[benchmark] add drawxtl, dvbstreamer, elvis-tiny, and gap-guava

benchmark/drawxtl/5.5/Dockerfile

@@ -0,0 +1,15 @@
+FROM prosyslab/bug-bench-base
+
+RUN apt-get -y update
+RUN apt-get -y install wget flex
+
+COPY build.sh $SRC
+ENV PROGRAM=drawxtl
+
+ENV URL=https://github.com/prosyslab-warehouse/drawxtl-5.5
+ENV GIT_REPO_NAME=drawxtl-5.5
+
+RUN git clone $URL
+RUN mv $GIT_REPO_NAME $PROGRAM
+
+WORKDIR $PROGRAM

benchmark/drawxtl/5.5/build.sh

@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+if [[ $1 == "sparrow" ]]; then
+  echo "not ready yet"
+elif [[ $1 == "infer" ]]; then
+  echo "not ready yet"
+elif [[ $1 == "codeql" ]]; then
+  echo "not ready yet"
+elif [[ $1 == "haechi" ]]; then
+  echo "not ready yet"
+else
+  echo "Unknown build target"
+  exit 1
+fi

benchmark/drawxtl/5.5/label.json

@@ -0,0 +1,61 @@
+[{
+  "project": "drawxtl",
+  "version": "5.5",
+  "file": "source/DRAWxtl55/drawxtl.h",
+  "line": 28,
+  "type": "integer-overflow",
+  "CVE": null,
+  "report": null,
+  "patch": null,
+  "source": {
+    "file": "source/DRAWxtl55/Fourier.cxx",
+    "line": 758,
+    "code": "https://github.com/prosyslab-warehouse/drawxtl-5.5/blob/master/source/DRAWxtl55/Fourier.cxx#L758"
+  },
+  "sink": {
+    "file": "source/DRAWxtl55/drawxtl.h",
+    "line": 28,
+    "code": "https://github.com/prosyslab-warehouse/drawxtl-5.5/blob/master/source/DRAWxtl55/drawxtl.h#L28"
+  },
+  "bug-trace": [{
+    "file": "source/DRAWxtl55/Fourier.cxx",
+    "line": 1070,
+    "code": "https://github.com/prosyslab-warehouse/drawxtl-5.5/blob/master/source/DRAWxtl55/Fourier.cxx#L1070",
+    "cmd": "fread"
+  }, {
+    "file": "source/DRAWxtl55/Fourier.cxx",
+    "line": 759,
+    "code": "https://github.com/prosyslab-warehouse/drawxtl-5.5/blob/master/source/DRAWxtl55/Fourier.cxx#L759",
+    "cmd": "assign"
+  }, {
+    "file": "source/DRAWxtl55/Fourier.cxx",
+    "line": 813,
+    "code": "https://github.com/prosyslab-warehouse/drawxtl-5.5/blob/master/source/DRAWxtl55/Fourier.cxx#L813",
+    "cmd": "assign"
+  }, {
+    "file": "source/DRAWxtl55/Fourier.cxx",
+    "line": 1013,
+    "code": "https://github.com/prosyslab-warehouse/drawxtl-5.5/blob/master/source/DRAWxtl55/Fourier.cxx#L1013",
+    "cmd": "assign"
+  }, {
+    "file": "source/DRAWxtl55/Fourier.cxx",
+    "line": 758,
+    "code": "https://github.com/prosyslab-warehouse/drawxtl-5.5/blob/master/source/DRAWxtl55/Fourier.cxx#L758",
+    "cmd": "multiply"
+  }, {
+    "file": "source/DRAWxtl55/Fourier.cxx",
+    "line": 758,
+    "code": "https://github.com/prosyslab-warehouse/drawxtl-5.5/blob/master/source/DRAWxtl55/Fourier.cxx#L758",
+    "cmd": "call"
+  }, {
+    "file": "source/DRAWxtl55/drawxtl.h",
+    "line": 28,
+    "code": "https://github.com/prosyslab-warehouse/drawxtl-5.5/blob/master/source/DRAWxtl55/drawxtl.h#L28",
+    "cmd": "malloc"
+  }],
+  "similarity": [{
+    "ID": "autotrace-20200219.65",
+    "bug": "https://github.com/prosyslab-warehouse/autotrace-20200219.65/blob/master/src/input-bmp.c#L255",
+    "score": 0.79
+  }]
+}]

