static analysis of openafs code base
play

Static analysis of OpenAFS code base Cheyenne Wills OpenAFS 2019 - PowerPoint PPT Presentation

Oct 31, 2023 •343 likes •556 views

Static analysis of OpenAFS code base Cheyenne Wills OpenAFS 2019 Workshop Overview What is static analysis What are the tools Analysis of the OpenAFS code base What is static analysis Static analysis is performed by analysing

  1. Static analysis of OpenAFS code base Cheyenne Wills OpenAFS 2019 Workshop

  2. Overview • What is static analysis • What are the tools • Analysis of the OpenAFS code base

  3. What is static analysis • Static analysis is performed by analysing the source or object code of a program – as opposed to dynamic analysis, which is done by analysing a running program

  4. What are the tools • Manual code reviews • Automated tools – Enhancements to compilers – Standalone utilities

  5. Manual Code Reviews • Traditional method • Gerrit reviews – More than one set of eyes – “voting”

  6. Enhancements to compilers • GCC 8/9, clang – Truncation using string functions – Alignment errors – Some pointer operations – Detecting out-of-bounds on arrays – format overflows and truncations

  7. Compiler checks • --enable-checking on configure • compilers are getting “better” on reporting errors

  8. gcc compiler warnings

  9. Standalone utilities • Clang’s static analyzer - scan-build – part of Clang – Suite of checkers: • Core language features and general purpose checks • Dead Code • NULL dereferencing • Security • Unix/POSIX APIs

  10. clang scan-build

  11. clang scan-build

  12. clang scan-build

  13. Standalone utilities • cppcheck – variable checking – out of bounds conditions – depreciated functions – memory leaks – resource leaks – stylistic and performance errors

  14. cppcheck ... [src/rxgen/rpc_parse.c:2208]: (warning) %u in format string (no. 3) requires 'unsigned int' but the argument type is 'signed int'. [src/rxgen/rpc_parse.c:2208]: (warning) %u in format string (no. 5) requires 'unsigned int' but the argument type is 'signed int'. [src/rxgen/rpc_parse.c:690] -> [src/rxgen/rpc_parse.c:696]: (style) Variable 'tailp' is reassigned a value before the old one has been used. [src/rxgen/rpc_parse.c:818]: (style) The scope of the variable 'defp' can be reduced. [src/rxgen/rpc_parse.c:972]: (style) The scope of the variable 'typecontents' can be reduced. [src/rxgen/rpc_parse.c:997]: (style) The scope of the variable 'typecontents' can be reduced. [src/rxgen/rpc_parse.c:1175]: (style) The scope of the variable 'noofparams' can be reduced. [src/rxgen/rpc_parse.c:1175]: (style) The scope of the variable 'i' can be reduced. [src/rxgen/rpc_parse.c:1245]: (style) The scope of the variable 'i' can be reduced. [src/rxgen/rpc_parse.c:1347]: (style) The scope of the variable 'defp1' can be reduced. [src/rxgen/rpc_parse.c:1557]: (style) The scope of the variable 'i' can be reduced. [src/rxgen/rpc_parse.c:1944]: (style) The scope of the variable 'defp' can be reduced. [src/rxgen/rpc_util.h:62] -> [src/rxgen/rpc_parse.c:1528]: (style) Local variable zflag shadows outer variable ...

