Skip to content

Commit

Permalink
Merge pull request #475 from vobst/prepare_0.9_release
Browse files Browse the repository at this point in the history
Prepare 0.9 release
  • Loading branch information
vobst authored Aug 20, 2024
2 parents e8db00b + 8f22f56 commit 37c8125
Show file tree
Hide file tree
Showing 11 changed files with 35 additions and 27 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/acceptance-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -42,14 +42,14 @@ jobs:
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
toolchain: 1.76.0
override: true
- name: Install cwe_checker
run: make all GHIDRA_PATH=/opt/ghidra
- uses: actions-rs/cargo@v1
with:
command: test
args: --no-fail-fast -p acceptance_tests_ghidra -- --show-output --ignored --test-threads 1
args: --locked --no-fail-fast -p acceptance_tests_ghidra -- --show-output --ignored --test-threads 1

docker-build:
runs-on: ubuntu-latest
Expand Down
12 changes: 8 additions & 4 deletions .github/workflows/codestyle_checks.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
toolchain: 1.76.0
override: true
components: rustfmt
- uses: actions-rs/cargo@v1
Expand All @@ -33,13 +33,17 @@ jobs:
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
toolchain: 1.76.0
override: true
components: clippy
- uses: actions-rs/cargo@v1
with:
command: clippy
args: -- -D clippy::all -D missing_docs
- uses: actions-rs/cargo@v1
with:
command: clippy
args: -p cwe_checker_lib --bench "benchmarks" -- -D clippy::all

doc:
name: Rustdoc
Expand All @@ -49,10 +53,10 @@ jobs:
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
toolchain: 1.76.0
override: true
components: rust-docs
- uses: actions-rs/cargo@v1
with:
command: doc
args: --no-deps --document-private-items
args: --no-deps --document-private-items
5 changes: 3 additions & 2 deletions .github/workflows/unit-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,9 @@ jobs:
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
toolchain: 1.76.0
override: true
- uses: actions-rs/cargo@v1
with:
command: test
command: test
args: --locked
5 changes: 4 additions & 1 deletion CHANGES.md
Original file line number Diff line number Diff line change
@@ -1,4 +1,7 @@
0.9-dev
0.10-dev
===

0.9 (2024-08)
===

- Fixed an issue in the pcode to IR translation (PR #470)
Expand Down
4 changes: 2 additions & 2 deletions Cargo.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ FROM rust:1.76-bullseye AS builder
WORKDIR /cwe_checker

COPY . .
RUN cargo build --release
RUN cargo build --locked --release

FROM ghcr.io/fkie-cad/ghidra_headless_base:10.2.3 as runtime

Expand Down
8 changes: 4 additions & 4 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,11 @@ GHIDRA_PATH =

.PHONY: all clean test uninstall docker
all:
cargo build -p cwe_checker_install --release
cargo build --locked -p cwe_checker_install --release
./target/release/cwe_checker_install ${GHIDRA_PATH}

test:
cargo test
cargo test --locked
if [ ! -d "test/artificial_samples/build" ]; then \
echo "Acceptance test binaries not found. Please see test/artificial_samples/Readme.md for build instructions."; \
exit -1; \
Expand All @@ -15,7 +15,7 @@ test:
echo "Acceptance test LKMs not found. Please see test/lkm_samples/Readme.md for build instructions."; \
exit -1; \
fi
cargo test --no-fail-fast -p acceptance_tests_ghidra -- --show-output --ignored --test-threads 1
cargo test --locked --no-fail-fast -p acceptance_tests_ghidra -- --show-output --ignored --test-threads 1

compile_test_files:
pushd test/artificial_samples \
Expand All @@ -36,7 +36,7 @@ clean:
rm -f -r doc/html

uninstall:
cargo build -p cwe_checker_install --release
cargo build --locked -p cwe_checker_install --release
./target/release/cwe_checker_install --uninstall

documentation:
Expand Down
12 changes: 6 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
![Acceptance tests](https://github.com/fkie-cad/cwe_checker/actions/workflows/acceptance-tests.yml/badge.svg?branch=master)
![Unit tests](https://github.com/fkie-cad/cwe_checker/actions/workflows/unit-tests.yml/badge.svg?branch=master)
![Docker-Pulls](https://img.shields.io/docker/pulls/fkiecad/cwe_checker.svg)
[![Documentation](https://img.shields.io/badge/doc-stable-green.svg)](https://fkie-cad.github.io/cwe_checker/index.html)
[![Documentation](https://img.shields.io/badge/doc-stable-green.svg)](https://docs.cwe-checker.io/index.html)

