technolution / rustig Goto Github PK
View Code? Open in Web Editor NEWA tool to detect code paths leading to Rust's panic handler
License: Apache License 2.0
rustig's People
Contributors
Stargazers
Watchers
rustig's Issues
How to install?
The README says to use cargo install --git https://github.com/Technolution/rustig but doing this outputs:
error: multiple packages with binaries found: arithmetic, binary_search, capturing_closure_invocation, direct, empty, hello_world, indexing, indirect, lib_calls, multi_dep, rustig, threads, trait_invocation, unwrap
Tried specifying the rustic binary with cargo install --git https://github.com/Technolution/rustig --bin rustig but that resulted in the same error
Add support for ARM Cortex-M processors
Make --binary optional (<FILE> should be a positional argument)
It's bad UI design to have required option flags on a command-line tool. In fact, the documentation for Python's in-stdlib argument parsing library explicitly teaches people to avoid it.
This...
rustig [FLAGS] [OPTIONS] --binary <FILE>
...should be this...
rustig [FLAGS] [OPTIONS] <FILE>
Requiring --binary or -b before what could be a positional argument just makes the command more awkward to type without any improvement in its expressive power.
Rustig dependency fails to build on stable
One of the dependencies fails to build with the following error:
Compiling cpp_demangle v0.2.9
error[E0034]: multiple applicable items in scope
--> C:\Users\mail\.cargo\registry\src\github.com-1ecc6299db9ec823\petgraph-0.4.12\src\graph_impl\stable_graph\mod.rs:1171:19
|
1171 | self.iter.find_map(|(i, node)| {
| ^^^^^^^^ multiple `find_map` found
|
note: candidate #1 is defined in an impl of the trait `iter_utils::IterUtilsExt` for the type `_`
It seems this is fixed in a newer minor point release of the dependency (i.e., cpp_demangle version 0.2.12).
It might be good to allow automatic upgrades of the rustig dependencies to newer minor point releases.
Is project abandoned?
Is it actual tool for people to use or just some academic experiment?
Feature request: mode to check unsafe code only
Rustig outputs a lot of places that can panic on real projects. However, in safe code exploiting a panic is not very interesting for an attacker: the best it gets you is denial of service, and there are lots of ways to do that anyway.
However, this is not true for unsafe code. Unsafe Rust needs to uphold certain invariants even in presence of panics, and doing so is far from natural or obvious. There are real vulnerabilities caused by lack of panic safety.
Therefore, it would be nice to have a mode that highlights places that can panic in unsafe code only, to aid in auditing unsafe code.
Rustig panics when analysing a binary
I just came across your post to the user forums and thought I'd try rustig out against a no_std gcode parsing library i'm working on. When I ran the program on the cli-reader example in my gcode-rs crate, rustig itself panicked...
Here's a copy of the offending binary:
And steps to reproduce:
$ cd /tmp
$ git clone https://github.com/Michael-F-Bryan/gcode-rs
Cloning into 'gcode-rs'...
remote: Counting objects: 851, done.
remote: Compressing objects: 100% (112/112), done.
remote: Total 851 (delta 112), reused 195 (delta 98), pack-reused 633
Receiving objects: 100% (851/851), 3.92 MiB | 263.00 KiB/s, done.
Resolving deltas: 100% (475/475), done.
$ cd gcode-rs
$ cargo rustc --release --example cli-reader -- -g
Updating registry `https://github.com/rust-lang/crates.io-index`
Compiling nodrop v0.1.12
Compiling difference v2.0.0
Compiling ansi_term v0.11.0
Compiling arrayvec v0.4.7
Compiling pretty_assertions v0.5.1
Compiling gcode v0.3.0 (file:///tmp/gcode-rs)
warning: unused import: `ErrorKind`============================> ] 6/7: gcode
--> examples/cli-reader.rs:7:34
|
7 | use std::io::{self, Read, Error, ErrorKind, BufReader, BufRead};
| ^^^^^^^^^
|
= note: #[warn(unused_imports)] on by default
Finished release [optimized] target(s) in 10.44s
$ rustig --binary target/release/examples/cli-reader
thread 'main' panicked at 'index 40 out of range for slice of length 0', libcore/slice/mod.rs:1962:5
note: Run with `RUST_BACKTRACE=1` for a backtrace.
$ RUST_BACKTRACE=1 rustig --binary target/release/examples/cli-reader
thread 'main' panicked at 'index 40 out of range for slice of length 0', libcore/slice/mod.rs:1962:5
stack backtrace:
0: std::sys::unix::backtrace::tracing::imp::unwind_backtrace
at libstd/sys/unix/backtrace/tracing/gcc_s.rs:49
1: std::sys_common::backtrace::print
at libstd/sys_common/backtrace.rs:71
at libstd/sys_common/backtrace.rs:59
2: std::panicking::default_hook::{{closure}}
at libstd/panicking.rs:211
3: std::panicking::default_hook
at libstd/panicking.rs:227
4: std::panicking::rust_panic_with_hook
at libstd/panicking.rs:475
5: std::panicking::continue_panic_fmt
at libstd/panicking.rs:390
6: rust_begin_unwind
at libstd/panicking.rs:325
7: core::panicking::panic_fmt
at libcore/panicking.rs:77
8: core::slice::slice_index_len_fail
at libcore/slice/mod.rs:1962
9: panic_analysis::panic_calls::panic_message::get_bytes_at_address
10: <panic_analysis::panic_calls::panic_message::CorePanickingPanicMessageFinder as panic_analysis::panic_calls::panic_message::PanicMessageFinder>::find_panic_message
11: core::ops::function::impls::<impl core::ops::function::FnOnce<A> for &'a mut F>::call_once
12: <alloc::vec::Vec<T> as alloc::vec::SpecExtend<T, I>>::from_iter
13: <panic_analysis::panic_calls::DefaultPanicCallsFinder as panic_analysis::panic_calls::PanicCallsFinder>::find_panics
14: panic_analysis::find_panics
15: rustig::main
16: std::rt::lang_start::{{closure}}
17: std::panicking::try::do_call
at libstd/rt.rs:59
at libstd/panicking.rs:310
18: __rust_maybe_catch_panic
at libpanic_unwind/lib.rs:105
19: std::rt::lang_start_internal
at libstd/panicking.rs:289
at libstd/panic.rs:392
at libstd/rt.rs:58
20: main
21: __libc_start_main
22: _startExample usage
You guys did an excellent job I should say after reading your doc and report.
Some examples of usage would be quite helpful for people to learn using this app I think.
Tool crashed when project uses std::sync::atomic::AtomicU64
Caught panic trying to run tool with binary depending on atomic primitive AtomicU64:
thread 'main' panicked at 'No DW_AT_low_pc attribute found for function _ZN4core4sync6atomic11AtomicUsize4load17h6a7ef750e69dfd6eE', lib/callgraph/src/callgraph/mod.rs:286:13
Publish rustig! on crates.io
Currently this is blocked by: #9.
The main tool (CLI) can be published. The main libraries (callgraph and panic_analysis) can also be released separately.
Remove dependency on specific version of capstone
Currently the callgraph library has a very specific dependency on the capstone library:
capstone = { git = "https://github.com/capstone-rust/capstone-rs.git", rev = "dc10578aa27414afc93f0a87959b2f0c22dc66c3" }
Newer version of this library changed their API to include lifetimes.
The code in the callgraph library needs refactoring to accept a newer capstone version.
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.