benchmark/dvbstreamer/2.1.0/Dockerfile

@@ -0,0 +1,15 @@
+FROM prosyslab/bug-bench-base
+
+RUN apt-get -y update
+RUN apt-get -y install wget flex
+
+COPY build.sh $SRC
+ENV PROGRAM=dvbstreamer
+
+ENV URL=https://github.com/prosyslab-warehouse/dvbstreamer-2.1.0
+ENV GIT_REPO_NAME=dvbstreamer-2.1.0
+
+RUN git clone $URL
+RUN mv $GIT_REPO_NAME $PROGRAM
+
+WORKDIR $PROGRAM

benchmark/dvbstreamer/2.1.0/build.sh

@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+if [[ $1 == "sparrow" ]]; then
+  echo "not ready yet"
+elif [[ $1 == "infer" ]]; then
+  echo "not ready yet"
+elif [[ $1 == "codeql" ]]; then
+  echo "not ready yet"
+elif [[ $1 == "haechi" ]]; then
+  echo "not ready yet"
+else
+  echo "Unknown build target"
+  exit 1
+fi

benchmark/dvbstreamer/2.1.0/label.json

@@ -0,0 +1,37 @@
+[{
+  "project": "dvbstreamer",
+  "version": "2.1.0",
+  "file": "src/setup.c",
+  "line": 94,
+  "type": "buffer-overflow",
+  "CVE": null,
+  "report": "https://sourceforge.net/p/dvbstreamer/bugs/90",
+  "patch": null,
+  "code": "https://github.com/prosyslab-warehouse/dvbstreamer-2.1.0/blob/master/src/setup.c#L94",
+  "source": {
+    "file": "src/setup.c",
+    "line": 94,
+    "code": "https://github.com/prosyslab-warehouse/dvbstreamer-2.1.0/blob/master/src/setup.c#L94"
+  },
+  "sink": {
+    "file": "src/setup.c",
+    "line": 94,
+    "code": "https://github.com/prosyslab-warehouse/dvbstreamer-2.1.0/blob/master/src/setup.c#L94"
+  },
+  "bug-trace": [{
+    "file": "src/setup.c",
+    "line": 94,
+    "code": "https://github.com/prosyslab-warehouse/dvbstreamer-2.1.0/blob/master/src/setup.c#L94",
+    "cmd": "getenv"
+  }, {
+    "file": "src/setup.c",
+    "line": 94,
+    "code": "https://github.com/prosyslab-warehouse/dvbstreamer-2.1.0/blob/master/src/setup.c#L94",
+    "cmd": "sprintf"
+  }],
+  "similarity": [{
+    "ID": "buffer-overflow1-1",
+    "bug": "https://github.com/prosyslab-warehouse/owasp-tutorial/blob/master/tutorial/buffer-overflow1.c#L12",
+    "score": 1
+  }]
+}]

benchmark/elvis-tiny/1.4/Dockerfile

@@ -0,0 +1,15 @@
+FROM prosyslab/bug-bench-base
+
+RUN apt-get -y update
+RUN apt-get -y install wget flex
+
+COPY build.sh $SRC
+ENV PROGRAM=elvis-tiny
+
+ENV URL=https://github.com/prosyslab-warehouse/elvis-tiny-1.4
+ENV GIT_REPO_NAME=elvis-tiny-1.4
+
+RUN git clone $URL
+RUN mv $GIT_REPO_NAME $PROGRAM
+
+WORKDIR $PROGRAM

benchmark/elvis-tiny/1.4/build.sh

@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+if [[ $1 == "sparrow" ]]; then
+  echo "not ready yet"
+elif [[ $1 == "infer" ]]; then
+  echo "not ready yet"
+elif [[ $1 == "codeql" ]]; then
+  echo "not ready yet"
+elif [[ $1 == "haechi" ]]; then
+  echo "not ready yet"
+else
+  echo "Unknown build target"
+  exit 1
+fi

