symbolic execution of debian packages
play

Symbolic Execution of Debian Packages Nicolas Jeannerod - PowerPoint PPT Presentation

Jun 06, 2023 •202 likes •886 views

Symbolic Execution of Debian Packages Nicolas Jeannerod nicolas.jeannerod@irif.fr joint work with Benedikt Becker, Claude March Yann Rgis-Gianas, Mihaela Sighireanu, Ralf Treinen IRIF, Universit de Paris September 9, 2019 13th Alpine

  1. Symbolic Execution of Debian Packages Nicolas Jeannerod nicolas.jeannerod@irif.fr joint work with Benedikt Becker, Claude Marché Yann Régis-Gianas, Mihaela Sighireanu, Ralf Treinen IRIF, Université de Paris September 9, 2019 13th Alpine Verification Meeting

  2. Introduction > CoLiS project: Correctness of Linux Scripts 1

  3. Introduction > CoLiS project: Correctness of Linux Scripts > Goal: applying formal methods to the quality assessment of Debian Packages. 1

  4. Introduction > CoLiS project: Correctness of Linux Scripts > Goal: applying formal methods to the quality assessment of Debian Packages. > Debian: operating system. > Packages: way to provide (install, update, remove) software. 1

  5. Introduction > CoLiS project: Correctness of Linux Scripts > Goal: applying formal methods to the quality assessment of Debian Packages. > Debian: operating system. > Packages: way to provide (install, update, remove) software. > Goal (reformulated): making sure that installing/updating/removing software does not: > make other softwares unusable, > make the whole computer unusable, > remove your personnal files, > etc. 1

  6. Installing a Software on Debian 1. Download the package. 2

  7. Installing a Software on Debian 1. Download the package. 2. Execute a pre-installation script. 2

  8. Installing a Software on Debian 1. Download the package. 2. Execute a pre-installation script. 3. Unpack static archive. 2

  9. Installing a Software on Debian 1. Download the package. 2. Execute a pre-installation script. 3. Unpack static archive. 4. Execute a post-installation script. 2

  10. Installing a Software on Debian 1. Download the package. 2. Execute a pre-installation script. > This is a POSIX shell script ran as administrator. 3. Unpack static archive. 4. Execute a post-installation script. > This is a POSIX shell script ran as administrator. 2

  11. Installing a Software on Debian 1. Download the package. 2. Execute a pre-installation script. > This is a POSIX shell script ran as administrator. 3. Unpack static archive. 4. Execute a post-installation script. > This is a POSIX shell script ran as administrator. POSIX shell: > scripting language 2

  12. Installing a Software on Debian 1. Download the package. 2. Execute a pre-installation script. > This is a POSIX shell script ran as administrator. 3. Unpack static archive. 4. Execute a post-installation script. > This is a POSIX shell script ran as administrator. POSIX shell: > scripting language > legacy (born in 1971) 2

  13. Installing a Software on Debian 1. Download the package. 2. Execute a pre-installation script. > This is a POSIX shell script ran as administrator. 3. Unpack static archive. 4. Execute a post-installation script. > This is a POSIX shell script ran as administrator. POSIX shell: Administrator: > scripting language > can do anything on the system > legacy (born in 1971) 2

  14. Installing a Software on Debian 1. Download the package. 2. Execute a pre-installation script. > This is a POSIX shell script ran as administrator. 3. Unpack static archive. 4. Execute a post-installation script. > This is a POSIX shell script ran as administrator. POSIX shell: Administrator: > scripting language > can do anything on the system > legacy (born in 1971) Complicated and dangerous 2

  15. Installing a Software on Debian 1. Download the package. 2. Execute a pre-installation script. > This is a POSIX shell script ran as administrator. 3. Unpack static archive. 4. Execute a post-installation script. > This is a POSIX shell script ran as administrator. POSIX shell: Administrator: > scripting language > can do anything on the system > legacy (born in 1971) Complicated and dangerous. Formal methods? 2

  16. Our Tools: An Overview Debian Package CoLiS Report 3

  17. Our Tools: An Overview Debian Package Shell script Specification Symbolic CoLiS of the script Engine Report 3

  18. Our Tools: An Overview Debian Morbig, Morsmall Package and ColisFromShell t p i r c Colis s l l inter. e h S language Specification Symbolic CoLiS of the script Engine Report 3