  15. Standalone utilities • infer – null pointer problems – memory leaks – coding conventions – system APIs

  16. infer src/bucoord/config.c:98: error: NULL_DEREFERENCE pointer `tentry` last assigned on line 97 could be null and is dereferenced at line 98, column 5. 96. /* tlast now points to the next pointer (or head pointer) we should overwrite */ 97. tentry = calloc(1, sizeof(struct bc_hostEntry)); 98. > tentry->name = strdup(aname); 99. *tlast = tentry; 100. tentry->next = (struct bc_hostEntry *)0; src/afs/afs_cell.c:108: error: UNINITIALIZED_VALUE The value read from code was never initialized. 106. timeout); 107. 108. > if (!hostCount || (code && code != EEXIST)) 109. /* null out the cellname if the lookup failed */ 110. afsdb_req.cellname = NULL;

  17. infer Summary of the reports UNINITIALIZED_VALUE: 681 DEAD_STORE: 325 NULL_DEREFERENCE: 188 MEMORY_LEAK: 173 RESOURCE_LEAK: 20 USE_AFTER_FREE: 1

  18. Analysis of the OpenAFS code base • “static-analysis” topic in OpenAFS Gerrit – Analysis and patches by Pat Riehecky • Memory and resource leaks • NULL pointer dereferences • Problems with “printf” format strings • Boundary conditions (arrays and strings) • Uninitialized variables • Dead code – 25 commits, 19 pending merge

  19. Commits pending approvals

  20. Improving the code base • Continued code reviews, adding more eyes. – Automated tools can’t catch everything • Integrate automated checks into commit and build processes – adding analysis checks into the buildbot workers

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Static vs. Dynamic Analysis Static analysis: analyze source code or byte code Imprecise

Static vs. Dynamic Analysis Static analysis: analyze source code or byte code Imprecise

I NTELLI D ROID A Targeted Input Generator for the Dynamic Analysis of Android Malware Michelle Y. Wong and David Lie University of Toronto Department of Electrical and Computer Engineering NDSS Symposium 2016 ! ! ! B ACKGROUND Static vs.

1.02k views • 32 slides
Static Code Analysis of Complex PHP Application Vulnerabilities Johannes Dahse Static Code

Static Code Analysis of Complex PHP Application Vulnerabilities Johannes Dahse Static Code

Static Code Analysis Automatisierte Sicherheitsanalyse of Complex PHP Application Vulnerabilities von Webapplikationen Static Code Analysis of Complex PHP Application Vulnerabilities Johannes Dahse Static Code Analysis Automatisierte

1.48k views • 89 slides
Bridging the Semantic Gap Through Static Code Analysis Christian Schneider, Jonas Pfoh, Claudia

Bridging the Semantic Gap Through Static Code Analysis Christian Schneider, Jonas Pfoh, Claudia

Motivation Static Code Analysis Implementation Conclusion References Bridging the Semantic Gap Through Static Code Analysis Christian Schneider, Jonas Pfoh, Claudia Eckert { schneidc,pfoh,eckertc } @in.tum.de Chair for IT Security

632 views • 28 slides
Static and dynamic verification Software inspections Concerned with analysis of the static

Static and dynamic verification Software inspections Concerned with analysis of the static

1 Static and dynamic verification Software inspections Concerned with analysis of the static system representation to discover problems (static verification) May be supplement by tool-based document and code analysis Software

430 views • 12 slides
Static Code Analysis on Networking Code: Identifying the capabilities of finding implementation

Static Code Analysis on Networking Code: Identifying the capabilities of finding implementation

RP1 Presenter: Ivar Slotboom Supervisor: Wouter van Dongen , DongIT UvA/SNE Static Code Analysis on Networking Code: Identifying the capabilities of finding implementation flaws using Abstract Syntax Trees RP1 4th of July, 2019 Presenter:

439 views • 20 slides
Static and dynamic verification Software inspections Concerned with analysis of the

Static and dynamic verification Software inspections Concerned with analysis of the

1 Static and dynamic verification Software inspections Concerned with analysis of the static system representation to discover problems (static verification) May be supplement by tool-based document and code analysis

310 views • 12 slides
Static execution-time analysis CPU speed model Bounds on Static (Sub)program code exec time

Static execution-time analysis CPU speed model Bounds on Static (Sub)program code exec time

Tid rum Static Execution Time Analysis Niklas Holsti Space Systems Finland Ltd (now) Tidorum Ltd(to be) Overview Area of interest Current state Work in progress What to do next 1 bo Akademi, ES lab, 2003-10-03 Tid rum

