Skip to content

yuntongzhang/vulnfix

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits

.github/workflows

.github/workflows

 
 

bin

bin

 
 

data

data

 
 

doc

doc

 
 

lib

lib

 
 

result-expected

result-expected

 
 

src

src

 
 

thirdparty

thirdparty

 
 

.gitignore

.gitignore

 
 

.gitmodules

.gitmodules

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

activate

activate

 
 

build.sh

build.sh

 
 

daikon-config

daikon-config

 
 

driver.py

driver.py

 
 

meta-data.json

meta-data.json

 
 

requirements.txt

requirements.txt

 
 

Repository files navigation

VulnFix

License: GPL v3 docker pull docker build

VulnFix - An automated program repair technique for fixing security vulnerabilities via inductive inference.

VulnFix targets security vulnerabilities in C/C++ programs, such as buffer overflows, integer overflows, and NULL dereferences. It works by first exploring the states at the patch location with a combination of input-level fuzzing and state-level mutations, and then generalizing a patch invariant from the observed states. A patch invariant is a formula that evaluates to true for the benign states and false for the vulnerable states, which can be used to generate a patch later on.

Getting started

New changes has been added to VulnFix since the ISSTA22 publication. To get the version during ISSTA22 period and steps for using that version, please refer to ISSTA22.md.

TODO: Add getting started instruction for the new tool version.

Firstly, certain OS configurations are required to be set for VulnFix and its dependencies (e.g. AFL). To set these, run:

echo core | sudo tee /proc/sys/kernel/core_pattern
cd /sys/devices/system/cpu
echo performance | sudo tee cpu*/cpufreq/scaling_governor

echo 0 | sudo tee /proc/sys/kernel/randomize_va_space

The VulnFix tool and its dependencies are available in docker container. (Please refer to doc/INSTALL.md for instructions on building it from source.)

To start:

docker pull yuntongzhang/vulnfix:latest-manual
docker run -it --memory=30g --name vulnfix yuntongzhang/vulnfix:latest-manual

Once inside the container, invoke it on one example (e.g. CVE-2012-5134) with:

# clone and build the target project
cd /home/yuntong/vulnfix/data/libxml2/cve_2012_5134
./setup.sh
# run vulnfix to repair
cd /home/yuntong/vulnfix
vulnfix data/libxml2/cve_2012_5134/config

After VulnFix finishes, the results (generated invariants and patches) can be found in /home/yuntong/vulnfix/data/libxml2/cve_2012_5134/runtime/result/.

Documentation

More details can be found in the documentation in the doc folder. MANUAL.md describes how to use VulnFix in more detail; DEVELOP.md contains useful information for hacking and extending VulnFix.

Bugs

VulnFix should be considered alpha-quality software. Bugs can be reported here.

About

Program Vulnerability Repair via Inductive Inference

Topics

program-repair

Resources

Readme

License

GPL-3.0 license
Activity

Stars

18 stars

Watchers

2 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages