# Select a demo, paste code, or upload a file
#
# COBALT detects (real patterns, any code):
# · CWE-190 Integer overflow (C, Go, Rust)
# · CWE-195 Signed-to-unsigned conversion (C)
# · CWE-416 Use-after-free (C)
# · CWE-476 Null / uninitialized pointer (C, Go)
# · CWE-787 Buffer overflow via unsafe functions (C)
# · CWE-94 Code injection via eval() (Python)
# · CWE-78 Command injection (Python)
# · CWE-89 SQL injection (Python)
# · CWE-457 Unbound variable (Python)
# · SWC-107 Reentrancy (Solidity)
# · SWC-101 Integer overflow (Solidity <0.8)
# · CWE-248 Unchecked unwrap() (Rust)
# · CWE-676 unsafe block (Rust)
#
# Each finding: Z3 formula + SAT/UNSAT + counterexample
$