466 views • 12 slides
Dataflow Analysis Iterative Data-flow Analysis and Static-Single-Assignment cs5363 1

Dataflow Analysis Iterative Data-flow Analysis and Static-Single-Assignment cs5363 1

Dataflow Analysis Iterative Data-flow Analysis and Static-Single-Assignment cs5363 1 Optimization And Analysis Improving efficiency of generated code Correctness: optimized code must preserve meaning of the original program

467 views • 31 slides
Source Code Analysis for Security through LLVM Lu Zhao HP Fortify lu.zhao@hp.com Static Code

Source Code Analysis for Security through LLVM Lu Zhao HP Fortify lu.zhao@hp.com Static Code

Source Code Analysis for Security through LLVM Lu Zhao HP Fortify lu.zhao@hp.com Static Code Analyzer for Security Static Code Analyzer for Security (HP Fortify SCA) C/C++ Java Vulnerabilities LLVM Language independent Services C/C++ Swift

325 views • 31 slides
Whats Coverity static analysis ever done for us? Philip Withnall Endless Mobile

Whats Coverity static analysis ever done for us? Philip Withnall Endless Mobile

Whats Coverity static analysis ever done for us? Philip Withnall Endless Mobile philip@tecnocode.co.uk July 30, 2017 MANCHESTER What is static analysis? Compile-time testing of all possible code paths. Whats Coverity static analysis

236 views • 12 slides
Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting

Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting

Static Analysis of Haskell Neil Mitchell http://ndmitchell.com Static Analysis is getting insights at compile time Full branch coverage Terminates Doesnt rely on a test suite Types are static analysis. Lets talk about

784 views • 39 slides
An OpenAFS Site Report Code Name Sunrise Ralf Brunckhorst Michael Meffie (SNA) June 19, 2019

An OpenAFS Site Report Code Name Sunrise Ralf Brunckhorst Michael Meffie (SNA) June 19, 2019

An OpenAFS Site Report Code Name Sunrise Ralf Brunckhorst Michael Meffie (SNA) June 19, 2019 An OpenAFS Site Report 1 of 21 History of AFS at Sunrise 1999 AFS was introduced at one site in Sweden. 2000s More sites were added. 2006 AFS

363 views • 21 slides
Graph-based analysis of JavaScript source code repositories Gbor Szrnyas Graph Processing

Graph-based analysis of JavaScript source code repositories Gbor Szrnyas Graph Processing

Graph-based analysis of JavaScript source code repositories Gbor Szrnyas Graph Processing devroom @ FOSDEM 2018 JAVASCRIPT Latest standard: ECMAScript 2017 STATIC ANALYSIS Static source code analysis is a software testing approach

1.09k views • 40 slides
Comparing the Effectiveness of Penetration Testing and Static Code Analysis Detection of SQL

Comparing the Effectiveness of Penetration Testing and Static Code Analysis Detection of SQL

Comparing the Effectiveness of Penetration Testing and Static Code Analysis Detection of SQL Injection Vulnerabilities in Web Services Nuno Antunes, Marco Vieira PRDC 2009 nmsa@dei.uc.pt, mvieira@dei.uc.pt University of Coimbra

370 views • 24 slides
OpenAFS Status 2012 Nothing and a lot n Derrick Brashear and Jeffrey Altman n The OpenAFS

OpenAFS Status 2012 Nothing and a lot n Derrick Brashear and Jeffrey Altman n The OpenAFS

OpenAFS Status 2012 Nothing and a lot n Derrick Brashear and Jeffrey Altman n The OpenAFS Project n 16 October 2012 Tuesday, October 16, 12 History n OpenAFS 1.6.0 was released on 1 September 2011. Just 3 years late n You

434 views • 31 slides
Binarylevel program analysis: Static Disassembly Gang Tan CSE 597 Spring 2019 Penn State

