News:

2009/07/01
Slides of presentation of the fast-abstract "Finding Vulnerabilities in Software Ported from 32 to 64-bit CPUs" at the 39th IEEE/IFIP International Conference on Dependable Systems and Networks - DSN'09 , Lisbon, Portugal, about DEEEP.
2009/07/01
Presentation of the fast-abstract "Finding Vulnerabilities in Software Ported from 32 to 64-bit CPUs" at the 39th IEEE/IFIP International Conference on Dependable Systems and Networks - DSN'09 , Lisbon, Portugal, about DEEEP.
2008/03/05
Presentation of the Master Thesis "Detection of Integer Vulnerabilities in Software Portability from 32 to 64 bits" (in portuguese). Faculdade de Ciências da Universidade de Lisboa, Lisboa, March 2008.
2008/03/04
New version available. Deeep now runs on Linux.
2007/11/21
deeep.homeunix.org goes online.
2007/11/8
Presentation of the paper "Detection of Integer Vulnerabilities in Software Portability from 32 to 64 bits" (in portuguese) at 3th Nacional Conference about Computer Security on Organizations - SINO'07, Lisbon, Portugal, where the tool DEEEP - Detector of integEr vulnerabilitiEs in softwarE Portability is purposed.

What is DEEEP?

The open source static analysis tool DEEEP - Detector of integEr vulnerabilitiEs in softwarE Portability -, was coded with the prime objective of detecting integer vulnerabilities caused by the bad adaption of aplications from ILP32 to LP64. The DEEEP tool uses the tools Lint and Splint, and runs over Open Solaris and Linux.

This tool semantically analyses source code. More precisely, it does type checking, data-flow analysis, and it automatically correlates the results of these two types of analysis. Type checking is used for finding bugs on the way integers are handled, and data-flow analysis is used to see if hazardous functions (eg. memcpy, strcpy) are accessible from outside the program.

After this two analyses, the tool correlates the results from the previous phases to attain if the data that comes from the inputs are affected by vulnerabilities from porting to LP64, and if these are handled by dangerous functions (memcpy, strcpy,...). In resume, identify if the found bugs are really vulnerabilities, i. e., if they are attackable.