Andrei Homescu
Andrei Homescu
Based on https://github.com/immunant/c2rust/issues/294, switches to `std::os::raw` types by default and adds optional `--use-libc-types` transpiler argument.
Many C projects build their code with `-fvisibility=hidden`, makes top-level globals internal to the binary or library. The closest thing in Rust is `pub(crate)`, so we should use that for...
Recent Windows versions provide an undocumented kernel random number source at `\Device\CNG` (which works similarly to Linux's `/dev/urandom`). We can read random bytes from this device using the `0x390008` ioctl...
Now that we have a CSPRNG in the selfrando source tree, we could also use it on Linux. We currently read all our random numbers directly from `/dev/urandom`, but instead...
gcc and glibc recently added support for the `-static-pie` option, which produces static self-relocating (PIE) binaries. This is implemented by embedding a lightweight version of the glibc loader in the...
For statically-linked binaries where we can determine that no shared libraries ever get loaded, i.e., `dlopen` is never called, we could try to optimize away export trampolines, at least in...
To support offline derandomization (for debugging and forensics), selfrando has a compile-time option to enable dumping the list of randomized functions to a "layout file". These files take a lot...
Firefox requires correct stack traces in several places (such as ASAN) to work. Since selfrando randomizes all function addresses, the stack traces are invalid. Selfrando should fix up the stack...
Code pages containing functions are vulnerable to information leaks even under selfrando. One simple way to bypass selfrando's randomization is to locate all program code pages and scan them linearly...
Builds for C++ software like CMake, LLVM and GoogleTest fail during linking, e.g.: ``` `_ZSt3hexRSt8ios_base$local' referenced in section `.txtrp' of /tmp/traparchive-wcDyG9OmQk(traplink-fXhUhbkcRB): defined in discarded section `.text._ZSt3hexRSt8ios_base[_ZSt3hexRSt8ios_base]' of /tmp/traparchive-wcDyG9OmQk(traplink-fXhUhbkcRB) ```