Dailydave mailing list archives

RE: Metacompilation

From: "Brass, Phil (ISS Atlanta)" <PBrass () iss net>
Date: Wed, 3 Dec 2003 03:39:52 -0500

You want some cool source analysis tools that let you do your own
analysis and/or changes, check out DMS Software Re-engineering Toolkit:
http://www.semdesigns.com/Products/DMS/DMSToolkit.html
 
Not specific to error-detection, but has a good framework for making
your own static analysis error detection checks, with the bonus of being
toolkit for re-engineering source, so in some cases you can write
error-correcting modules that actually fix the bugs.
 
Phil
 
-----Original Message-----
From: dailydave-bounces () lists immunitysec com
[mailto:dailydave-bounces () lists immunitysec com] On Behalf Of Tri Huynh
Sent: Wednesday, December 03, 2003 5:41 AM
To: dave () immunitysec com; dailydave () lists immunitysec com
Subject: [Dailydave] Metacompilation 



        I am reading this paper
http://www.stanford.edu/~engler/p27-hallem.pdf and it talks about a 
        good approach in finding bug in open source software. Dawson is
quite reputed in the
        subject of security, or at least in the academic community. I
don't know if you guys 
        have ever used this approach in finding bugs. Are there any
tools/products that
        allow an auditor to write a script and parse it for source code
scanning (I'm not talking
        about dummy source code scanner like the one in DevPartner
though)?. Thanks you very much.
         
        Trihuynh
        Sentryunion

_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave

Current thread:

Metacompilation Tri Huynh (Dec 02)
- <Possible follow-ups>
- RE: Metacompilation Brass, Phil (ISS Atlanta) (Dec 03)