  19. Our Tools: An Overview Debian Morbig, Morsmall Package and ColisFromShell t p i r c Colis s l l inter. e h S language Specification Symbolic Specifications CoLiS of the script Engine of commands Report 3

  20. Our Tools: An Overview Debian Morbig, Morsmall Package and ColisFromShell t p i r c Colis s l l inter. e h S language Specification Symbolic Specifications CoLiS of the script Engine of commands SAT? SAT solver for specifications Report 3

  21. Our Tools: An Overview Debian   Régis-Gianas, Morbig, Morsmall J & Treinen Package   and ColisFromShell SLE 2018 t p i r c Colis s   J, Marché l l inter. & Treinen e h   S VSTTE 2017 language Specification Symbolic Specifications CoLiS of the script Engine of commands SAT? SAT solver for specifications Report 3

  22. Specifications, Feature Trees & Constraints

  23. Feature Trees g g f h f h g f > Unranked unordered trees; 4

  24. Feature Trees g g f h f h g f > Unranked unordered trees; > Good models for the UNIX filesystem; 4

  25. Feature Trees g g f h f h g f > Unranked unordered trees; > Good models for the UNIX filesystem; > Shell scripts can be seen as programs that modify such trees; 4

  26. Feature Trees g g f h f h g f > Unranked unordered trees; > Good models for the UNIX filesystem; > Shell scripts can be seen as programs that modify such trees; > Constraints will express relations between such trees. 4

  27. Constraints On Feature Trees Atom (Informal) Semantics 5

  28. Constraints On Feature Trees Atom (Informal) Semantics x [ f ] y From x ’s tree, through f , we go to y ’s tree   Aït-Kaci x [ f ] ↑ In x ’s tree, there is no f Podelski     & Smolka   Ax The root of x ’s tree has decoration A 1992 5

  29. Constraints On Feature Trees Atom (Informal) Semantics x [ f ] y From x ’s tree, through f , we go to y ’s tree   Aït-Kaci x [ f ] ↑ In x ’s tree, there is no f Podelski     & Smolka   Ax The root of x ’s tree has decoration A 1992   Smolka x [ F ] x ’s tree can also use features in F & Treinen   1994 5

  30. Constraints On Feature Trees Atom (Informal) Semantics x [ f ] y From x ’s tree, through f , we go to y ’s tree   Aït-Kaci x [ f ] ↑ In x ’s tree, there is no f Podelski     & Smolka   Ax The root of x ’s tree has decoration A 1992   Smolka x [ F ] x ’s tree can also use features in F & Treinen   1994 x ∼ F y x and y ’s trees are similar except in F 5

  31. Example Specification: mkdir q/f ∃ x , x ′ , y ′ · resolve ( r , cwd , q , x ) ∧ dir ( x ) ∧ x [ f ] ↑ Success ∧ similar ( r , r ′ , cwd , q , x , x ′ ) ∧ x ∼ { f } x ′ ∧ dir ( x ′ ) ∧ x ′ [ f ] y ′ ∧ dir ( y ′ ) ∧ y ′ [ ∅ ] ∃ y · resolve ( r , cwd , q / f , y ) ∧ r . = r ′ noresolve ( r , cwd , q ) ∧ r . = r ′ Error ∃ x · resolve ( r , cwd , q , x ) ∧¬ dir ( x ) ∧ r . = r ′ 6

  32. Example Specification: mkdir q/f ∃ x , x ′ , y ′ · resolve ( r , cwd , q , x ) ∧ dir ( x ) ∧ x [ f ] ↑ Success ∧ similar ( r , r ′ , cwd , q , x , x ′ ) ∧ x ∼ { f } x ′ ∧ dir ( x ′ ) ∧ x ′ [ f ] y ′ ∧ dir ( y ′ ) ∧ y ′ [ ∅ ] ∃ y · resolve ( r , cwd , q / f , y ) ∧ r . = r ′ noresolve ( r , cwd , q ) ∧ r . = r ′ Error ∃ x · resolve ( r , cwd , q , x ) ∧¬ dir ( x ) ∧ r . = r ′ 6

