MCPcopy Index your code
hub / github.com/Speykious/cve-rs

github.com/Speykious/cve-rs @v0.6.0

Chat with this repo
repository ↗ · DeepWiki ↗ · release v0.6.0 ↗ · + Follow
29 symbols 45 edges 9 files 9 documented · 31% updated 9mo agov0.6.0 · 2024-02-22★ 5,40516 open issues
What it actually does AI analysis from the code graph — generated when you open this
loading…
README

Blazingly 🔥 fast 🚀 memory vulnerabilities, written in 100% safe Rust. 🦀

cve-rs allows you to introduce common memory vulnerabilities (such as buffer overflows and segfaults) into your Rust program in a memory safe manner.

Rust is an amazing language. You can program a lot of useful things while ensuring that your program will stay safe. Unfortunately, safe Rust is quite limiting. For example, you cannot introduce code that could corrupt the program's memory. Now, with cve-rs, you can corrupt your program's memory without corrupting your program's memory.

We are very committed to making sure cve-rs is memory-safe. We know that unsafe code can have unintended consequences, such as memory unsafety that causes programs to be insecure or unstable.

That is why cve-rs uses #![deny(unsafe_code)] in the entire codebase. There is not a single block of unsafe code* in this project.

* There is, unfortunately, one exception: In our tests, we compare the results of our safe transmute function against the regular std::mem::transmute function. Perhaps somewhat shortsightedly, the standard library implementation is unsafe. Regardless, this is only in our tests - the core library has no unsafe code.

cve-rs implements the following bugs in safe Rust:

  • Use after free
  • Buffer overflow
  • Segmentation fault

cve-rs also contains safe reimplementations of:

  • std::mem::transmute
  • std::ptr::null()/null_mut() but for references

Here is an example of usage with the segfault subcommand:

segfault demo

Install

cve-rs can be used directly with Cargo.

To use it as a library:

cargo add cve-rs

Or to run our example binary:

cargo install cve-rs

WASM support

cve-rs supports WASM through the WASI API.

You can compile it and run it using Wasmer with the following commands:

cargo build --target wasm32-wasi
wasmer run target/wasm32-wasi/debug/cve-rs.wasm

Contributors

Special thanks to @Bright-Shard and @Creative0708!

Can I use cve-rs in production?

This project is licensed under the GLWTSPL.

License

This project is licensed under the GLWTSPL.

Good Luck

Core symbols most depended-on inside this repo

Shape

Function 25
Class 3
Enum 1

Languages

Rust100%

Modules by API surface

src/lib.rs5 symbols
src/use_after_free.rs4 symbols
src/transmute.rs4 symbols
src/main.rs4 symbols
src/lifetime_expansion.rs4 symbols
src/references.rs3 symbols
src/segfault.rs2 symbols
src/buffer_overflow.rs2 symbols
benches/transmute.rs1 symbols

For agents

$ claude mcp add cve-rs \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact

Ask about this repo answers extend the page