You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
UAFPrediction is a tool which uses the Support Vector Machine learning model to determine the likelihood of a use-after-free bug within C source files.
There are numerous C static bug detectors which aim to locate the existance of use-after-free bugs, though not all tools are perfect and there are some limitations when utilising static analysis such as filtering false positives
Video Demonstration of UAFPrediction
Installation
This tool requires
python3 installed and the python modules Scikit-learn and its associated dependencies
Modify coccinelle.py, cbmc.py and stc.py to show where coccinelle, cbmc and SVF is installed on your system.
Modifying coccinelle.py
On line 6, modify cocci_loc to where Coccinelle is invoked on your system. If you have install Coccinelle using a package manager, the default invocation is spatch.
On line 7, modify uaf_cocci_loc to where the uaf.cocci file is located on your system. The uaf.cocci file is apart of the git repository.
Modifying cbmc.py
On line 6, modify cbmc_loc to where CBMC is invoked on your system. If you have installed CBMC using a package manager, the default invocation is cbmc.
Modifying svf.py
On line 7, modify clang_loc to where the LLVM Clang 3.8 compiler is invoked on your system.
On line 9, modify stc_loc to where the SVF binary is located on your system.
Using UAFPrediction.py
Invoke the UAFPrediction.py program using python3 from the base folder of where C source files are located.
E.g. python3 /path/to/UAFPrediction.py file1.c file2.c …
After execution the tool will report if a Use-After-Free bug has been predicted. If a bug has been predicted, then the output of the tools will be report. Otherwise the message “No Use-After-Free bugs have been predicted” message will appear.
Test folder
Under the test folder, there are some examples to showcase the program in action.
To use the CWE416_Use_After_Free__return_freed_ptr_18_bad.c test case, it must be called with io.c.
e.g. python3 /path/to/UAFPrediction.py CWE416_Use_After_Free__return_freed_ptr_18_bad.c io.c
