Skip to content
/ vccrosshair Public

A classifier that can to a degree distinguish between commits that are prone to be vulnerable and ones that are not.

License

Apache-2.0 license
0 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jp-wagner/vccrosshair

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
Thesis
Thesis
 
 
src
src
 
 
vccrosshair
vccrosshair
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
setup.py
setup.py
 
 

Repository files navigation

vccrosshair

This is a CLI for a classifier I developed as part of my Bachelor Thesis. This tool can to an extent distinguish between commits that are prone to be vulnerable and ones that are not. You can find the entire thesis as well as a summary in the Thesis directory.

Table of Contents

Installation

pip3 install -r requirements.txt

Example

In this example we run the classifier over the commit that introduced the infamous heartbleed bug.

vccrosshair --repo path/to/openssl --commit 4817504d069b4c5082161b02a22116ad75f822b1
> Commit is prone to be vulnerable!
> Confidence: 0.6815684510145337
> The most significant feature was: Average added line count (per file count)

Exceptions

Vccrosshair will not work on commits that

  • do not alter any C/C++ files
  • are merge commits

Dataset

https://figshare.com/s/4dd1130c336f43f6e18c

About

A classifier that can to a degree distinguish between commits that are prone to be vulnerable and ones that are not.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages