Crate squid 

squid is a RISC-V emulation library with features that make it a powerful tool for vulnerability research and fuzzing.

Unlike other emulators, squid utilizes AOT instead of JIT compilation and allows you to rewrite your target’s code before emulation. During runtime, you get full control over your target by handling all system calls and other events yourself. This makes it easy to create and combine new sanitizers and test programs for all kinds of vulnerabilities, not just memory corruptions.

Where to start

Everything in squid starts with the Compiler, so have a look at that.

Examples, a wiki and more…

…can be found in the repository.

What is supported

Binaries compiled with squids own RISC-V toolchain and this special set of flags:

-fPIE -pie -O0 -g -fno-jump-tables -mno-relax -D__thread=

Features

• tui (enabled by default): Enables animations and fancy loading graphics

Modules

backends

Contains all backends that are provided by squid

event

Contains the EventPool and other helper structs.

frontend

The frontend handles everything related to symbolic ELF-loading and the creation of the process image

kernel

Unstable. Use at your own risk.

passes

Contains the passes that are provided by squid

riscv

Provides constants and types that are related to the RISC-V ISA.

runtime

Contains the Runtime trait.

Structs

Compiler

The Compiler is the center piece of squid. It loads ELF files, runs passes and launches a backend to obtain a Runtime.

Loader

The Loader is a helper struct that creates a Compiler by

Logger

The Logger is a helper struct that displays log messages to the terminal.