Comments (3)
I would also very much like better PE-support! :-)
For future reference some notes on the current state of PE support (at the time of this comment):
- There already exists experimental support for PE files. However, it is not well tested (e.g. most acceptance tests for PE files are disabled).
- There are known issues for PE files. See issue #250. There is also a high likelihood of more issues with the analysis for PE files that I am not yet aware of.
- Because of the above, one has to assume that the cwe_checker analyses are not reliable on PE files.
Unfortunately, ELF files have priority for us right now and we do not have enough people working on the project to tackle better PE support at the same time. At some point we are going to work on this, but I cannot yet say when this will be. In the meantime I would be happy to help and mentor any outside contributors willing to work on the subject!
from cwe_checker.
That's awesome to know. I am currently trying to improve my static analysis skills. If you have any suggestions for contributing to the project, I'd be glad to help. I'll trying and bang my head against #250 and see if I can't understand how your system works.
from cwe_checker.
Feel free to ask many questions about the things you don't understand. :-) For #250 a possible starting point would be to look at the use cases of the Project::get_standard_calling_convention
method and to figure out how these cases should be handled for PE files. Another starting point is to just take a simple example binary and trying to figure out what happens internally by using lots of debug printing.
from cwe_checker.
Related Issues (20)
- arm elf file checker error HOT 2
- Code Analysis on PcodeExtractor.java HOT 1
- Execution of ghidra plugin failed HOT 1
- Running cwe_checker on arm64 and x86_64 (failed) HOT 5
- cwe_checker run with error 'No loadable segments found' HOT 1
- CWE checker dependencies incompatible with current Kali (clap) HOT 4
- docker how to speficy --bare-metal-config HOT 2
- ghidra >= 10.2 fix "getLeastSignificatBitInBaseRegister" spelling wrong HOT 2
- error running cwe in ghidra HOT 2
- Some comments seems confusing HOT 4
- What is the logic of fixpoint comuptation HOT 2
- Speed up the analysis with new cwe_checker:stable docker image HOT 2
- cwe_checker docker -o option fails HOT 4
- What is CWE119 specifically and the difference with its variants HOT 7
- Infinity Loop Problem HOT 2
- Execution of Ghidra plugin failed HOT 8
- Project Normalization consumes too much RAM HOT 2
- Support for new P-Code operation in Ghidra 10.3 HOT 1
- Windows failed to compile HOT 1
- cwe_checker docker container hang on HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cwe_checker.