Skip to content
This repository was archived by the owner on Mar 30, 2021. It is now read-only.

Curl XTU Analysis

Jump to bottom
Péter Szécsi edited this page Jan 25, 2017 · 20 revisions

Baseline:

Curl without xtu - clang 4.0

http://cc.elte.hu:8080/#run=57

Curl with XTU - clang 4.0

http://cc.elte.hu:8080/#run=58

###Summary

|Analyzed project| New findings | Disappeared findings | Successfully analyzed | Failed to analyze | Analysis Time (NonXTU)|Analysis Time XTU|Average bug path length in baseline|Average bug path length XTU| |---|---|---|---|---|---|---|---|---|---| |Curl| 10| 0| 280 | 13 |?|?|?|

Number of new true positives: 1

http://cc.elte.hu:8080/#baseline=57&newcheck=58&report=5875

Number of new false positives: 3 different

http://cc.elte.hu:8080/#baseline=57&newcheck=58&report=5879

False positive since (list->length != 0) condition excludes that the head is null (listed 7 times since called from different TUs ,CTU uniqueing would solve it)

http://cc.elte.hu:8080/#baseline=57&newcheck=58&report=5885

False positive since Curl_ntlm_core_mk_nt_hash(conn->data, conn->passwd, nt_hash) set the nt_hash pointer

http://cc.elte.hu:8080/#baseline=57&newcheck=58&report=5889

Clone this wiki locally