge.

https://www.usenix.org/conference/usenixsecurity24/presentation/dossche

Other

8 stars 1 forks source link

Vulnerability Detection for a Single File #1

Open evangelos-bitsikas opened 1 week ago

evangelos-bitsikas commented 1 week ago

I have successfully run the full evaluation code, and it executes without issues. However, I would like to know if there is an automated method to evaluate or identify vulnerabilities in a single file (for example, OpenSSH).

nielsdos commented 1 week ago

Do I understand correctly that you want to take a single file from OpenSSH and check for bugs in that single file? There's currently no functionality like that. In the tool's output you'll have to manually filter for the right file. Excluding files from the input list is not an option because it will influence the specification inference.