This open-source tool streamlines software verification by allowing the simultaneous assessment of extensive files and functions in a single run. By leveraging the ESBMC module, it enhances vulnerability detection and reinforces software security.
Readme
LSVerifier is a command-line tool for formal verification of large ANSI-C projects in a single run.
It leverages the ESBMC model checker as its core verification engine.
Demo video.
| Version | Improviments |
|---|---|
| v0.3.0 | Support specific class of property verification; Support for large software; Prioritized functions verification, Disable invalid pointer verification. |
| v0.2.0 | Support for libraries dependencies; Recursive verification. |
$ git clone https://github.com/janislley/lsverifier.git
$ cd LSVerifier
$ pip3 install .
$ pip3 install lsverifier
$ cd <project-root>
$ lsverifier -r -f
For projects with third-party library dependencies, use -l option to specify header paths:
$ lsverifier -r -f -l dep.txt
See an example of dep.txt below:
/usr/include/glib-2.0/
/usr/lib/x86_64-linux-gnu/glib-2.0/include/extcap/
extcap/
plugins/epan/ethercat/
plugins/epan/falco_bridge/
plugins/epan/wimaxmacphy/
epan/crypt/
...
$ lsverifier -f -fl file.c
If you want to verify a project using a prioritization scheme, run:
$ cd <project-root>
$ lsverifier -r -fp
To set the folder path parameter, you should use -d:
lsverifier -r -f -l dep.txt -d project-root/
In the project that you want to verify, run:
$ lsverifier -r -f -p memory-leak-check,overflow-check,deadlock-check,data-races-check
See more properties on tool help.
For more details, check the help:
$ lsverifier -h
usage: lsverifier [-h] [-l LIBRARIES] [-p PROPERTIES] [-f] [-fp] [-fl FILE] [-v] [-r] [-d DIRECTORY] [-dp] [-e ESBMC_PARAMETER]
Input Options
optional arguments:
-h, --help show this help message and exit
-l,--libraries LIBRARIES
Path to the file that describes the libraries' dependencies
-p,--properties PROPERTIES
Properties to be verified (comma separated):
multi-property
nan-check
memory-leak-check
floatbv
overflow-check
unsigned-overflow-check
ub-shift-check
struct-fields-check
deadlock-check
data-races-check
lock-order-check
-f, --functions Enable Functions Verification
-fp, --function-prioritized
Enable Prioritized Functions Verification
-fl,--file FILE File to be verified
-v, --verbose Enable Verbose Output
-r, --recursive Enable Recursive Verification
-d,--directory DIRECTORY
Set the directory to be verified
-dp, --disable-pointer-check
Disable invalid pointer property verification
-e,--esbmc-parameter ESBMC_PARAMETER
Use ESBMC parameter
The verification results will be saved in output folder, automatically created in the current verification path. Each verification run generates two files:
FAQs
This open-source tool streamlines software verification by allowing the simultaneous assessment of extensive files and functions in a single run. By leveraging the ESBMC module, it enhances vulnerability detection and reinforces software security.
We found that LSVerifier demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
CISA launched a new project called Vulnrichment to enrich CVEs with details that help prioritize patching and mitigation efforts, as the NVD backlog of unenriched CVEs awaiting analysis surpasses 10,000.
Security News
Socket is joining forces with CISA and other industry leaders at the RSA Conference to sign the Secure by Design pledge, committing to uphold the highest security standards in our products.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.