readme.md

coccinelle_exercises

• blog post here: Finding vulnerabilities on *Unix kernel with Coccinelle and hacker1
• coccinelle notes and exercises

contents

• solutions-tutorial

• [advanced_queries](.(advanced_queries)

• tips 1: start simple, with a semantic patch that matches the common case

• tips 2: incremental development, restrict semantic patch to reduce results, fp

• tips 3: use multiple rules to have better results and scripts

  • e.g. we have @badr@ positon p; @@ @@ position p != badr.p @@

• software lifecycle in a nutshell (ref: https://www.youtube.com/watch?v=LOsluYTzdMg)

  1. (great) idea
  2. quick and dirty implementation
  3. people like the idea and start to use the code
  4. feature requests
  5. bug reported
  6. attackers start to develop exploit

refs

• Julia Lawall: An Introduction to Coccinelle Bug Finding - video

  • pdf

• Keynote: Inside the Mind of a Coccinelle Programmer - video

• SAN19-500K1 Keynote: Coccinelle: 10 Years of Automated Evolution in the Linux Kernel - video

• Mentorship Session: Coccinelle: Automating Large-scale Evolution and Bug Finding in C Code - video

  • pdf

• Coccinelle quickstart - blog

• learning-coccinelle - github repo

• Case study: Searching for a vulnerability pattern in the Linux kernel - blog

• Kernel Exploitationvia Uninitialized Stack - doc

• https://github.com/gmacario/learning-coccinelle/blob/master/docs/wk4_coccinelle.md

  • https://github.com/gmacario/learning-coccinelle/tree/master/wk4

• coccinelle-for-the-newbie - blog

• Coccinelle - JEHTech blog

• coccinelle gitlab page