-
Notifications
You must be signed in to change notification settings - Fork 0
/
readme.txt
51 lines (28 loc) · 2.95 KB
/
readme.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
1. Introduction of the script files.
In /cocci directory, there are six script files and two subdirectory that are important to know (ignore the rest):
(1)/testdir: A directory that stors the files that are to parsed. Any file in this directoy or subdirectoy will be parsed.
(2)startcocci_linux.sh: Shellscript to start the parsing. This script will clearn the files that are left from the last parsing and invoke the right cocci script(pattern_match_linux.cocci) to parse the source files. This one is specifc for Linux and Android source code.
(3)startcocci_freebsd.sh: Shellscript of starting the parsing. This script will clearn the files that are left from the last parsing and invoke the right cocci script(pattern_match_fressbsd.cocci) to parse the source files. This one is specifc for FreeBSD source code.
(4)pattern_match_linux.cocci: Coccinelle script file that stores the rules we added for the pattern matching. This one is specific for Linux and Android, because they use the same transfer functions.
(5)pattern_match_FreeBSD.cocci: Coccinelle script file that stores the rules we added for the pattern matching. This one is specific for FreeBSD, because it uses different transfer functions.
(6)copy_files.py: Python script that helps to copy the suspicious souce code files to a specifc subdirectory, so as to facilitate the manual analysis.
(7)/outcome: This directory will be created after parsing, and suspicous source files will be copied here for manual analysis.
(8)resut.txt: This file will be created after parsing, reports and statistical data will be stored in this file.
(9)readme.txt: Instructions and decriptions.
2. Description of Coccinelle rules.
There totally two Coccinelle rule files (pattern_match_linux.cocci, pattern_match_FreeBSD.cocci) in this method, which are basically the same except useing different transfer functions to match. These file consist of the following:
(1) function print_and_log() prints and stores the results of the parsing to specific files and directory.
(2) function post_match_process() filters out some coner cases after the coccinelle pattern matching, so as to reduce the false positives.
(3)rule 1 ~ rule 6 are the coccinelle rules defined to match different double fetch situations. These rules will be matched one by one, and matching stops once a rule is matched.
The "..." in the code stands for any statements in the source code;
The "|" stands for a disjunction, each item is used to match until one is matched.
Key workd "when != " after "..." represents the situations that shouldn't be included.
3. How to use.
(1) Install Coccinelle on the machine.
Mac OS: “brew install coccinelle”
Ubuntu: “apt-get install coccinelle”
(2) Copy the files that are to be parsed to /testdir
(3) Run “./startcocci_linux.sh” for Linux or Android parsing
Run “./startcocci_freebsd.sh” for FreeBSD parsing
(4) Check the result from result.txt
(5) See the corresponding source files from /outcome