This is a replication package for ICSE'24 paper "PS3: Precise Patch Presence Test based on Semantic Symbolic Signature".
- Make sure
addr2line,gdb/lldbexist in your system, we use them to extract information from binary file. - Our Python version is 3.10.
cd ps3
pip install -r requirements.txtDownload the binary file from here, unzip, and put the binary file in the binary directory.
Make sure your directory structure is the same as below.
.
├── README.md (you are here)
├── dataset
│ ├── CVE_info.jsonl (all CVE information)
│ ├── binary (all binary files, which you should download)
│ │ ├── FFmpeg
│ │ ├── openssl
│ │ ├── libxml2
│ │ └── tcpdump
│ ├── diff (directory for patch files)
│ └── test.jsonl (CVE-binary pair)
└── ps3 (our tool)
We provide openssl, libxml2, tcpdump, and FFmpeg binaries used in our paper. If you want to test other binaries, you can compile the binaries by optimization, compiler, and version followed dataset/test.jsonl.
For a quick start you can only download
libxml2,tcpdump,opensslsinceFFmpegis too large to upload and download. The running process is the same.
cd ps3
python main.pyWait for a long time (several hours), and you will get the results in stdout. ps3/log.txt contains test results for each CVE-binary pair.
The target file name format is filename_version_optimization_compiler. For example, ffmpeg_n4.0_O0_x86_clang is a binary file generated by clang with -O0 optimization.
The reference file name format is cvenumber_commitid_state. For example, CVE-2018-0734_8abfe7_vuln is a vulnerable binary file for the CVE. The state can be vuln or patch, which means the patch file is generated by the commit which fixes the CVE or not.