From ec1de1f9057c9464d31f7052733f2282881ddef0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Daniel=20Marjam=C3=A4ki?= Date: Thu, 4 Oct 2018 17:56:33 +0200 Subject: [PATCH] cve-test-suite: added readme.txt with my motivation for adding this folder --- cve-test-suite/readme.txt | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 cve-test-suite/readme.txt diff --git a/cve-test-suite/readme.txt b/cve-test-suite/readme.txt new file mode 100644 index 000000000..479b11dba --- /dev/null +++ b/cve-test-suite/readme.txt @@ -0,0 +1,22 @@ + +Background +========== +The CVE database contains known vulnerabilities in various source code projects. For instance, to list known "overflow" vulnerabilities, this link can be used: +https://www.cvedetails.com/vulnerability-list/cweid-119/vulnerabilities.html + +Many issues in the CVE database are "out of reach" for static analysis because of required domain knowledge etc. + +However there are also issues that could be "possible" to detect with static analysis. + +For each such issue that we see that we think is "possible" to detect with static analysis, we can create a file in this folder. The filename is the CVE id. The contents of the file should contain this info: + * Recommended: URL that can be used to download source code, file with bug + * Description + * Reduced example code. The code should be plain C/C++ without dependencies. + +Possible usages: +================ +The test cases can inspire future Cppcheck development. + +These files could be used for a quick and easy tool evaluation. For Cppcheck and other tools. Because only plain C/C++ is used, tools should have all info they need, so hopefully no extra configuration is needed. + +An extended tool evaluation can use the real source code. It's possible to lookup the real source code using the CWE id. However in such tool evaluation, the tools must be configured properly.