Concurrency Attack Analysis. Right now, all the developement is under Ubuntu 16.04 LTS. Make sure you have allocated at least 4GB memory. Otherwise the LLVM linking process may run out of memory and fail.
Download the source code of LLVM 3.6.1 from the following website.
http://llvm.org/releases/download.htmlDecompress LLVM 3.6.1 source code using
tar -xvf llvm-3.6.1.src.tar.xzDownload the source code of clang 3.6.1 & Compiler RT & LLDB 3.6.1 from the following website.
http://llvm.org/releases/download.htmlDecompress clang 3.6.1 source code in the previous llvm source code folder. The path is path-to-llvm-source/tools/
tar -xvf cfe-3.6.1.src.tar.xz -C llvm-3.6.1.src/tools/
tar -xvf lldb-3.6.1.src.tar.xz -C llvm-3.6.1.src/tools/
tar -xvf compiler-rt-3.6.1.src.tar.xz -C llvm-3.6.1.src/projects/Rename the source code folder to clang and compiler-rt clang source code folder is cfe-3.6.1.src under llvm-3.6.1.src/tools/ compiler-rt source code folder is under llvm-3.6.1.src/projects
mv cfe-3.6.1.src clang
mv compiler-rt-3.6.1.src compiler-rt
mv lldb-3.6.1.src lldbGoto path-to-llvm-source, the folder name is llvm-3.6.1.src
Make sure you replace the path-to... with your own path name!!!!
cd path-to-llvm-sourceInstall the following dependencies.
sudo apt-get update
sudo apt-get install build-essential subversion python2.7-dev libedit-dev libncurses5-dev cmake inotify-tools fdupes libxml2-dev swig expectBuild LLVM together with Clang using CMake
mkdir build
cd build
cmake -DCMAKE_BUILD_TYPE=Debug ..
makeAfter this step, under path-to-llvm-source/build/bin, you'll see all the executables including clang and clang++ etc.
sudo make installCurrently, we're using whole-program-llvm to build the target project into one single llvm bitcode file. We're using whole-program-llvm as a submodule of our project. The following are the steps to set up whole-program-llvm. Other than this, we also using another git repository to reference all the source code of bugs of analyzed.
Initialize and update submodules
cd path-to-ConAnalysis-source
git submodule update --init --recursiveNow, you'll see the source code under this folder.
Setup the enviroment of whole-program-llvm whole-program-llvm will require some enviroment variable setup. You can put the following bash command into your ~/.bashrc file. Make sure you replace the path-to... with your own path name!!!!
export CONANAL_ROOT=path-to-ConAnalysis-source
alias wllvm=$CONANAL_ROOT/whole-program-llvm/wllvm
export WLLVM_HOME=$CONANAL_ROOT/whole-program-llvm
export PATH=${WLLVM_HOME}:${PATH}
export LLVM_COMPILER=clang
export WLLVM_OUTPUT=WARNINGDon't forget to update ~/.bashrc using
source ~/.bashrcor just simply open another terminal window.
Now, since you've installed all the dependencies of ConAnalysis project, you can build it now.
cd $CONANAL_ROOTmkdir build
cd build
cmake ..
makectest -R libsafeThen go to the folder contains the actual test output.
cd $CONANAL_ROOT/build/Testing/Temporary
vim LastTest.logFor each test case, there is a folder under TESTS named standard-output contains all the verified standarded output.
Or you can go to $CONANAL_ROOT/TESTS/libsafe-cve-1125 and
./run.sh no_race_detectorfor an automatic run which contains the race detection and static analysis. The output will be in
$CONANAL_ROOT/build/TESTS/libsafe-cve-1125/final*If you want to take a look at the source code of the target application, for example, apache-25520, you can go to concurrency-exploits folder to find the corresponding source code. Notice that some source code will be shown only after ./configure .
Now you have finished all the required steps. You can enjoy the hacking on our project. If you've encounted any problems, send an email to Rui Gu at rui.gu3@gmail.com or open an issue on github.