Skip to main content

Table 5 Information of applications used in evaluation

From: ELAID: detecting integer-Overflow-to-Buffer-Overflow vulnerabilities by light-weight and accurate static analysis

Programs Version LOC CVE Number IO_ op MEM
gocr 0.40 21608 CVE-2005-1141 s malloc
jasper 1.900.1 28279 CVE-2011-4517 u jas_malloc
cpio 2.9 30309 CVE-2014-9112 +u xmalloc
libexif 0.6.21 10828 CVE-2016-6328 u exif_mem_alloc
jbig2dec 0.13 10750 CVE-2016-9601 +s jbig2_new
swftools 0.9.2 211618 CVE-2017-16868 s malloc
linux kernel 5.8-rc1 1473247 CVE-2019-14283 u memcpy
    CVE-2018-13406 u kmalloc
    CVE-2017-8924 u memcpy
    CVE-2016-9084 s kzalloc
    CVE-2016-3135 +u kvmalloc
    CVE-2014-9904 u kmalloc
    CVE-2012-6703 u kmalloc
    CVE-2012-0044 s kzalloc