| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 30 Aug 2011 13:04:45 +0200
From: Christoph Egger <siccegge@...fau.de>
To: vamos-dev@...informatik.uni-erlangen.de,
linux-kernel@...r.kernel.org
Subject: [ANNOUNCE] undertaker 1.2
The VAMOS team is pleased to announce the release of the undertaker tool
version 1.2. The tool is a result of the VAMOS[1] research project.
Please visit our project site at:
http://vamos.informatik.uni-erlangen.de/trac/undertaker
What is new in undertaker 1.2
-----------------------------
* Coverage support: Generate partial (Kconfig) configurations to cover
each conditional block [3]
* Rewritten Kconfig constraints extractor in python improving support
for some kconfig constructs
* Improved #define/#undef support
* The analysis is no longer restricted to CPP Macros that start with
CONFIG_ (regex can be overriden in the configuration model)
What is undertaker?
-------------------
The undertaker is a tool for static code analysis for code with C
preprocessor directives, which can be used in various modes. The most
prominent one checks every single preprocessor block within the file
whether it can be selected or deselected, which in many cases is a great
asset for code maintenance.
Some preprocessor blocks are only seemingly conditional. In many cases,
it turns out that additional constraints from the project's
configuration model causes such conditional blocks to be in fact
unconditionally selected or unselected. We call such block "dead" and
"undead" conditional blocks.
Undertaker provides tools to extract the configuration model from the
Linux configuration tooling Kconfig and to perform this check on whole
source trees.
What undertaker is not?
-----------------------
It isn't an automatic patch generator. Because of peculiarities in the
Kconfig semantics, (ignored) coding guidelines and simply engineering
issues, the reports might contain false negatives. Note that our
philosophy is that we prefer false negatives over false positives, i.e.,
we prefer to miss reports than reports that are no issue at all.
What else can i do with undertaker?
-----------------------------------
You can extract boolean formulas (with or without model) for a given
line of sourcecode in a file or for a given symbol. There is also an
integration for emacs for interactive browsing of block and symbol
preconditions.
Additional uses are currently under development.
[1] http://www4.informatik.uni-erlangen.de/Research/VAMOS/
[2] Configuration Coverage in the Analysis of Large-Scale System
Software, Reinhard Tartler et. al., publication accepted for the
PLOS Workshop 2011
--
Christoph Egger
9FED 5C6C E206 B70A 5857 70CA 9655 22B9 D49A E731
Debian Developer | Lisp Hacker | CaCert Assurer
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists