Fast memory vulnerabilities, written in 100% safe Rust

testeronious@lemmy.world · 2 years ago

Fast memory vulnerabilities, written in 100% safe Rust

SorteKanin@feddit.dk · 2 years ago

It’s essentially this issue https://github.com/rust-lang/rust/issues/25860

The code used to exploit the bug in this library is here: https://github.com/Speykious/cve-rs/blob/main/src/lifetime_expansion.rs

As far as I understand, the bug basically makes it so you can trick Rust into thinking any lifetime is actually 'static. From that, you can do all kinds of bad stuff.

Fast memory vulnerabilities, written in 100% safe Rust

Fast memory vulnerabilities, written in 100% safe Rust

GitHub - Speykious/cve-rs: Blazingly 🔥 fast 🚀 memory vulnerabilities, written in 100% safe Rust. 🦀