heap-exploitation
llvm-project
heap-exploitation | llvm-project | |
---|---|---|
1 | 354 | |
1,228 | 25,839 | |
- | 3.0% | |
10.0 | 10.0 | |
over 1 year ago | 6 days ago | |
C | C++ | |
- | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
heap-exploitation
-
Glibc Dynamic Loader Hit by a Nasty Local Privilege Escalation Vulnerability
Not in a HN news comment, I don't have that level of dedication to this because its definitely non trivial. However you can read about them in use against the glibc allocator are here: https://github.com/DhavalKapil/heap-exploitation/blob/master...
The "house of" attack method are attacks against the allocator, its been a while since I've looked into it, I hope musl have hardened their allocator against this kind of attacks.
llvm-project
-
Qt and C++ Trivial Relocation (Part 1)
As far as I know, libstdc++'s representation has two advantages:
First, it simplifies the implementation of `s.data()`, because you hold a pointer that invariably points to the first character of the data. The pointer-less version needs to do a branch there. Compare libstdc++ [1] to libc++ [2].
[1]: https://github.com/gcc-mirror/gcc/blob/065dddc/libstdc++-v3/...
[2]: https://github.com/llvm/llvm-project/blob/1a96179/libcxx/inc...
Basically libstdc++ is paying an extra 8 bytes of storage, and losing trivial relocatability, in exchange for one fewer branch every time you access the string's characters. I imagine that the performance impact of that extra branch is tiny, and massively confounded in practice by unrelated factors that are clearly on libc++'s side (e.g. libc++'s SSO buffer is 7 bytes bigger, despite libc++'s string object itself being smaller). But it's there.
The second advantage is that libstdc++ already did it that way, and to change it would be an ABI break; so now they're stuck with it. I mean, obviously that's not an "advantage" in the intuitive sense; but it's functionally equivalent to an advantage, in that it's a very strong technical answer to the question "Why doesn't libstdc++ just switch to doing it libc++'s way?"
-
Playing with DragonRuby Game Toolkit (DRGTK)
This Ruby implementation is based on mruby and LLVM and it’s commercial software but cheap.
- Add support for Qualcomm Oryon processor
-
Ask HN: Which books/resources to understand modern Assembler?
'Computer Architeture: A Quantitative Apporach" and/or more specific design types (mips, arm, etc) can be found under the Morgan Kaufmann Series in Computer Architeture and Design.
"Getting Started with LLVM Core Libraries: Get to Grips With Llvm Essentials and Use the Core Libraries to Build Advanced Tools "
"The Architecture of Open Source Applications (Volume 1) : LLVM" https://aosabook.org/en/v1/llvm.html
"Tourist Guide to LLVM source code" : https://blog.regehr.org/archives/1453
llvm home page : https://llvm.org/
llvm tutorial : https://llvm.org/docs/tutorial/
llvm reference : https://llvm.org/docs/LangRef.html
learn by examples : C source code to 'llvm' bitcode : https://stackoverflow.com/questions/9148890/how-to-make-clan...
-
Flang-new: How to force arrays to be allocated on the heap?
See
https://github.com/llvm/llvm-project/issues/88344
https://fortran-lang.discourse.group/t/flang-new-how-to-forc...
- The LLVM Compiler Infrastructure
-
Programming from Top to Bottom - Parsing
You can never mistake type_declaration with an identifier, otherwise the program will not work. Aside from that constraint, you are free to name them whatever you like, there is no one standard, and each parser has it own naming conventions, unless you are planning to use something like LLVM. If you are interested, you can see examples of naming in different language parsers in the AST Explorer.
-
Look ma, I wrote a new JIT compiler for PostgreSQL
> There is one way to make the LLVM JIT compiler more usable, but I fear it’s going to take years to be implemented: being able to cache and reuse compiled queries.
Actually, it's implemented in LLVM for years :) https://github.com/llvm/llvm-project/commit/a98546ebcd2a692e...
-
C++ Safety, in Context
> It's true, this was a CVE in Rust and not a CVE in C++, but only because C++ doesn't regard the issue as a problem at all. The problem definitely exists in C++, but it's not acknowledged as a problem, let alone fixed.
Can you find a link that substantiates your claim? You're throwing out some heavy accusations here that don't seem to match reality at all.
Case in point, this was fixed in both major C++ libraries:
https://github.com/gcc-mirror/gcc/commit/ebf6175464768983a2d...
https://github.com/llvm/llvm-project/commit/4f67a909902d8ab9...
So what C++ community refused to regard this as an issue and refused to fix it? Where is your supporting evidence for your claims?
-
Clang accepts MSVC arguments and targets Windows if its binary is named clang-cl
For everyone else looking for the magic in this almost 7k lines monster, look at line 6610 [1].
[1] https://github.com/llvm/llvm-project/blob/8ec28af8eaff5acd0d...