Awesome
<p align="center"> <h1 align="center"><img src="./assets/cve-rs-logo.png"></h1> <h6 align="center"> <a href="https://github.com/Speykious/cve-rs/actions/workflows/ci.yaml"> <img src="https://img.shields.io/github/actions/workflow/status/serde-rs/serde/ci.yml?branch=master" align="top"> </a> </h6> <div align="center"> Blazingly đĨ fast đ memory vulnerabilities, written in 100% safe Rust. đĻ </div> </p>cve-rs allows you to introduce common memory vulnerabilities (such as buffer overflows and segfaults) into your Rust program in a memory safe manner.
Why choose cve-rs?
- 𩸠Bleeding edge technology
- đšī¸ Paradigm-changing (no more unsafe code!)
- đĨ Blazingly fast
- đĄ Easy to use
- đ Featuring way đ too 2ī¸âŖ many đ¤¯ emojis in the đ readme đĨ đĻ đ¨
- đĻ Built in 100% memory-safe Rust
Example
Rust is an amazing language. You can program a lot of useful things while ensuring that your program will stay safe. Unfortunately, safe Rust is quite limiting. For example, you cannot introduce code that could corrupt the program's memory. Now, with cve-rs, you can corrupt your program's memory without corrupting your program's memory.
We are very committed to making sure cve-rs is memory-safe. We know that unsafe code can have unintended consequences, such as memory unsafety that causes bugs like segmentation faults, use-after-frees, and buffer overflows.
That is why cve-rs uses #![deny(unsafe_code)]
in the entire codebase. There is not a single block of unsafe
code (except for some tests) in this project.
cve-rs implements the following bugs in safe Rust:
- Use after free
- Buffer overflow
- Segmentation fault
cve-rs also contains safe reimplementations of:
std::mem::transmute
std::ptr::null()
/null_mut()
but for references
Installation
cve-rs can be used directly with Cargo.
To use it as a library:
cargo add cve-rs
Or to run our example binary:
cargo install cve-rs
cve-rs
WASM support
cve-rs supports WASM through the WASI API, and also to Webassembly that you can run in a browser.
You can compile it and run it using Wasmer with the following commands:
cargo build --target wasm32-wasi
wasmer run target/wasm32-wasi/debug/cve-rs.wasm
Contributors
Special thanks to @Bright-Shard and @Creative0708, and everyone else who contributed to cve-rs.
Can I use cve-rs in production?
This project is licensed under the GLWTSPL.
Wait, how safe is cve-rs?!?
This project is licensed under the GLWTSPL.
License
This project is licensed under the GLWTSPL.
...and godspeed.