  33. Example Specification: mkdir q/f ∃ x , x ′ , y ′ · resolve ( r , cwd , q , x ) ∧ dir ( x ) ∧ x [ f ] ↑ Success ∧ similar ( r , r ′ , cwd , q , x , x ′ ) ∧ x ∼ { f } x ′ ∧ dir ( x ′ ) ∧ x ′ [ f ] y ′ ∧ dir ( y ′ ) ∧ y ′ [ ∅ ] r ∃ y · resolve ( r , cwd , q / f , y ) ∧ r . = r ′ q ∃ x noresolve ( r , cwd , q ) ∧ r . = r ′ Error ∃ x · resolve ( r , cwd , q , x ) ∧¬ dir ( x ) ∧ r . = r ′ 6

  34. Example Specification: mkdir q/f ∃ x , x ′ , y ′ · resolve ( r , cwd , q , x ) ∧ dir ( x ) ∧ x [ f ] ↑ Success ∧ similar ( r , r ′ , cwd , q , x , x ′ ) ∧ x ∼ { f } x ′ ∧ dir ( x ′ ) ∧ x ′ [ f ] y ′ ∧ dir ( y ′ ) ∧ y ′ [ ∅ ] r ∃ y · resolve ( r , cwd , q / f , y ) ∧ r . = r ′ q ∃ x noresolve ( r , cwd , q ) ∧ r . = r ′ (dir) Error ∃ x · resolve ( r , cwd , q , x ) ∧¬ dir ( x ) ∧ r . = r ′ 6

  35. Example Specification: mkdir q/f ∃ x , x ′ , y ′ · resolve ( r , cwd , q , x ) ∧ dir ( x ) ∧ x [ f ] ↑ Success ∧ similar ( r , r ′ , cwd , q , x , x ′ ) ∧ x ∼ { f } x ′ ∧ dir ( x ′ ) ∧ x ′ [ f ] y ′ ∧ dir ( y ′ ) ∧ y ′ [ ∅ ] r ∃ y · resolve ( r , cwd , q / f , y ) ∧ r . = r ′ q ∃ x noresolve ( r , cwd , q ) ∧ r . = r ′ (dir) Error f ∃ x · resolve ( r , cwd , q , x ) ∧¬ dir ( x ) ∧ r . ⊥ = r ′ 6

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Patterns for Testing Debian Packages Antonio Terceiro terceiro@debian.org A brief intro to

Patterns for Testing Debian Packages Antonio Terceiro terceiro@debian.org A brief intro to

Patterns for Testing Debian Packages Antonio Terceiro terceiro@debian.org A brief intro to Debian CI autopkgtest created back in 2006 (!) 2014: Debian CI launches Goal: provide automated testing for the Debian archive (i.e. run

816 views • 68 slides
Symbolic Execution of Linux binaries About Symbolic Execution Dynamically explore all

Symbolic Execution of Linux binaries About Symbolic Execution Dynamically explore all

A tool for the Symbolic Execution of Linux binaries About Symbolic Execution Dynamically explore all program branches. Inputs are considered symbolic variables. Symbols remain uninstantiated and become constrained at execution

451 views • 24 slides
MATLAB 1 Mathematical Software Symbolic Math Packages - This amorphous set of packages can

MATLAB 1 Mathematical Software Symbolic Math Packages - This amorphous set of packages can

MATLAB 1 Mathematical Software Symbolic Math Packages - This amorphous set of packages can be used to perform symbolic analyses. These packages typically can solve algebraic and differential equations, can integrate and differentiate

1.18k views • 72 slides
Automated Testing of Debian Packages Status Update Lucas Nussbaum lucas@debian.org Lucas

Automated Testing of Debian Packages Status Update Lucas Nussbaum lucas@debian.org Lucas

Introduction Tests Building packages more efficiently Piuparts State of the archive collab-qa Conclusion Automated Testing of Debian Packages Status Update Lucas Nussbaum lucas@debian.org Lucas Nussbaum Automated Testing of Debian

622 views • 34 slides
Symbolic execution as search, and the rise of solvers Search and SMT Symbolic execution is

Symbolic execution as search, and the rise of solvers Search and SMT Symbolic execution is

Symbolic execution as search, and the rise of solvers Search and SMT Symbolic execution is appealingly simple and useful , but computationally expensive ! We will see how the effective use of symbolic execution boils down to a kind of

494 views • 24 slides
Symbolic Execution: Applications Symbolic execution is widely used in practice. Tools based on

Symbolic Execution: Applications Symbolic execution is widely used in practice. Tools based on

