Building Software Security Analysis Repo from scratch
These are instructions for building LLVM, SVF, and the assignments (Software-Security-Analysis) from scratch. This is useful if you like to work with your own editor or terminal or have trouble with Docker, the image, or VSCode (M1 Macs currently do).
These instructions are for UNIX systems like Linux or macOS. Windows Subsystem for Linux might do as well.
Install CMake through your package manager. Some possibilities (these commands may require use of sudo):
- Debian and Ubuntu based systems
$ sudo apt-get update
$ sudo apt-get install -y cmake git gcc g++ libtinfo-dev libzstd-dev libz-dev zip wget
- macOS using Homebrew. If you haven't installed Homebrew, run the following command in your terminal.
$ /bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"
If Homebrew is installed, run the following commands in your terminal (cmake version >=3.23 is required).
$ brew install cmake git
2 - Build SVF
This part is applicable to both Ubuntu/Debian and MacOS. Grab the SVF sources.
git clone https://github.com/SVF-Tools/SVF.git
cd SVF
Build. This should take a few minutes (LLVM build may take over 10 mins).
bash build.sh
Finally, move up one level.
cd ..
This part is applicable to both Ubuntu/Debian and MacOS. Grab the Software-Security-Analysis sources.
git clone https://github.com/SVF-tools/Software-Security-Analysis
cd Software-Security-Analysis
Set SVF_DIR (the SVF source code directory you just built SVF), LLVM_DIR and Z3_DIR environmental variables so that you can build Software-Security-Analysis using SVF, LLVM and Z3 as libraries. Type the following:
source env.sh
If success, you may see the output in the terminal like this:
SVF_DIR=/your_path_to_SVF
LLVM_DIR=/your_path_to_SVF/llvm-16.0.0.obj
Z3_DIR=/your_path_to_SVF/SVF/z3.obj
The SVF_DIR, LLVM_DIR, and Z3_DIR are the paths to the SVF source code, LLVM, and Z3 respectively.
Configure. We use the Debug build type to make debugging your assignments easier.
cmake -DCMAKE_BUILD_TYPE=Debug .
Build. (-j8 utilize multi-cores on your machine)
make -j8
Congratulations! All built.
This part is applicable to both Ubuntu/Debian and MacOS. Grab the SVF sources.
If you take a peak in the bin directory, you can see your assignments, the hello world program, and the svfir program. To run the hello world program for example, you can
bin/hello
With your favourite text editor, you can modify the sources in directories like Assignment-1 or HelloWorld, run make again from the Software-Security-Analysis directory, and then rerun your programs.
To debug an executable in the command line, simply run your assignment with a debugger (like LLDB or GDB). If you want to use VSCode, just skip this:
lldb bin/hello
See the following table for running and debugging other executables in Labs and Assignments:
| Lab/Assignment | "program" | "args" |
|---|---|---|
| Lab-Exercise-1 | "${workspaceFolder}/bin/lab1" | "test1" |
| Lab-Exercise-2 | "${workspaceFolder}/bin/lab2" | "test1" |
| Lab-Exercise-3 | "${workspaceFolder}/bin/lab3" | "test1" |
| Assignment-1 | "${workspaceFolder}/bin/ass1" | "-icfg", "Assignment-1/Tests/testcases/icfg/test1.ll" "-pta", "Assignment-1/Tests/testcases/icfg/test1.ll" "-taint", "Assignment-1/Tests/testcases/icfg/test1.ll" |
| Assignment-2 | "${workspaceFolder}/bin/ass2" | "Assignment-2/Tests/testcases/sse/test1.ll" |
| Assignment-3 | "${workspaceFolder}/bin/ass3" | "Assignment-3/Tests/testcases/ae/test1.ll" |
Some resources on LLDB:
VSCode is a source-code editor. This part is applicable to both Ubuntu/Debian and MacOS. Grab the SVF sources.
- Visual Studio Code is a source-code editor. It can be installed by downloading it from the official website
https://code.visualstudio.com/.
- Install the necessary extensions for C/C++ development in VSCode, like the Microsoft C/C++ extension for IntelliSense, debugging, and code browsing.
-
Setup VSCode CMake build
- Guide on how to set up the CMake build system within VSCode, including configuring tasks and launch JSON files for building and debugging.
- First, open the project under the project folder
Software-Security-Analysis. - Then, open the file
.vscode/tasks.jsonand add the following content.
The following is the default content.
{
"tasks": [
{
"label": "C/C++: cpp build active file",
"type": "shell",
"command": "cmake -DCMAKE_BUILD_TYPE=Debug -DSVF_DIR=/Users/z5489735/2023/Teaching/SVF -DLLVM_DIR=/Users/z5489735/2023/Teaching/SVF/llvm-16.0.0.obj -DZ3_DIR=/Users/z5489735/2023/Teaching/SVF/z3.obj . && make",
"options": {
"cwd": "${workspaceFolder}"
},
"group": {
"kind": "build",
"isDefault": true
},
"detail": "Task generated by Debugger."
}
],
"version": "2.0.0"
}We need to change the command field according to the installation path of LLVM and Z3. The SVF_DIR should be the path of the SVF source code. The LLVM_DIR and Z3_DIR should be the installation path of LLVM and Z3 respectively.
For example. If your LLVM_DIR is /Users/z5489735/2023/Teaching/SVF/llvm-16.0.0.obj and the Z3_DIR is /Users/z5489735/2023/Teaching/SVF/z3.obj, then the command field should be changed to cmake -DCMAKE_BUILD_TYPE=Debug -DSVF_DIR=/Users/z5489735/2023/SVF/ -DLLVM_DIR=/opt/homebrew/Cellar/llvm@16/16.0.6/ -DZ3_DIR=/Users/z5489735/2023/Teaching/SVF/z3.obj . && make.
And for launch.json, we need to change the gdb to lldb as the follwoing.
{
"version": "0.2.0",
"configurations": [
{
"name": "(lldb) Launch",
"type": "lldb",
"request": "launch",
// Please change to the executable of your current lab or assignment
// | Lab/Assignment | "program" | "args" |
// | Lab-Exercise-1 | "${workspaceFolder}/bin/lab1" | "test1" |
// | Lab-Exercise-2 | "${workspaceFolder}/bin/lab2" | "test1" |
// | Lab-Exercise-3 | "${workspaceFolder}/bin/lab3" | "test1" |
// | Assignment-1 | "${workspaceFolder}/bin/ass1" | "-icfg", "Assignment-1/Tests/testcases/icfg/test1.ll" |
// | Assignment-2 | "${workspaceFolder}/bin/ass2" | "Assignment-2/Tests/testcases/sse/test1.ll" |
// | Assignment-3 | "${workspaceFolder}/bin/ass3" | "Assignment-3/Tests/testcases/ae/test1.ll" |
"program": "${workspaceFolder}/bin/hello",
"args": [], // may input the test llvm bc file or other options and flags the program may use
"cwd": "${workspaceFolder}",
"preLaunchTask": "C/C++: cpp build active file"
}
]
}Then Click Run And Debug and click the triangle button to start the build process.
If success you can see the following output from the DEBUG CONSOLE.
