DEEEP Icon

DEEEP

Detector of Integer Vulnerabilities in Software Portability

Add a Review
0 Downloads (This Week)
Last Update:
Download deeep-0.4.x86.tar.gz
Browse All Files
Solaris Linux

Description

DEEEP is a open source static analysis tool to detect, in C programs, integer vulnerabilities caused by the bad adaption of aplications from ILP32 to LP64. It uses the tools Lint and Splint, and runs over Open Solaris and Linux operating systems.

This tool semantically analyses source code. More precisely, it does type checking, data-flow analysis, and it automatically correlates the results of these two types of analysis. Type checking is used for finding bugs on the way integers are handled, and data-flow analysis is used to see if hazardous functions (eg. memcpy, strcpy) are accessible from outside the program.

After this two analyses, the tool correlates the results from the previous phases to attain if the data that comes from the inputs are affected by vulnerabilities from porting to LP64, and if these are handled by dangerous functions (memcpy, strcpy,...). In resume, identify if the found bugs

DEEEP Web Site

Features

  • Integer Vulnerabilities
  • Static Analysis
  • Portability from 32 bits to 64 bits

KEEP ME UPDATED

Write a Review

User Reviews

Be the first to post a review of DEEEP!

Additional Project Details

Intended Audience

Security Professionals

User Interface

Console/Terminal

Programming Language

C, Perl

Registered

2014-03-02

Thanks for helping keep SourceForge clean.

Screenshot instructions:
Windows
Mac
Red Hat Linux   Ubuntu

Click URL instructions:
Right-click on ad, choose "Copy Link", then paste here →
(This may not be possible with some types of ads)

More information about our ad policies
X

Briefly describe the problem (required):

Upload screenshot of ad (required):
Select a file, or drag & drop file here.

Please provide the ad click URL, if possible:

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.

No, thanks