Symbolic Execution: Applications Symbolic execution is widely used in practice. Tools based on symbolic execution have found serious errors and security vulnerabilities in various systems: Network servers File systems Device drivers

733 views • 40 slides
Automated Testing of Debian Packages Holger Levsen debian@layer-acht.org Lucas Nussbaum

Automated Testing of Debian Packages Holger Levsen debian@layer-acht.org Lucas Nussbaum

Introduction Lintian and Linda Rebuilding packages Piuparts Structuring QA Conclusion Automated Testing of Debian Packages Holger Levsen debian@layer-acht.org Lucas Nussbaum lucas@debian.org Holger Levsen and Lucas Nussbaum Automated

1.38k views • 31 slides
Sylvestre Ledru sylvestre@debian.org Lo Cavaill leo+debian@cavaille.net Debian + 20

Sylvestre Ledru sylvestre@debian.org Lo Cavaill leo+debian@cavaille.net Debian + 20

Sylvestre Ledru sylvestre@debian.org Lo Cavaill leo+debian@cavaille.net Debian + 20 000 source packages ~13 architectures 3 kernels The biggest database of FLOSS code (?) The Debile Project January, 19th 2014 Sylvestre Ledru

571 views • 25 slides
Symbolic execution for binary-level security / 50 3 A number of shades of symbolic execution /

Symbolic execution for binary-level security / 50 3 A number of shades of symbolic execution /

Symbolic execution for binary-level security / 50 3 A number of shades of symbolic execution / / Sbastien Bardin & Richard Bonichon 20180409 CEA LIST 1 1,1,L Model Source qb int foo (int t ) { 0,1,L 0,1,L int y = t * t - 4 * t ;

567 views • 34 slides
Debian KDE-Extras Team Debian KDE-Extras Team Mark Purcell <msp@debian.org> Introduction

Debian KDE-Extras Team Debian KDE-Extras Team Mark Purcell <msp@debian.org> Introduction

Debian KDE-Extras Team Debian KDE-Extras Team Mark Purcell <msp@debian.org> Introduction Introduction The Debian KDE Extras Team maintain a portfolio of extra application packages for Debian GNU/Linux outside the KDE core applications

554 views • 18 slides
Symbolic Execution Emina Torlak emina@cs.washington.edu Outline What is symbolic execution?

Symbolic Execution Emina Torlak emina@cs.washington.edu Outline What is symbolic execution?

CSE 403: Software Engineering, Winter 2016 courses.cs.washington.edu/courses/cse403/16wi/ Symbolic Execution Emina Torlak emina@cs.washington.edu Outline What is symbolic execution? How does it work? State-of-the-art tools 2

637 views • 34 slides
Demo Symbolic Execution Probabilistic Symbolic Execution (Materials kindly provided by Willem

Demo Symbolic Execution Probabilistic Symbolic Execution (Materials kindly provided by Willem

Demo Symbolic Execution Probabilistic Symbolic Execution (Materials kindly provided by Willem Visser) Docker Image Install Docker Download: https://docs.docker.com/engine/installation/ Check: docker --version

446 views • 10 slides
Amusewiki: a year of development Marco Pessotto (melmothX) August 24-26, 2016, Cluj-Napoca

Amusewiki: a year of development Marco Pessotto (melmothX) August 24-26, 2016, Cluj-Napoca

Amusewiki: a year of development Marco Pessotto (melmothX) August 24-26, 2016, Cluj-Napoca Contents Debian packages Blog mode 13 Blog example 14 Other notable improvements 15 16 OPDS example Debian packages cons 17 Debian packages

466 views • 20 slides
Learning to Fuzz from Symbolic Execution with Application to Smart Contracts Jingxuan Mislav

Learning to Fuzz from Symbolic Execution with Application to Smart Contracts Jingxuan Mislav

Learning to Fuzz from Symbolic Execution with Application to Smart Contracts Jingxuan Mislav Nodar Petar Martin He Balunovic Ambroladze Tsankov Vechev Random Fuzzing vs. Symbolic Execution Random Fuzzing Symbolic Execution Fast Slow

633 views • 29 slides
Tutorial: Functional Testing of Debian Packages Antonio Terceiro terceiro@debian.org history

Tutorial: Functional Testing of Debian Packages Antonio Terceiro terceiro@debian.org history

