From 5621a04cfd1fa55412b326922cb18cc3eed8c3af Mon Sep 17 00:00:00 2001
From: Enkelmann <46347022+Enkelmann@users.noreply.github.com>
Date: Fri, 10 Jun 2022 13:24:05 +0200
Subject: [PATCH] Prepare release of stable version v0.6 (#335)

---
 CHANGES.md                                  |  7 ++++++-
 Cargo.lock                                  |  4 ++--
 README.md                                   | 20 ++++++++++----------
 src/caller/Cargo.toml                       |  4 ++--
 src/cwe_checker_lib/Cargo.toml              |  2 +-
 src/cwe_checker_lib/src/checkers/cwe_332.rs |  2 +-
 src/cwe_checker_lib/src/lib.rs              |  4 ++--
 test/Cargo.toml                             |  2 +-
 8 files changed, 25 insertions(+), 20 deletions(-)

diff --git a/CHANGES.md b/CHANGES.md
index 76f70a864..e5d8f5367 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,4 +1,4 @@
-0.6-dev
+0.6 (2022-06)
 ====
 
 -   Add support for analysis of bare-metal binaries (PR #203)
@@ -14,6 +14,11 @@
 -   Update cwe_checker_to_ida script (PRs #279, #281)
 -   New installer script that can search for the Ghidra installation path for you (PR #278)
 -   Refactor handling of caller stacks in PointerInference analysis (PR #287)
+-   Project struct refactorings (PRs #291, #301, #324)
+-   New improved implementation of CWE-416 Use-After-Free check (PRs #311, #318, #328)
+-   New improved implementation of CWE-119 Buffer Overflow check (PRs #315, #326, #328, #333)
+-   Use information on non-returning functions in CFG generation (PR #319)
+-   Handle stack manipulation based on stack alignment for x86 (PRs #317, #323)
 
 0.5 (2021-07)
 ====
diff --git a/Cargo.lock b/Cargo.lock
index 060ea7d1c..42f14d5dd 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -128,7 +128,7 @@ dependencies = [
 
 [[package]]
 name = "cwe_checker"
-version = "0.6.0-dev"
+version = "0.6.0"
 dependencies = [
  "cwe_checker_lib",
  "directories",
@@ -151,7 +151,7 @@ dependencies = [
 
 [[package]]
 name = "cwe_checker_lib"
-version = "0.6.0-dev"
+version = "0.6.0"
 dependencies = [
  "anyhow",
  "apint",
diff --git a/README.md b/README.md
index ca8922029..3ed2436f9 100644
--- a/README.md
+++ b/README.md
@@ -9,14 +9,15 @@
 [![Documentation](https://img.shields.io/badge/doc-stable-green.svg)](https://fkie-cad.github.io/cwe_checker/index.html)
 
 ## What is cwe_checker? ##
-cwe_checker is a suite of checks to detect common bug classes such as use of dangerous functions and simple integer overflows.
+cwe_checker is a suite of checks to detect common bug classes such as Null pointer dereferences and buffer overflows.
 These bug classes are formally known as [Common Weakness Enumerations](https://cwe.mitre.org/) (CWEs).
-Its main goal is to aid analysts to quickly find vulnerable code paths.
+The checks are based on a variety of anaylsis techniques ranging from simple heuristics to abstract interpretation-based data-flow analysis.
+Its main goal is to aid analysts to quickly find potentially vulnerable code paths.
 
 Its main focus are ELF binaries that are commonly found on Linux and Unix operating systems.
 The cwe_checker uses [Ghidra](https://ghidra-sre.org/) to disassemble binaries into one common intermediate representation
 and implements its own analyses on this IR.
-Hence, the analyses can be run on all CPU architectures that Ghidra can disassemble,
+Hence, the analyses can be run on most CPU architectures that Ghidra can disassemble,
 which makes the *cwe_checker* a valuable tool for firmware analysis.
 
 The following arguments should convince you to give *cwe_checker* a try:
@@ -45,9 +46,10 @@ If you want to build the docker image yourself, just run `docker build -t cwe_ch
 
 The following dependencies must be installed in order to build and install the *cwe_checker* locally:
 -   [Rust](https://www.rust-lang.org) >= 1.57
--   [Ghidra](https://ghidra-sre.org/) >= 9.2
+-   [Ghidra](https://ghidra-sre.org/) >= 10.1.2
 
 Run `make all GHIDRA_PATH=/path/to/ghidra_folder` (with the correct path to the local Ghidra installation inserted) to compile and install the cwe_checker.
+If you omit the `GHIDRA_PATH` argument the installer will search your file system for a local installation of Ghidra.
 
 ## Usage ##
 
@@ -76,8 +78,7 @@ For that one needs to provide a bare metal configuration file via the `--bare-me
 An example for such a configuration file can be found at `bare_metal/stm32f407vg.json`
 (which was created and tested for an STM32F407VG MCU).
 
-For more information build and read the documentation locally via `make documentation`.
-Note that this analysis mode is not yet included in the stable version of the cwe_checker.
+For more information take a look at the [online documentation](https://fkie-cad.github.io/cwe_checker/index.html).
 
