-
Notifications
You must be signed in to change notification settings - Fork 9
CGC Coverage
This page (generated by cgc_coverage.py in the wiki repo) tracks our progress towards identification of the vulnerabilities found in the DARPA CGC challenges. To avoid discrepancies from different compiler versions, you can use our pre-compiled binaries (239 MB) and/or analysis files. These files are minified. For "pretty-printed" format, python -m json.tool <analysis>_min.json.
CWEs are MITRE's Common Weakness Enumerations.
The DARPA CGC performers adhered to a very convenient format when documenting their challenge binaries by labeling applicable CWEs.
For example, check out the Use After Free (UAF) vulnerability class, labeled by MITRE as CWE-416. "FileSys" is an example of a challenge with this vulnerability. queries/cwe_416.py is an example of detecting UAF using PM.
(TODO)