Crate haybale_pitchfork

Expand description

For an introduction to the crate and how to get started, see the crate’s README.

Modules§

hook_helpers: This module contains helper functions that may be useful in writing function hooks.
hooks: This module contains a few simple built-in function hooks which can be used with Config.function_hooks.
secret: This module contains the dynamic taint-tracking layer implemented on top of haybale. It provides a haybale::backend::Backend which performs dynamic taint tracking and reports constant-time violations.

AbstractData: An abstract description of a value: its size, whether it is a pointer or not, whether it is public or secret (or maybe it’s a struct with some public and some secret fields, or maybe it’s a public pointer that points to some secret data), etc.
Config: Various settings which affect how the symbolic execution is performed.
ConstantTimeResultForFunction: Holds information about the results of a constant-time analysis of a particular function.
PathStatistics: Some statistics which can be computed from a ConstantTimeResultForFunction.
PitchforkConfig: pitchfork-specific configuration options, in addition to the configuration options in haybale::Config.
Project: A Project is a collection of LLVM code to be explored, consisting of one or more LLVM modules.

AbstractValue: A variety of ways to specify a numerical value, from completely unconstrained to fully constrained.
ConstantTimeResultForPath: Holds information about the results of a constant-time analysis of a single path.

check_for_ct_violation: Checks whether a function is “constant-time” in the secrets identified by the args data structure. That is, does the function ever make branching decisions, or perform address calculations, based on secrets.
check_for_ct_violation_in_inputs: Checks whether a function is “constant-time” in its inputs. That is, does the function ever make branching decisions, or perform address calculations, based on its inputs.
main_func: This function is designed to be called in your main(). It processes command-line arguments and coordinates the overall analysis.
pretty_coverage_stats: Get a formatted version of the coverage results as a String.

StructDescriptions: A map from struct name to an AbstractData description of the struct