![[LWN Logo]](/images/lcorner.png) |
|
![[LWN.net]](/images/Included.png) |
From: gzoppi@python.it (Giorgio Zoppi)
To: lwn@lwn.net
Subject: [lcamtuf@bos.bindview.com: Fenris]
Date: Wed, 2 Feb 2000 00:46:28 +0100
Lo sapevi??
----- Forwarded message from Michal Zalewski <lcamtuf@bos.bindview.com> -----
I am proud to announce Fenris. This tool, developed and distributed under
terms and conditions of GNU Public License, is a unique combination of a
multipurpose run-time tracer, stateful program analyzer and partial GCC
decompiler. Fenris is intended to simplify bug tracking, security audits
and code / algorithm / protocol analysis - providing valuable structural
information about internal constructions, execution path, memory
operations, I/O, conditional expressions and much more. It does not
require sources or any particular compilation method, so it can be very
useful for black-box tests and evaluations - but will also provide
valuable help for open-source project autits, as a nice real-time
reconnaissance tool for whole application or specific functional blocks
(used just like 'strace' or on a higher level of abstraction).
This is not an interactive debugger, and it is not intended to find
problems, bugs or security vulnerabilities automatically. But it is
supposed to be a reliable, useful tool that works in real world and can
deliver valuable information which can be used to detect known problems,
but also to spot unique or not so obvious dynamic conditions. Among many
other features, Fenris is able to auto-detect internals (including number
of function parameters, nesting level) and assign unique names to each
object; fingerprint functions in static binaries, automatically detect
common library code; able to deliver text-based and graphical, browsable
output that documents different aspects of program activity on different
abstraction layers; able to perform partial analysis of single structural
blocks. It is designed to make things easier, filling the gap between
existing code analysis and debugging tools - but not to replace all of
them :-)
For more detailed description of used approach, current implementation and
limitations, please go to http://razor.bindview.com/tools/fenris/README .
A brief demonstration of available output, please visit
http://razor.bindview.com/tools/fenris/fenris-ui.html .
The official site for this project (including downloadable sources,
credits, etc) is http://razor.bindview.com/tools/fenris/. The code is
usable, but certainly not finished. It lacks support for certain calls,
needs to be ported to platforms other than Linux/x86 and needs to support
compilers other than GCC framework. There are some known, but not fully
diagnosed fault conditions and a nice "to do" list. I and other RAZOR
members believe that this project can and will benefit from being an
open-source development, and because of that, we encourage all developers
who find this code interesting to contribute and make it better.
--
_____________________________________________________
Michal Zalewski [lcamtuf@bos.bindview.com] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=
http://lcamtuf.coredump.cx/photo/
----- End forwarded message -----
--
---
http://sf.net/projects/bondlog
G.Z.