Expand description
So far, all our bugs are implemented using a single soundness hole in the Rust compiler.
The explanation is detailed in the lifetime_expansion module.
Re-exports§
pub use buffer_overflow::buffer_overflow;pub use segfault::segfault;pub use transmute::transmute;pub use use_after_free::use_after_free;pub use references::not_alloc;pub use references::null;pub use references::null_mut;pub use lifetime_expansion::*;
Modules§
- buffer_
overflow - A memory-safe buffer overflow.
- lifetime_
expansion - Domain expansion:
'staticlifetime - references
- Reimplementations of
std::ptr::null()andstd::ptr::null_mut(), with safe code only. Relies on [crate::transmute] under the hood. - segfault
- A 100% memory-safe segmentation fault.
- transmute
- An 100% memory-safe implementation of
std::mem::transmute. - use_
after_ free - Behold, a perfectly memory-safe use-after-free!
Functions§
- construct_
fake_ string - Construct a
Stringfrom a pointer, capacity and length, in a completely safe manner.