 ## Documentation and Tests ##
 
@@ -96,8 +97,7 @@ So far the following analyses are implemented:
 -   [CWE-243](https://cwe.mitre.org/data/definitions/243.html): Creation of chroot Jail Without Changing Working Directory
 -   [CWE-332](https://cwe.mitre.org/data/definitions/332.html): Insufficient Entropy in PRNG
 -   [CWE-367](https://cwe.mitre.org/data/definitions/367.html): Time-of-check Time-of-use (TOCTOU) Race Condition
--   [CWE-415](https://cwe.mitre.org/data/definitions/415.html): Double Free
--   [CWE-416](https://cwe.mitre.org/data/definitions/416.html): Use After Free
+-   [CWE-416](https://cwe.mitre.org/data/definitions/416.html): Use After Free and its variant [CWE-415](https://cwe.mitre.org/data/definitions/415.html): Double Free
 -   [CWE-426](https://cwe.mitre.org/data/definitions/426.html): Untrusted Search Path
 -   [CWE-467](https://cwe.mitre.org/data/definitions/467.html): Use of sizeof() on a Pointer Type
 -   [CWE-476](https://cwe.mitre.org/data/definitions/476.html): NULL Pointer Dereference
@@ -105,8 +105,8 @@ So far the following analyses are implemented:
 -   [CWE-676](https://cwe.mitre.org/data/definitions/676.html): Use of Potentially Dangerous Function
 -   [CWE-782](https://cwe.mitre.org/data/definitions/782.html): Exposed IOCTL with Insufficient Access Control
 
-Please note that some of the above analyses are only partially implemented at the moment.
-Furthermore, both false positives and false negatives are to be expected due to shortcuts and the nature of static analysis as well as over-approximation.
+Please note that both false positives and false negatives are to be expected due to shortcuts and the nature of static analysis as well as over-approximation.
+You can find information on the inner workings of each check as well as known reasons for false positives and false negatives on the [check-specific documentation pages](https://fkie-cad.github.io/cwe_checker/doc/html/cwe_checker_lib/checkers/index.html).
 
 ## Integration into other tools ##
 
diff --git a/src/caller/Cargo.toml b/src/caller/Cargo.toml
index 48280900b..4633b3094 100644
--- a/src/caller/Cargo.toml
+++ b/src/caller/Cargo.toml
@@ -1,7 +1,7 @@
 [package]
 name = "cwe_checker"
-version = "0.6.0-dev"
-authors = ["Enkelmann <nils-edvin.enkelmann@fkie.fraunhofer.de>"]
+version = "0.6.0"
+authors = ["Nils-Edvin Enkelmann <nils-edvin.enkelmann@fkie.fraunhofer.de>"]
 edition = "2021"
 
 [dependencies]
diff --git a/src/cwe_checker_lib/Cargo.toml b/src/cwe_checker_lib/Cargo.toml
index ecc29a719..a730a4d1e 100644
--- a/src/cwe_checker_lib/Cargo.toml
+++ b/src/cwe_checker_lib/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "cwe_checker_lib"
-version = "0.6.0-dev"
+version = "0.6.0"
 authors = ["Nils-Edvin Enkelmann <nils-edvin.enkelmann@fkie.fraunhofer.de>"]
 edition = "2021"
 
diff --git a/src/cwe_checker_lib/src/checkers/cwe_332.rs b/src/cwe_checker_lib/src/checkers/cwe_332.rs
index 1ffdba643..e5f50a02a 100644
--- a/src/cwe_checker_lib/src/checkers/cwe_332.rs
+++ b/src/cwe_checker_lib/src/checkers/cwe_332.rs
@@ -1,4 +1,4 @@
-//! This module implements a check for CWE332: Insufficient Entropy in PRNG.
+//! This module implements a check for CWE-332: Insufficient Entropy in PRNG.
 //!
 //! This can happen, for instance, if the PRNG is not seeded. A classical example
 //! would be calling rand without srand. This could lead to predictable random
diff --git a/src/cwe_checker_lib/src/lib.rs b/src/cwe_checker_lib/src/lib.rs
index 8c152b472..9dde39ea8 100644
--- a/src/cwe_checker_lib/src/lib.rs
+++ b/src/cwe_checker_lib/src/lib.rs
@@ -5,12 +5,12 @@ The main library of the cwe_checker containing all CWE checks and analysis modul
 
 The cwe_checker is a tool for finding common bug classes on binaries using static analysis.
 These bug classes are formally known as [Common Weakness Enumerations](https://cwe.mitre.org/) (CWEs).
-Its main goal is to aid analysts to quickly find vulnerable code paths.
+Its main goal is to aid analysts to quickly find potentially vulnerable code paths.
 
 Currently its main focus are ELF binaries that are commonly found on Linux and Unix operating systems.
 The cwe_checker uses [Ghidra](https://ghidra-sre.org/) to disassemble binaries into one common intermediate representation
 and implements its own analyses on this IR.
-Hence, the analyses can be run on all CPU architectures that Ghidra can disassemble,
+Hence, the analyses can be run on most CPU architectures that Ghidra can disassemble,
 which makes the *cwe_checker* a valuable tool for firmware analysis.
 
 # Usage
diff --git a/test/Cargo.toml b/test/Cargo.toml
index ab3814b02..7342b002d 100644
--- a/test/Cargo.toml
+++ b/test/Cargo.toml
@@ -1,7 +1,7 @@
 [package]
 name = "acceptance_tests_ghidra"
 version = "0.1.0"
-authors = ["Enkelmann <nils-edvin.enkelmann@fkie.fraunhofer.de>"]
+authors = ["Nils-Edvin Enkelmann <nils-edvin.enkelmann@fkie.fraunhofer.de>"]
 edition = "2021"
 
 [dependencies]