stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 3 Releases Wiki Activity

sprints work.

Browse Source
This commit is contained in:
master
2026-01-20 00:45:38 +02:00
parent b34bde89fa
commit 4903395618
275 changed files with 52785 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

217
datasets/golden-pairs/security-pairs-index.yaml Normal file
View File

@@ -0,0 +1,217 @@
# Golden Security Pairs Index
# 16 curated pairs per VALH-009 requirements
# Format: OpenSSL (8), zlib (4), libxml2 (4)
pairs:
# OpenSSL: 2 CVE micro-bumps × 4 distros = 8 pairs
- id: openssl-001
cve: CVE-2024-0727
library: openssl
version_before: "3.0.12"
version_after: "3.0.13"
distribution: ubuntu:jammy
architecture: amd64
affected_functions:
- PKCS12_parse
- PKCS12_verify_mac
patch_type: security_fix
- id: openssl-002
cve: CVE-2024-0727
library: openssl
version_before: "3.0.12"
version_after: "3.0.13"
distribution: debian:bookworm
architecture: amd64
affected_functions:
- PKCS12_parse
- PKCS12_verify_mac
patch_type: security_fix
- id: openssl-003
cve: CVE-2024-0727
library: openssl
version_before: "3.0.12"
version_after: "3.0.13"
distribution: fedora:39
architecture: amd64
affected_functions:
- PKCS12_parse
- PKCS12_verify_mac
patch_type: security_fix
- id: openssl-004
cve: CVE-2024-0727
library: openssl
version_before: "3.0.12"
version_after: "3.0.13"
distribution: alpine:3.19
architecture: amd64
affected_functions:
- PKCS12_parse
- PKCS12_verify_mac
patch_type: security_fix
- id: openssl-005
cve: CVE-2023-5678
library: openssl
version_before: "3.0.11"
version_after: "3.0.12"
distribution: ubuntu:jammy
architecture: amd64
affected_functions:
- DH_generate_key
- DH_check_ex
patch_type: security_fix
- id: openssl-006
cve: CVE-2023-5678
library: openssl
version_before: "3.0.11"
version_after: "3.0.12"
distribution: debian:bookworm
architecture: amd64
affected_functions:
- DH_generate_key
- DH_check_ex
patch_type: security_fix
- id: openssl-007
cve: CVE-2023-5678
library: openssl
version_before: "3.0.11"
version_after: "3.0.12"
distribution: fedora:39
architecture: amd64
affected_functions:
- DH_generate_key
- DH_check_ex
patch_type: security_fix
- id: openssl-008
cve: CVE-2023-5678
library: openssl
version_before: "3.0.11"
version_after: "3.0.12"
distribution: alpine:3.19
architecture: amd64
affected_functions:
- DH_generate_key
- DH_check_ex
patch_type: security_fix
# zlib: 1 minor security patch × 4 distros = 4 pairs
- id: zlib-001
cve: CVE-2023-45853
library: zlib
version_before: "1.2.13"
version_after: "1.3"
distribution: ubuntu:jammy
architecture: amd64
affected_functions:
- deflate
- deflateEnd
- inflateSync
patch_type: security_fix
- id: zlib-002
cve: CVE-2023-45853
library: zlib
version_before: "1.2.13"
version_after: "1.3"
distribution: debian:bookworm
architecture: amd64
affected_functions:
- deflate
- deflateEnd
- inflateSync
patch_type: security_fix
- id: zlib-003
cve: CVE-2023-45853
library: zlib
version_before: "1.2.13"
version_after: "1.3"
distribution: fedora:39
architecture: amd64
affected_functions:
- deflate
- deflateEnd
- inflateSync
patch_type: security_fix
- id: zlib-004
cve: CVE-2023-45853
library: zlib
version_before: "1.2.13"
version_after: "1.3"
distribution: alpine:3.19
architecture: amd64
affected_functions:
- deflate
- deflateEnd
- inflateSync
patch_type: security_fix
# libxml2: 1 parser bugfix × 4 distros = 4 pairs
- id: libxml2-001
cve: CVE-2024-25062
library: libxml2
version_before: "2.12.3"
version_after: "2.12.4"
distribution: ubuntu:jammy
architecture: amd64
affected_functions:
- xmlParseChunk
- xmlParseDocument
- xmlCtxtReadMemory
patch_type: parser_fix
- id: libxml2-002
cve: CVE-2024-25062
library: libxml2
version_before: "2.12.3"
version_after: "2.12.4"
distribution: debian:bookworm
architecture: amd64
affected_functions:
- xmlParseChunk
- xmlParseDocument
- xmlCtxtReadMemory
patch_type: parser_fix
- id: libxml2-003
cve: CVE-2024-25062
library: libxml2
version_before: "2.12.3"
version_after: "2.12.4"
distribution: fedora:39
architecture: amd64
affected_functions:
- xmlParseChunk
- xmlParseDocument
- xmlCtxtReadMemory
patch_type: parser_fix
- id: libxml2-004
cve: CVE-2024-25062
library: libxml2
version_before: "2.12.3"
version_after: "2.12.4"
distribution: alpine:3.19
architecture: amd64
affected_functions:
- xmlParseChunk
- xmlParseDocument
- xmlCtxtReadMemory
patch_type: parser_fix
metadata:
version: "1.0"
created: "2026-01-19"
description: "Starter corpus with 16 security pairs for validation harness (VALH-009)"
coverage:
openssl: 8
zlib: 4
libxml2: 4
total: 16

