Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/Speykious/cve-rs

Blazingly 🔥 fast 🚀 memory vulnerabilities, written in 100% safe Rust. 🦀
https://github.com/Speykious/cve-rs

Last synced: about 1 month ago
JSON representation

Blazingly 🔥 fast 🚀 memory vulnerabilities, written in 100% safe Rust. 🦀

Host: GitHub
URL: https://github.com/Speykious/cve-rs
Owner: Speykious
License: other
Created: 2024-02-16T00:34:34.000Z (10 months ago)
Default Branch: main
Last Pushed: 2024-10-22T16:37:54.000Z (about 2 months ago)
Last Synced: 2024-10-29T11:24:37.268Z (about 1 month ago)
Language: Rust
Homepage:
Size: 993 KB
Stars: 4,021
Watchers: 24
Forks: 102
Open Issues: 16
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

awesome-ccamel - Speykious/cve-rs - Blazingly 🔥 fast 🚀 memory vulnerabilities, written in 100% safe Rust. 🦀 (Rust)
AiTreasureBox - Speykious/cve-rs - 12-07_4123_0](https://img.shields.io/github/stars/Speykious/cve-rs.svg)|Blazingly 🔥 fast 🚀 memory vulnerabilities, written in 100% safe Rust. 🦀| (Repos)

README

Blazingly 🔥 fast 🚀 memory vulnerabilities, written in 100% safe Rust. 🦀

[Build Status]: https://img.shields.io/github/actions/workflow/status/Speykious/cve-rs/ci.yaml?branch=master

**cve-rs** allows you to introduce common memory vulnerabilities (such as buffer overflows and segfaults) into your Rust program in a memory safe manner.

## Why choose **cve-rs**?
- 🩸 Bleeding edge technology
- 🕹️ Paradigm-changing (no more unsafe code!)
- 🔥 Blazingly fast
- 💡 Easy to use
- 🏆 Featuring way 👋 too 2️⃣ many 🤯 emojis in the 📖 readme 🔥 🦀 💨
- **🦀 Built in 100% memory-safe Rust**

## Example
![Segfault demo](/vhs/cassete.gif)

Rust is an amazing language. You can program a lot of useful things while ensuring that your program will stay safe. Unfortunately, safe Rust is quite limiting. For example, you cannot introduce code that could corrupt the program's memory. Now, with **cve-rs**, you can corrupt your program's memory without corrupting your program's memory.

We are very committed to making sure **cve-rs** is memory-safe. We know that unsafe code can have unintended consequences, such as memory unsafety that causes bugs like segmentation faults, use-after-frees, and buffer overflows.

That is why **cve-rs** uses `#![deny(unsafe_code)]` in the entire codebase. There is not a single block of `unsafe` code (except for some [tests](./src/transmute.rs#L56)) in this project.

**cve-rs** implements the following bugs in safe Rust:

- Use after free
- Buffer overflow
- Segmentation fault

**cve-rs** also contains safe reimplementations of:

- `std::mem::transmute`
- `std::ptr::null()`/`null_mut()` but for references

## Installation

**cve-rs** can be used directly with Cargo.

To use it as a library:

```sh
cargo add cve-rs
```

Or to run our example binary:

```sh
cargo install cve-rs
cve-rs
```

## WASM support

**cve-rs** supports WASM through the WASI API, and also to Webassembly that you can run in a browser.

You can compile it and run it using [Wasmer](https://wasmer.io/) with the following commands:

```sh
cargo build --target wasm32-wasi
wasmer run target/wasm32-wasi/debug/cve-rs.wasm
```

## Contributors

Special thanks to [@Bright-Shard](https://github.com/Bright-Shard) and [@Creative0708](https://github.com/Creative0708), and everyone else who contributed to **cve-rs**.

## Can I use cve-rs in production?

This project is licensed under the [GLWTSPL](/LICENSE).

## Wait, how safe is cve-rs?!?

This project is licensed under the [GLWTSPL](/LICENSE).

## License

This project is licensed under the [GLWTSPL](/LICENSE).

![Good Luck](https://github.com/me-shaon/GLWTPL/raw/master/good-luck.gif)

...and godspeed.