Dailydave mailing list archives
RE: Metacompilation
From: "Brass, Phil (ISS Atlanta)" <PBrass () iss net>
Date: Wed, 3 Dec 2003 03:39:52 -0500
You want some cool source analysis tools that let you do your own analysis and/or changes, check out DMS Software Re-engineering Toolkit: http://www.semdesigns.com/Products/DMS/DMSToolkit.html Not specific to error-detection, but has a good framework for making your own static analysis error detection checks, with the bonus of being toolkit for re-engineering source, so in some cases you can write error-correcting modules that actually fix the bugs. Phil -----Original Message----- From: dailydave-bounces () lists immunitysec com [mailto:dailydave-bounces () lists immunitysec com] On Behalf Of Tri Huynh Sent: Wednesday, December 03, 2003 5:41 AM To: dave () immunitysec com; dailydave () lists immunitysec com Subject: [Dailydave] Metacompilation I am reading this paper http://www.stanford.edu/~engler/p27-hallem.pdf and it talks about a good approach in finding bug in open source software. Dawson is quite reputed in the subject of security, or at least in the academic community. I don't know if you guys have ever used this approach in finding bugs. Are there any tools/products that allow an auditor to write a script and parse it for source code scanning (I'm not talking about dummy source code scanner like the one in DevPartner though)?. Thanks you very much. Trihuynh Sentryunion
_______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Metacompilation Tri Huynh (Dec 02)
- <Possible follow-ups>
- RE: Metacompilation Brass, Phil (ISS Atlanta) (Dec 03)