Tutorial: Functional Testing of Debian Packages Antonio Terceiro terceiro@debian.org history automated tests are great and we need more of it automated tests don't replace all manual testing Topics history specs tools

832 views • 50 slides
apt-xapian-index Everything You Always Wanted to Index About Debian Packages, But were Afraid to

apt-xapian-index Everything You Always Wanted to Index About Debian Packages, But were Afraid to

Introduction The solution Interesting bits still to figure out HELP! apt-xapian-index Everything You Always Wanted to Index About Debian Packages, But were Afraid to Ask Enrico Zini enrico@debian.org 23 February 2008 Enrico Zini

462 views • 18 slides
CS786: Lecture 1 May 1st Basics: review of probability theory 1 CS 786 Lecture Slides (c)

CS786: Lecture 1 May 1st Basics: review of probability theory 1 CS 786 Lecture Slides (c)

CS786: Lecture 1 May 1st Basics: review of probability theory 1 CS 786 Lecture Slides (c) 2012 P. Poupart Theories to deal with uncertainty Dempster-Shafer theory Fuzzy set theory Possibility theory Probability theory

143 views • 10 slides
CS 423 Operating System Design: Overview and Basic Concepts Professor Adam Bates Fall

CS 423 Operating System Design: Overview and Basic Concepts Professor Adam Bates Fall

CS 423 Operating System Design: Overview and Basic Concepts Professor Adam Bates Fall 2018 CS423: Operating Systems Design Goals for Today Learning Objectives: Introduce OS definition, challenges, and history Announcements:

416 views • 29 slides
Solving large scale eigenvalue problems Lecture 11, May 9, 2018: JacobiDavidson algorithms

Solving large scale eigenvalue problems Lecture 11, May 9, 2018: JacobiDavidson algorithms

Solving large scale eigenvalue problems Solving large scale eigenvalue problems Lecture 11, May 9, 2018: JacobiDavidson algorithms http://people.inf.ethz.ch/arbenz/ewp/ Peter Arbenz Computer Science Department, ETH Z urich E-mail:

657 views • 42 slides
Feature Structures, Unification Some grammatical phenomena Linguistic features Feature

Feature Structures, Unification Some grammatical phenomena Linguistic features Feature

Feature Structures, Unification Scott Farrar CLMA, University of Washington far- rar@u.washington.edu Feature Structures, Unification Some grammatical phenomena Linguistic features Feature structures Operations on Scott Farrar feature

1.35k views • 113 slides
Computational Linguistics: Feature Agreement Raffaella Bernardi Contents First Last Prev

Computational Linguistics: Feature Agreement Raffaella Bernardi Contents First Last Prev

Computational Linguistics: Feature Agreement Raffaella Bernardi Contents First Last Prev Next Contents 1 Admin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2 Formal

459 views • 41 slides
Background: Web Proxies HTTP/HTTPS /SOCKS Exit nodes Exit nodes Exit nodes are constrained

Background: Web Proxies HTTP/HTTPS /SOCKS Exit nodes Exit nodes Exit nodes are constrained

Resident Evil: Understanding Residential IP Proxy as a Dark Service Xianghang Mi , Xuan Feng, Xiaojing Liao Baojun Liu, XiaoFeng Wang, Feng Qian Zhou Li, Sumayah Alrwais, Limin Sun , Ying Liu Background: Web Proxies HTTP/HTTPS /SOCKS Exit nodes

629 views • 34 slides
Field of values error estimates for evaluating functions of matrices via the Arnoldi method

Field of values error estimates for evaluating functions of matrices via the Arnoldi method

Field of values error estimates for evaluating functions of matrices via the Arnoldi method Bernhard Beckermann http://math.univ-lille1.fr/ bbecker Laboratoire Paul Painlev e UMR 8524 ( equipe ANO-EDP) UFR Math ematiques,

171 views • 15 slides
Generating Referring Expressions in Open Domains Advaith Siddharthan & Ann Copestake

Generating Referring Expressions in Open Domains Advaith Siddharthan & Ann Copestake

g Generating Referring Expressions in Open Domains Advaith Siddharthan & Ann Copestake as372@cs.columbia.edu & aac10@cl.cam.ac.uk Advaith Siddharthan. Index p.1/40 Structure of Talk1 g Motivation Attribute Selection The

444 views • 40 slides

More recommend