benchmark/elvis-tiny/1.4/label.json

@@ -0,0 +1,37 @@
+[{
+  "project": "elvis-tiny",
+  "version": "1.4",
+  "file": "main.c",
+  "line": 267,
+  "type": "buffer-overflow",
+  "CVE": null,
+  "report": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992407",
+  "patch": null,
+  "code": "https://github.com/prosyslab-warehouse/elvis-tiny-1.4/blob/master/main.c#L267",
+  "source": {
+    "file": "main.c",
+    "line": 264,
+    "code": "https://github.com/prosyslab-warehouse/elvis-tiny-1.4/blob/master/main.c#L264"
+  },
+  "sink": {
+    "file": "main.c",
+    "line": 267,
+    "code": "https://github.com/prosyslab-warehouse/elvis-tiny-1.4/blob/master/main.c#L267"
+  },
+  "bug-trace": [{
+    "file": "main.c",
+    "line": 267,
+    "code": "https://github.com/prosyslab-warehouse/elvis-tiny-1.4/blob/master/main.c#L267",
+    "cmd": "getenv"
+  }, {
+    "file": "main.c",
+    "line": 267,
+    "code": "https://github.com/prosyslab-warehouse/elvis-tiny-1.4/blob/master/main.c#L267",
+    "cmd": "sprintf"
+  }],
+  "similarity": [{
+    "ID": "buffer-overflow1-1",
+    "bug": "https://github.com/prosyslab-warehouse/owasp-tutorial/blob/master/tutorial/buffer-overflow1.c#L12",
+    "score": 1
+  }]
+}]

benchmark/gap-guava/3.15/Dockerfile

@@ -0,0 +1,15 @@
+FROM prosyslab/bug-bench-base
+
+RUN apt-get -y update
+RUN apt-get -y install wget flex
+
+COPY build.sh $SRC
+ENV PROGRAM=gap-guava
+
+ENV URL=https://github.com/prosyslab-warehouse/gap-guava-3.15
+ENV GIT_REPO_NAME=gap-guava-3.15
+
+RUN git clone $URL
+RUN mv $GIT_REPO_NAME $PROGRAM
+
+WORKDIR $PROGRAM

benchmark/gap-guava/3.15/build.sh

@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+if [[ $1 == "sparrow" ]]; then
+  echo "not ready yet"
+elif [[ $1 == "infer" ]]; then
+  echo "not ready yet"
+elif [[ $1 == "codeql" ]]; then
+  echo "not ready yet"
+elif [[ $1 == "haechi" ]]; then
+  echo "not ready yet"
+else
+  echo "Unknown build target"
+  exit 1
+fi

benchmark/gap-guava/3.15/label.json

@@ -0,0 +1,41 @@
+[{
+  "project": "gap-guava",
+  "version": "v3.15",
+  "file": "src/ctjhai/minimum-weight.c",
+  "line": 152,
+  "type": "integer-overflow",
+  "CVE": null,
+  "report": "https://github.com/gap-packages/guava/issues/57",
+  "patch": null,
+  "source": {
+    "file": "src/ctjhai/minimum-weight.c",
+    "line": 147,
+    "code": "https://github.com/prosyslab-warehouse/gap-guava-3.15/blob/master/src/ctjhai/minimum-weight.c#L147"
+  },
+  "sink": {
+    "file": "src/ctjhai/minimum-weight.c",
+    "line": 152,
+    "code": "https://github.com/prosyslab-warehouse/gap-guava-3.15/blob/master/src/ctjhai/minimum-weight.c#L152"
+  },
+  "bug-trace": [{
+    "file": "src/ctjhai/minimum-weight.c",
+    "line": 147,
+    "code": "https://github.com/prosyslab-warehouse/gap-guava-3.15/blob/master/src/ctjhai/minimum-weight.c#L147",
+    "cmd": "fscanf"
+  }, {
+    "file": "src/ctjhai/minimum-weight.c",
+    "line": 152,
+    "code": "https://github.com/prosyslab-warehouse/gap-guava-3.15/blob/master/src/ctjhai/minimum-weight.c#L152",
+    "cmd": "multiply"
+  }, {
+    "file": "src/ctjhai/minimum-weight.c",
+    "line": 152,
+    "code": "https://github.com/prosyslab-warehouse/gap-guava-3.15/blob/master/src/ctjhai/minimum-weight.c#L152",
+    "cmd": "malloc"
+  }],
+  "similarity": [{
+    "ID": "CWE190_10-CWE190_Integer_Overflow__int_fscanf_multiply",
+    "bug": "https://github.com/arichardson/juliet-test-suite-c/blob/master/testcases/CWE190_Integer_Overflow/s03/CWE190_Integer_Overflow__int_fscanf_multiply_01.c#L32",
+    "score": 1
+  }]
+}]