## What is cwe_checker? ##
cwe_checker is a suite of checks to detect common bug classes such as Null pointer dereferences and buffer overflows.
Expand Down Expand Up @@ -39,7 +39,7 @@ The following arguments should convince you to give *cwe_checker* a try:
The simplest way is to pull the latest Docker image from the [Github container registry](https://github.com/fkie-cad/cwe_checker/pkgs/container/cwe_checker):
- `docker pull ghcr.io/fkie-cad/cwe_checker:latest` yields an image based on the current master branch.
- `docker pull ghcr.io/fkie-cad/cwe_checker:stable` yields an image based on the latest stable release version.
- `docker pull ghcr.io/fkie-cad/cwe_checker:v0.8` yields an image based on the v0.8 stable release version.
- `docker pull ghcr.io/fkie-cad/cwe_checker:v0.9` yields an image based on the v0.9 stable release version.
However, it is recommended to switch to newer stable releases as soon as they get published, since improvements between stable versions can be quite significant.

If you want to build the docker image yourself, just run
Expand Down Expand Up @@ -81,7 +81,7 @@ There is _experimental_ support for the analysis of Linux loadable kernel module
subset of the CWE checks available for user-space programs. Analyses are
configurable via a separate [configuration file](src/lkm_config.json).

If you use the stable version, you can also look at the [online documentation](https://fkie-cad.github.io/cwe_checker/index.html) for more information.
If you use the stable version, you can also look at the [online documentation](https://docs.cwe-checker.io/index.html) for more information.

### For Bare-Metal Binaries ###

Expand All @@ -90,13 +90,13 @@ For that one needs to provide a bare metal configuration file via the `--bare-me
An example for such a configuration file can be found at `bare_metal/stm32f407vg.json`
(which was created and tested for an STM32F407VG MCU).

For more information take a look at the [online documentation](https://fkie-cad.github.io/cwe_checker/index.html).
For more information take a look at the [online documentation](https://docs.cwe-checker.io/index.html).

## Documentation and Tests ##

The test binaries for our test suite can be built with `make compile_test_files` (needs Docker to be installed!). The test suite can then be run with `make test`.

Source code documentation can be built with `make documentation`. For the stable version, the documentation can be found [here](https://fkie-cad.github.io/cwe_checker/index.html).
Source code documentation can be built with `make documentation`. For the stable version, the documentation can be found [here](https://docs.cwe-checker.io/index.html).

## Implemented Checks <a name=checks></a> ##

Expand All @@ -120,7 +120,7 @@ So far the following analyses are implemented:
- [CWE-789](https://cwe.mitre.org/data/definitions/789.html): Memory Allocation with Excessive Size Value

Please note that both false positives and false negatives are to be expected due to shortcuts and the nature of static analysis as well as over-approximation.
You can find information on the inner workings of each check as well as known reasons for false positives and false negatives on the [check-specific documentation pages](https://fkie-cad.github.io/cwe_checker/doc/html/cwe_checker_lib/checkers/index.html).
You can find information on the inner workings of each check as well as known reasons for false positives and false negatives on the [check-specific documentation pages](https://docs.cwe-checker.io/cwe_checker_lib/checkers/index.html).

## Integration into other tools ##

Expand Down
4 changes: 2 additions & 2 deletions src/caller/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
[package]
name = "cwe_checker"
version = "0.9.0-dev"
authors = ["Fraunhofer FKIE <firmware-security@fkie.fraunhofer.de>"]
version = "0.9.0"
authors = ["Fraunhofer FKIE <contact@cwe-checker.io>"]
edition = "2021"
rust-version = "1.76"

Expand Down
4 changes: 2 additions & 2 deletions src/cwe_checker_lib/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
[package]
name = "cwe_checker_lib"
version = "0.9.0-dev"
authors = ["Fraunhofer FKIE <firmware-security@fkie.fraunhofer.de>"]
version = "0.9.0"
authors = ["Fraunhofer FKIE <contact@cwe-checker.io>"]
edition = "2021"
rust-version = "1.76"

Expand Down
2 changes: 1 addition & 1 deletion test/Cargo.toml
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
[package]
name = "acceptance_tests_ghidra"
version = "0.1.0"
authors = ["Faunhofer FKIE <firmware-security@fkie.fraunhofer.de>"]
authors = ["Fraunhofer FKIE <contact@cwe-checker.io>"]
edition = "2021"

[dependencies]
Expand Down

0 comments on commit 37c8125

Please sign in to comment.