147
datasets/reachability/obfuscation-test-set.yaml Normal file
View File

@@ -0,0 +1,147 @@
# Obfuscation Test Set (MLEM-008)
# Ground-truth pairs for obfuscation resilience testing
test_cases:
- id: gt-0018
name: "Control Flow Flattening - OpenSSL"
description: "OpenSSL function with control flow flattening obfuscation"
original:
library: openssl
version: "3.0.12"
function: SSL_read
binary: libssl.so.3
obfuscated:
technique: control_flow_flattening
tool: ollvm
binary: libssl_obf.so.3
expected_match: true
difficulty: medium
- id: gt-0019
name: "Instruction Substitution - zlib"
description: "zlib function with instruction substitution"
original:
library: zlib
version: "1.3"
function: inflate
binary: libz.so.1.3
obfuscated:
technique: instruction_substitution
tool: ollvm
binary: libz_obf.so.1.3
expected_match: true
difficulty: easy
- id: gt-0020
name: "Bogus Control Flow - libcrypto"
description: "libcrypto function with bogus control flow insertion"
original:
library: openssl
version: "3.0.12"
function: EVP_DigestFinal_ex
binary: libcrypto.so.3
obfuscated:
technique: bogus_control_flow
tool: ollvm
binary: libcrypto_obf.so.3
expected_match: true
difficulty: medium
- id: gt-0021
name: "Dead Code Insertion - libxml2"
description: "libxml2 parser with dead code insertion"
original:
library: libxml2
version: "2.12.4"
function: xmlParseDocument
binary: libxml2.so.2
obfuscated:
technique: dead_code_insertion
tool: custom
binary: libxml2_obf.so.2
expected_match: true
difficulty: easy
- id: gt-0022
name: "Register Reassignment - OpenSSL"
description: "OpenSSL function with register reassignment"
original:
library: openssl
version: "3.0.12"
function: SSL_connect
binary: libssl.so.3
obfuscated:
technique: register_reassignment
tool: custom
binary: libssl_regobf.so.3
expected_match: true
difficulty: easy
- id: gt-0023
name: "Combined Obfuscation - Heavy"
description: "Heavily obfuscated function with multiple techniques"
original:
library: openssl
version: "3.0.12"
function: SSL_write
binary: libssl.so.3
obfuscated:
technique: combined
techniques_applied:
- control_flow_flattening
- instruction_substitution
- bogus_control_flow
- string_encryption
tool: tigress
binary: libssl_heavy.so.3
expected_match: true
difficulty: hard
- id: gt-0024
name: "Virtualization Obfuscation"
description: "Function protected with VM-based virtualization"
original:
library: openssl
version: "3.0.12"
function: AES_encrypt
binary: libcrypto.so.3
obfuscated:
technique: virtualization
tool: vmprotect
binary: libcrypto_vm.so.3
expected_match: false # Known limitation - VM obfuscation is hard
difficulty: extreme
- id: gt-0025
name: "Anti-Decompilation"
description: "Function with anti-decompilation tricks"
original:
library: zlib
version: "1.3"
function: compress
binary: libz.so.1.3
obfuscated:
technique: anti_decompile
tricks:
- overlapping_instructions
- stack_pointer_abuse
- indirect_jumps
tool: custom
binary: libz_antidec.so.1.3
expected_match: true
difficulty: hard
metadata:
version: "1.0"
created: "2026-01-19"
description: "Obfuscation test set for ML embedding validation (MLEM-008)"
total_cases: 8
difficulty_distribution:
easy: 3
medium: 2
hard: 2
extreme: 1
validation_targets:
accuracy_improvement: "+10% on obfuscated vs baseline"
false_positive_rate: "< 2%"
latency_impact: "< 50ms per function"