Windows XP and Windows 2003 partial source code is out there on github. With such a rich corpus of known vulnerabilities in those OS'es and source code availability, surely there should be an amazing amount of SAST/semgrep/codeql rules that take as input existing known exploits and then do rules that find similar things, yet I don't seem to be able to find such projects
Surely, these two code bases should be the foundation of most good CS/cyber courses - like students finding new bugs, etc.
Is source code junk?
Not really different from prototyping on the Linux kernel or the Chromium codebase - pick an old version if you want known bugs... you don't see a whole lot of that either, and in contrast to Windows, that wouldn't lead to all kinds of icky questions about ethics, IP, etc.
The thing about most of these tools is that they don't fare well in large and exotic codebases. What makes sense for a web app is seldom applicable to a kernel, etc. Starting with the simplest problem of understanding the sources of untrusted input and potentially dangerous sinks.
On Wed, Mar 6, 2024 at 6:08 AM Konrads Klints via Dailydave dailydave@lists.aitelfoundation.org wrote:
Windows XP and Windows 2003 partial source code is out there on github. With such a rich corpus of known vulnerabilities in those OS'es and source code availability, surely there should be an amazing amount of SAST/semgrep/codeql rules that take as input existing known exploits and then do rules that find similar things, yet I don't seem to be able to find such projects
Surely, these two code bases should be the foundation of most good CS/cyber courses - like students finding new bugs, etc.
Is source code junk? _______________________________________________ Dailydave mailing list -- dailydave@lists.aitelfoundation.org To unsubscribe send an email to dailydave-leave@lists.aitelfoundation.org
dailydave@lists.aitelfoundation.org
-
Konrads Klints -
Michal Zalewski