Skip to content

Latest commit

 

History

History

CVE-2011-2183

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 
 
 
 
 

Test

Please try to perform following command:

# setup the environment variables in the root directory of the tool
$ source tool/init_env.sh

# compile the program and get bit code
$ cd $ROOT_DIR/evaluation/ConVul-CVE-Benchmarks/CVE-2011-2183
$ ./cleanDIR.sh
$ clang++ -g -emit-llvm -c ./2011-2183.cpp -o 2011-2183.bc

# perform static analysis
$ $ROOT_DIR/tool/staticAnalysis/staticAnalysis.sh 2011-2183

# complie the instrumented program with ASAN
$ export Con_PATH=$ROOT_DIR/evaluation/ConVul-CVE-Benchmarks/CVE-2011-2183/ConConfig.2011-2183
$ $ROOT_DIR/tool/staticAnalysis/DBDS-INSTRU/dbds-clang-fast++ -g -fsanitize=address ./2011-2183.cpp -o 2011-2183 -lpthread -ldl


# perform DBDS
$ $ROOT_DIR/tool/DBDS/run_PDS.py -d 2 ./2011-2183

Then you will get the results.

Start Testing!
test 0001
test 0002
...

The ASAN output:

AddressSanitizer:DEADLYSIGNAL
=================================================================
==1184==ERROR: AddressSanitizer: SEGV on unknown address 0x000000000000 (pc 0x0000004ca407 bp 0x000000204f79 sp 0x7f1e85311df0 T1)
==1184==The signal is caused by a WRITE memory access.
==1184==Hint: address points to the zero page.
    #0 0x4ca407  (/ConcurrencyFuzzer/evaluation/ConVul-CVE-Benchmarks/CVE-2011-2183/2011-2183+0x4ca407)
    #1 0x4ca957  (/ConcurrencyFuzzer/evaluation/ConVul-CVE-Benchmarks/CVE-2011-2183/2011-2183+0x4ca957)
    #2 0x4ca789  (/ConcurrencyFuzzer/evaluation/ConVul-CVE-Benchmarks/CVE-2011-2183/2011-2183+0x4ca789)
    #3 0x7f1e88fa86da  (/lib/x86_64-linux-gnu/libpthread.so.0+0x76da)
    #4 0x7f1e87f8671e  (/lib/x86_64-linux-gnu/libc.so.6+0x12171e)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: SEGV (/ConcurrencyFuzzer/evaluation/ConVul-CVE-Benchmarks/CVE-2011-2183/2011-2183+0x4ca407)
Thread T1 created by T0 here:
    #0 0x48051a  (/ConcurrencyFuzzer/evaluation/ConVul-CVE-Benchmarks/CVE-2011-2183/2011-2183+0x48051a)
    #1 0x4cae70  (/ConcurrencyFuzzer/evaluation/ConVul-CVE-Benchmarks/CVE-2011-2183/2011-2183+0x4cae70)
    #2 0x7f1e87e86bf6  (/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)

==1184==ABORTING

Use addr2line -e ./2011-2183 0x4ca407 and addr2line -e ./2011-2183 0x4ca957 to see the debug info

/ConcurrencyFuzzer/evaluation/ConVul-CVE-Benchmarks/CVE-2011-2183/./2011-2183.cpp:137
/ConcurrencyFuzzer/evaluation/ConVul-CVE-Benchmarks/CVE-2011-2183/./2011-2183.cpp:236