Security experts wrapped in a box!
Software
Penjili is a static analysis tool that automatically proves the absence
of security vulnerabilities. It targets array out of bounds,
non-initialized, external or null pointer dereferences, pointer overflows
and integer overflows.
Penjili inputs a Newspeak program (itself compiled from several C or ADA files)
and outputs a list of warnings.
A warning consists of a source file name, line and error type.
When there are 0 warnings, then the code is free of any vulnerability of the
type covered by Penjili!
Description
A description of Penjili architecture and results are given
in this
presentation.
