On Tue, Jun 11, 2024 at 07:19:25AM -0300, Alfredo Ortega wrote:
> Hi! Sorry if this is not the appropriate list to share openbsd-related
> projects (perhaps it was misc?)
> 
> I want to inform you about this project about using LLMs to inject
> thousands of security checks into the OpenBSD kernel automatically.
> 
> I'm sharing the first results at
> https://github.com/ortegaalfredo/openbsd-hardcore , where I used the
> automated tool to add thousands of additional security checks to the
> netinet/netinet6 stack of kernel 7.5. My plan is to continue this
> process with other subsystems, which will be largely automated, and to
> improve the tool so it can be used in other projects. The tool is not
> yet public but the idea is quite simple and can be implemented easily.
> This is a demonstration of the capabilities of LLMs as a
> code-refactoring tool.
> 

This needs a lot more work. Just looked at the first few changes. Some of
them are just wrong (e.g. thinking the 2nd arg of malloc() is a count) and
others are just plain impossible. (check sizeof(x) > SIZE_MAX).

-- 
:wq Claudio