pe-parse
pe-parse copied to clipboard
trailofbits
RIIR
I think it's time to consider rewriting this project in Rust: it receives very little maintenance or novel feature development, has had a few memory corruption vulnerabilities discovered through fuzzing over the years, and has a relatively simple C API that could be exposed from a Rust core.
In other words: from an external users' perspective, all that would change is the C API (we'd have to make breaking changes to accommodate internal changes). External users would not need to know Rust.
If we decide to do this, we should do it as a major breaking change, with a new major (3.x) release series.
As part of a potential rewrite, we should reuse an existing high-quality Rust PE parser, rather than writing our own. Two options:
goblin: https://crates.io/crates/goblinobject: https://crates.io/crates/object
A rewrite here would also have downstream repercussions for a few of our projects, including winchecksec and uthenticode. It's my opinion that those repercussions would be largely positive, although it's still churn that would need to be performed. It would also be a strong motivating point for rewriting some of those projects in Rust as well.
CCing for opinions: @ekilmer @yardenshafir @ret2libc @alessandrogario
I'm ok with this. It might also be a good chance to rewrite some of those downstream projects in rust since they are also mostly static at this point.
Will there be plans to release a new version after rewriting it in RUST?
Will there be plans to release a new version after rewriting it in RUST?
That's the plan, but nobody is currently working on the rewrite.