Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?

GSoC 2020

Google Summer of Code Final Work Report

  • Name: Saurabh Khandelwal
  • Organisation: Python Software Foundation
  • Sub-Organisation: CVE Binary Tool
  • Project: Adding new checkers to the CVE Binary Tool
  • Proposal: View / Download

Aim

Improving CVE-Binary-Tool by adding as many checkers as possible. Focussed on popular linux libraries as well as commonly used applications with vulnerabilities, so as to make the tool more effective in determining security issues present in a system.

A few of them were:

  • gimp
  • openvpn
  • bash
  • polarssl
  • irssi

Tasks Achieved

Detailed weekly description of tasks and work done can be found in:

Future Work

The tool has come a long way since I started contributing to it in February 2020. The tool had 10 checkers to begin with, while now it has 60+ checkers. A lot of new contributors have joined us, and the tool has improved a lot in the past couple of months. Some of the things on which I would to work on are:

  • Figuring out a workaround for checkers like prosody, which don't have any viable signatures other than of the form (X.X.X)
  • Adding more checkers for products that could be important for the tool to detect

I would like to thank my mentors Terri Oda and John Andersen, who have guided throughout the summers. It is because of them that I was able to complete the project on time. I would also like to thank Google and Python Software Foundation for this amazing opportuninty.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment