Harsh's Blog

Weekly Check-In #5

Harsh
Published: 07/07/2021

I had my college exams from 5th July to 7th July, so most of my time was spent studying for them and I was not able to contribute for the most of this week :( Since my exams are over now! I'm back full of energy!!! (yay! :))
View Blog Post

Weekly Check-In #4

Harsh
Published: 06/29/2021

What did you do this week?

This week I finished giving the Helper-Script an output and tested it on packages for whom we already have a checker for to validate Helper-Script's results. I also completed writing the docs for Helper-Script and fixed "CONTAIN_PATTERNS" for avahi, bash, bind, busybox, cups, curl, dnsmasq, wireshark, varnish checkers.

What is coming up next?

In the upcoming week, I plan on getting feedback from my mentors and friends and implement any necessary changes. I also plan on adding various checker and fixing other existing checkers while testing the tool :)

Did you get stuck anywhere?

No
View Blog Post

Weekly Check-In #3

Harsh
Published: 06/22/2021

What did you do this week?

This week I automated the file extraction process and the strings finding process from the ELF binary files. After this was done, I began testing it against various packages(for whom the checkers already exist) to confirm that the tool works as expected before moving forward to make the output a bit pretty :) I also iterated over the vendor-product finding process to deal with some corner cases.

What is coming up next?

In the upcoming week, I plan on making the output a bit pretty and test it against various packages to find any corner-cases or bugs. I also plan on writing the tests and the documentation for the same.

Did you get stuck anywhere?

Again, I had small doubts here and there, but my mentors helped me to overcome them easily :)
View Blog Post

Weekly Check-In #2

Harsh
Published: 06/16/2021

What did you do this week?

I automated the process for retrieving the vendor-product pairs from the csv database that cve-bin-tool stores. I started by first retrieving the package name from the package filename provided by the user and then I automated the retrieving process with the help of "sqlite3" module. I also started working on the regex process (where I would be finding required strings in the binary).

What is coming up next?

This week I plan on completing the regex process (mentioned above) and also the file extracting process.

Did you get stuck anywhere?

I had small doubts here and there in the codebase, but my mentors helped me to get past them. :)
View Blog Post

Weekly Check-In #1

Harsh
Published: 06/08/2021

Hello Everyone!! I am Harsh, a first year undergrad at BIT, Bangalore - India. This summer I will be working with CVE Binary Tool under the umbrella of Python Software Foundation.

What did you do in Community Bonding Period?

The community bonding period helped me to know my mentors and set a communication medium. During this period, I was familiarizing myself with the codebase and I also learnt various things that would help me with the project like - web-scrapping, about various modules and many more things.

What is coming up next?

I will be working on creating the extraction process of binary files. Since, cve-bin-tool already has code for extracting files and getting strings, so my task here would be to understand this and use it in the "Helper Script".

Did you get stuck anywhere?

I was intimidated by the codebase at first, but as I learnt various stuff during the "community bonding period", I felt more confident and now I feel like I could tackle any challenge in my way :)
View Blog Post