Binarylevel program analysis: Static Disassembly Gang Tan CSE 597 Spring 2019 Penn State

Binarylevel program analysis: Static Disassembly Gang Tan CSE 597 Spring 2019 Penn State University 3 Disassemblers Disassembler Convert machine code in a binary file into assembly code or code in an equivalent IR Assume a

514 views • 26 slides
CS-527 Software Security Bug finding techniques Asst. Prof. Mathias Payer Department of Computer

CS-527 Software Security Bug finding techniques Asst. Prof. Mathias Payer Department of Computer

CS-527 Software Security Bug finding techniques Asst. Prof. Mathias Payer Department of Computer Science Purdue University TA: Kyriakos Ispoglou https://nebelwelt.net/teaching/17-527-SoftSec/ Spring 2017 Testing Table of Contents Testing

674 views • 33 slides
Learning a Static Analyzer from Data by Pavol Bielik, Veselin Raychev, and Martin Vechev Daniel

Learning a Static Analyzer from Data by Pavol Bielik, Veselin Raychev, and Martin Vechev Daniel

Learning a Static Analyzer from Data by Pavol Bielik, Veselin Raychev, and Martin Vechev Daniel Perez The University of Tokyo January 29, 2018 Static analyzers Writing a static analyzer is hard JavaScript points-to sample global.length = 4;

299 views • 15 slides
Background Program must be brought into memory and placed within a process for it to be run.

Background Program must be brought into memory and placed within a process for it to be run.

Background Program must be brought into memory and placed within a process for it to be run. Storage Allocation Input queue collection of processes on the disk that are waiting to be brought into memory to run the program.

225 views • 9 slides
Project 1: -allocator Computation structures October 9, 2018 Memory allocation Static

Project 1: -allocator Computation structures October 9, 2018 Memory allocation Static

Project 1: -allocator Computation structures October 9, 2018 Memory allocation Static allocation : size must be known at compile-time, handled by compilers in high-level languages. In -assembly: | static allocation on the stack |

261 views • 9 slides
Static Analyzer Non-Comprehensive Overview Dr Christopher Jones HOW 2019 21 March 2019 This

Static Analyzer Non-Comprehensive Overview Dr Christopher Jones HOW 2019 21 March 2019 This

FERMILAB-SLIDES-19-035-CD Static Analyzer Non-Comprehensive Overview Dr Christopher Jones HOW 2019 21 March 2019 This manuscript has been authored by Fermi Research Alliance, LLC under Contract No. DE-AC02-07CH11359 with the U.S. Department of

566 views • 12 slides
Outline Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation Overview

Outline Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation Overview

Outline Static Analysis: Overview, Syntactic Analysis and Abstract Interpretation Overview TDDC90: Software Security Syntactic Analysis Ahmed Rezine Abstract Interpretation IDA, Linkpings Universitet Hsttermin 2014 Static Program

75 views • 7 slides
Static analysis and all that Martin Steffen IfI UiO Spring 2014 uio Static analysis and all

Static analysis and all that Martin Steffen IfI UiO Spring 2014 uio Static analysis and all

Static analysis and all that Martin Steffen IfI UiO Spring 2014 uio Static analysis and all that Martin Steffen IfI UiO Spring 2014 uio Plan approx. 15 lectures, details see web-page flexible time-schedule, depending on

938 views • 69 slides
Efficient Static Analysis of XML Paths and Types Pierre Genevs EPFL, Switzerland Joint

Efficient Static Analysis of XML Paths and Types Pierre Genevs EPFL, Switzerland Joint

Efficient Static Analysis of XML Paths and Types Pierre Genevs EPFL, Switzerland Joint work with Nabil Layada and Alan Schmitt INRIA, France PLDI07, San Diego, June 2007 Introduction More and more XML data Objective: ensuring

627 views • 42 slides

More recommend