search

stg-tud / MUBench

Other
53 stars 30 forks source link

Add 201 parametric crypto (JCA) misuses #427

Open akwick opened 5 years ago

akwick commented 5 years ago

All misuses are listed in the dataset.yml-file (JCA-Param-All).

Removed Vidyas dataset through commit b7e53c6.

salsolatragus commented 5 years ago 
[INFO   ] Compiling project 'abixen-platform' version 99fe499...
[ERROR  ] Exception in CompileVersionTask: Failed to execute 'mvn dependency:build-classpath -DincludeScope=compile -pl :abixen-platform-web-content-service -am clean install':
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-checkstyle-plugin:2.17:check (validate) on project abixen-platform-web-content-service: Failed during checkstyle execution: Unable to find configuration file at location: ../../abixen-platform/checkstyle.xml: Could not find resource '../../abixen-platform/checkstyle.xml'. -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
[ERROR]
[ERROR] After correcting the problems, you can resume the build with the command
[ERROR]   mvn <goals> -rf :abixen-platform-web-content-service
salsolatragus commented 5 years ago 
[INFO   ] Fetching project 'openzaly' version 91bd03b from git:https://github.com/akaxincom/openzaly#91bd03be...
[ERROR  ] Exception in CheckoutTask: Failed to execute 'git clone https://github.com/akaxincom/openzaly . --quiet -c core.askpass=true': === ERROR ===
remote: Repository not found.
fatal: Authentication failed for 'https://github.com/akaxincom/openzaly/'
salsolatragus commented 5 years ago 
[INFO   ] Compiling project 'public-cms' version f2c72f0...
[ERROR  ] Exception in CompileVersionTask: Failed to execute 'mvn dependency:build-classpath -DincludeScope=compile clean compile':
[ERROR] The goal you specified requires a project to execute but there is no POM in this directory (/mubench/checkouts/public-cms/f2c72f0/build). Please verify you invoked Maven from the correct directory. -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MissingProjectException
salsolatragus commented 5 years ago 
[INFO   ] Compiling project 'symmetric-ds' version c42f0e0...
[ERROR  ] Exception in CompileVersionTask: Failed to execute 'gradle :compileJava --debug':
salsolatragus commented 5 years ago

I have build failures due to #409 for another 4 projects. The remaining projects compile fine. Now for running detectors :)

akwick commented 5 years ago

Thank you very much for preparing this Pull Request. The number of misuse examples you gathered is impressive and a huge contribution to the research community. I'm happy to accept this PR into MUBench, after cleanup.

I'm currently trying to compile the dataset. I'll report if there's any failures. Afterwards, I'll run a test experiment to ensure that all builds produce correct data for running detectors. For the time being, please find detailed comments inline and some more general comments here:

* Please improve the correct usage examples:

  1. They should be minimal examples of correct usage, corresponding to the respective misuse.
  2. They should not be copies of files from other projects, since this might violate respective licenses.
  3. They should not contain Chinese/Japanese comments, commented out code, ...

Addressed in commit 8cbfda3a119b99ccb5dc0c9ecf17e58b3c60ad48.

  • Please remove the .DS_Store files.

  • Please do not make detectors/Findbugs/configs/core-all-api-misuses.xml executable.

Findbugs

* This PR seems to contain data for a second experiment with Findbugs. Can the two be separated into two PRs?

* Please do not add a detector JAR (`Findbugs.jar`) to the benchmark. Detector jars are downloaded during runtime.

* What's the difference between `security-api-misuses.xml` and `security-api-misuse.xml`?
akwick commented 5 years ago 
[INFO   ] Compiling project 'abixen-platform' version 99fe499...
[ERROR  ] Exception in CompileVersionTask: Failed to execute 'mvn dependency:build-classpath -DincludeScope=compile -pl :abixen-platform-web-content-service -am clean install':
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-checkstyle-plugin:2.17:check (validate) on project abixen-platform-web-content-service: Failed during checkstyle execution: Unable to find configuration file at location: ../../abixen-platform/checkstyle.xml: Could not find resource '../../abixen-platform/checkstyle.xml'. -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MojoExecutionException
[ERROR]
[ERROR] After correcting the problems, you can resume the build with the command
[ERROR]   mvn <goals> -rf :abixen-platform-web-content-service

abixen-platform is already removed from the set of the projects which didn't compile currently.

akwick commented 5 years ago 
[INFO   ] Fetching project 'openzaly' version 91bd03b from git:https://github.com/akaxincom/openzaly#91bd03be...
[ERROR  ] Exception in CheckoutTask: Failed to execute 'git clone https://github.com/akaxincom/openzaly . --quiet -c core.askpass=true': === ERROR ===
remote: Repository not found.
fatal: Authentication failed for 'https://github.com/akaxincom/openzaly/'

:( I had to remove this project from the dataset in commit db6c7b228708ecffe6408d228c78bf0e3b7d4753.

akwick commented 5 years ago 
[INFO   ] Compiling project 'public-cms' version f2c72f0...
[ERROR  ] Exception in CompileVersionTask: Failed to execute 'mvn dependency:build-classpath -DincludeScope=compile clean compile':
[ERROR] The goal you specified requires a project to execute but there is no POM in this directory (/mubench/checkouts/public-cms/f2c72f0/build). Please verify you invoked Maven from the correct directory. -> [Help 1]
[ERROR]
[ERROR] To see the full stack trace of the errors, re-run Maven with the -e switch.
[ERROR] Re-run Maven using the -X switch to enable full debug logging.
[ERROR]
[ERROR] For more information about the errors and possible solutions, please read the following articles:
[ERROR] [Help 1] http://cwiki.apache.org/confluence/display/MAVEN/MissingProjectException

This issue is fixed with commit 1a58711ded05875c6232de4663b2d8714f3a99f3.

mubench> pipeline compile --only public-cms
[INFO   ] Starting benchmark...
[INFO   ] All requirements satisfied. You're good to go.
akwick commented 5 years ago 
[INFO   ] Compiling project 'symmetric-ds' version c42f0e0...
[ERROR  ] Exception in CompileVersionTask: Failed to execute 'gradle :compileJava --debug':

Fix this issue in commit 2a5971f28aa12a2da44b6f9e4379f2e5d1728157. 

mubench> pipeline compile --force-compile --only  symmetric-ds
[INFO   ] Starting benchmark...
[INFO   ] All requirements satisfied. You're good to go.
[INFO   ] Compiling project 'symmetric-ds' version c42f0e0...