APISan: Sanitizing API Usages through Semantic Cross-Checking
Latest commit c28ecf4 Aug 25, 2016 @jakkdu jakkdu release
Permalink
Failed to load latest commit information.
analyzer release Aug 25, 2016
bugs release Aug 25, 2016
llvm release Aug 25, 2016
test release Aug 25, 2016
.gitignore release Aug 25, 2016
README.md release Aug 25, 2016
apisan release Aug 25, 2016
setup.sh release Aug 25, 2016

README.md

APISan: Sanitizing API Usages through Semantic Cross-Checking

Environments

  • Tested in Ubuntu 14.04
  • Setup
  $ ./setup.sh
  • How to build symbolic database
  $ apisan build [cmds]
  • Run './configure'
  $ apisan build ./configure
  $ apisan build make
  • How to run a checker
  $ apisan check --db=[db] --checker=[checker]
  • Example
  $ cd test/return-value
  $ ../../apisan build make
  $ ../../apisan check --checker=rvchk

Checkers (under analyzer/apisan/check)

  • Return value checker: retval.py
  • Argument checker: argument.py
  • Causality checker: causality.py
  • Condition checker: condition.py
  • Integer overflow checker: intovfl.py
  • Format string bug checker: fsb.py

Authors

Publications

@inproceedings{yun:apisan,
  title        = {{APISan: Sanitizing API Usages through Semantic Cross-checking}},
  author       = {Insu Yun and Changwoo Min and Xujie Si and Yeongjin Jang and Taesoo Kim and Mayur Naik},
  booktitle    = {Proceedings of the 25th USENIX Security Symposium (Security)},
  month        = aug,
  year         = 2016,
  address      = {Austin, TX},
}