Commit 5bc2106d authored by Andre Maroneze's avatar Andre Maroneze 💬
Browse files

Merge branch 'some-blog-fixes' into 'master'

[blog] fix a few URLs and conversion leftovers

See merge request !151
parents f9f250a4 bc12970d
Pipeline #45376 passed with stage
in 3 minutes and 55 seconds
......@@ -13,10 +13,9 @@ summary:
<p>In that post John writes:</p>
<p><q>For example I’d be happy to drop a proved-correct gzip into my Linux machine as long as it was respectably fast.</q></p>
<p>Okay John let us do this and see how far we can go.</p>
<p><a href="https://blog.frama-c.com/admin/post.php?id=187&amp;xconv=1">Convertir en XHTML</a></p>
<p>We'll start with <a href="http://www.zlib.net">zlib</a> that we are going to approach like we did <a href="/index.php?post/2011/04/05/QuickLZ-1">QuickLZ</a> by verifying that the decompression feature is resilient to malicious inputs. I have described the first potential issue on <a href="http://codereview.stackexchange.com/q/19368/20072">this code review site</a>. If you have an opinion on this potential issue you can contribute by expressing it there (registering is a one-click process) or here in the comments if you prefer.</p>
<p>We'll start with <a href="http://www.zlib.net">zlib</a> that we are going to approach like we did <a href="/2011/04/05/Verifying-the-Compression-Library-QuickLZ.html">QuickLZ</a> by verifying that the decompression feature is resilient to malicious inputs. I have described the first potential issue on <a href="http://codereview.stackexchange.com/q/19368/20072">this code review site</a>. If you have an opinion on this potential issue you can contribute by expressing it there (registering is a one-click process) or here in the comments if you prefer.</p>
<blockquote><p>Edited to add: too late Andrew Šveikauskas has already determined that our first alarm was a false positive as you can see on <a href="http://codereview.stackexchange.com/q/19368/20072">codereview.stackexchange.com</a>. Ah well… It would have been nice if out first alarm were a true positive but that was unlikely.</p>
<p>
In case you regret missing out on the fun here is another one: when reaching line inffast.c:269 where <code>from</code> is computed as <code>out - dist</code> to be accessed next what prevents variable <code>out</code> to point one byte into the output buffer and <code>dist</code> to be 2 or 3 or 19? I expect the library must guard against this in the code above but this is the end of a long day and I did not find where. Also this would typically be the kind of relational information that the value analysis fails to remember so I am not promising there is a bug to find here.</p>
</blockquote>"
</blockquote>
{% endraw %}
......@@ -10,14 +10,14 @@ title: "A simple Eva tutorial, part 1"
*(with the collaboration of T. Antignac, Q. Bouillaguet, F. Kirchner and
B. Yakobowski)*
This is the first of a series of posts on a new [Eva](http://frama-c.com/value.html)
This is the first of a series of posts on a new [Eva]({% link _fc-plugins/eva.md %})
tutorial primarily aimed at beginners (some of the later posts contain
more advanced content).
> **Reminder:** Eva is the new name of the Value analysis plug-in.
There is a Value tutorial on Skein-256 that is part of the
[Value Analysis user manual](https://frama-c.com/download/value-analysis-Silicon-20161101.pdf).
[Value Analysis user manual]({{ base_url }}/download/value-analysis-Silicon-20161101.pdf).
The present tutorial is complementary and presents some new techniques
available in Frama-C. If you intend to use Eva, we recommend you read the
Skein-256 tutorial as well because it details several things that will not
......
......@@ -7,7 +7,7 @@ image:
title: "A simple Eva tutorial, part 2"
---
[On the previous post](http://blog.frama-c.com/index.php?post/2017/03/07/A-simple-EVA-tutorial)
[In the previous post]({% link _posts/2017-03-07-A-simple-Eva-tutorial-part-1.md %})
we've seen some recommendations about using Frama-C/Eva,
and some tips about parsing.
In this post, we will see how to run Eva, and
......
......@@ -7,7 +7,7 @@ image:
title: "A simple Eva tutorial, part 3"
---
[On the previous post](http://blog.frama-c.com/index.php?post/2017/03/17/A-simple-tutorial-part-two)
[In the previous post]({% link _posts/2017-03-17-A-simple-Eva-tutorial-part-2.md %})
we've seen how to run Eva, but at the end we had a `NON TERMINATING FUNCTION`
for a function that is supposed to always terminate,
a likely indication that a definitive undefined behavior has been found in the
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment