y2k38-checker is a tool that identifies and reports code with potential Year 2038 problem issues in C language source code.
| Check list ID | Description |
|---|---|
| read-fs-timestamp | Since the file timestamp attributes of ext2/3, XFS (versions prior to Linux 5.10), ReiserFS are 32-bit signed integers, programs that read file timestamps in these environments may be affected by the Y2K38. |
| write-fs-timestamp | Since the file timestamp attributes of ext2/3, XFS (versions prior to Linux 5.10), ReiserFS are 32-bit signed integers, programs that write file timestamps in these environments may be affected by the Y2K38. |
| timet-to-int-downcast | Since in many environments the int type is a 32-bit signed integer, there is a possibility that downcasting from time_t type to int may be affected by the Y2K38. |
| timet-to-long-downcast | Since in many environments the int type is a 32-bit signed integer, there is a possibility that downcasting from time_t to long may be affected by the Y2K38. |
Requirements:
- Docker / Docker Compose
- OS: Ubuntu
- Download the releases.
- Unzip the downloaded file.
unzip y2k38-checker-<version>.zipThen, the following directory structure is created.
y2k38-checker/
├─┬ checker/
│ ├── build/lib/liby2k38-plugin.so # detection tool as a Clang plugin
│ ├── scripts/ # scripts for running the detection tool
│ └── clang+llvm-11.0.0-x86_64-linux-gnu-ubuntu-20.04
├── dataset/ # example for C source code
├── volumes/ # target source code
└┬─ .devcontainer/
├── Dockerfile
├── docker-compose.yml
└── devcontainer.json- Add the path of the created the directory in
.devcontainer/docker-compose.yml
services:
y2k38-checker-app:
build:
context: ..
dockerfile: .devcontainer/Dockerfile
tty: true
volumes:
- ..:/root/y2k38-checker/volumes/
- type: bind
- source: /home/cysec/develop/.y2k38-checker/analysis-objects/
+ source: <path/to/dir>
target: /root/analysis-objects- Build & Run the docker container with CLI or DevContainer
cd y2k38-checker
docker-compose build # only first time
docker-compose run y2k38-checkerAlternatively, start it in the devcontainer of VSCode.
- Run the detection tool with the following command.
Check the source code in the volumes/ directory with the detection tool.
python3 ./checker/script/analyze/main.py file.c
# python3 ./checker/scripts/analyze/main.py ./dataset/blacklist/read-fs-timestamp.cclang -w -fplugin=/root/y2k38-checker/checker/build/lib/liby2k38-plugin.so -c file.c
# clang -w -fplugin=/root/y2k38-checker/checker/build/lib/liby2k38-plugin.so -c /root/y2k38-checker/dataset/blacklist/read-fs-timestamp.c- Clone the repository
git clone https://github.com/cysec-lab/y2k38-checker.git- Create the directory for the detecting target source code, and add files to be analyzed.
mkdir <path/to/dir>
cp -r <files/to/be/analyzed> <path/to/dir>- Download LLVM library
cd ./checker/
curl -L https://github.com/llvm/llvm-project/releases/download/llvmorg-11.0.0/clang+llvm-11.0.0-x86_64-linux-gnu-ubuntu-20.04.tar.xz | tar -Jxf -- Add the path of the created the directory in
.devcontainer/docker-compose.yml
services:
y2k38-checker-app:
build:
context: ..
dockerfile: .devcontainer/Dockerfile
tty: true
volumes:
- ..:/root/y2k38-checker/volumes/
- type: bind
- source: /home/cysec/develop/.y2k38-checker/analysis-objects/
+ source: <path/to/dir>
target: /root/analysis-objects- Build & Run the docker container with CLI or DevContainer
cd y2k38-checker
docker-compose build # only first time
docker-compose run y2k38-checkerAlternatively, start it in the devcontainer of VSCode.
- Move to the checker/ directory
cd ./checker- Build with CMake
cd ../checker/build
cmake -DCMAKE_EXPORT_COMPILE_COMMANDS=True \
-DLLVM_DIR=../clang+llvm-11.0.0-x86_64-linux-gnu-ubuntu-20.04/lib/cmake/llvm/ \
../clang-analyzer
makeThen, the plugin library is created in the build/lib directory.
For Python scripts, run the following command.
cd ./checker/script/analyze/
PYTHONPATH=$(pwd) python3 -m unittest discover