Evaluating Static Analyzer Goblint on the Juliet Test Suite
Name
Raner Lebbin
Abstract
Static program analysis is used outside of program runtime to discover potential security vulnerabilities. Goblint is a static analyzer based on data-flow analysis that examines multithreaded C programs and can detect flaws caused by data races. This thesis aims to evaluate Goblints’ current capacity and provide ways to expand its functionality. The Juliet Test Suite, a set of test cases covering various vulnerabilities, is used to benchmark the analyzer. A script is written (in Python) that automatically runs Goblint on multiple test cases and generates an HTML file to display the results conveniently. Based on these results, this thesis highlights vulnerabilities that Goblint could detect and provides simplified regressions tests to support the suggested developments.
Graduation Thesis language
Estonian
Graduation Thesis type
Bachelor - Computer Science
Supervisor(s)
Vesal Vojdani
Defence year
2021