kani
ZLib
kani | ZLib | |
---|---|---|
47 | 49 | |
1,905 | 5,293 | |
3.7% | - | |
9.5 | 8.8 | |
3 days ago | 7 days ago | |
Rust | C | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
kani
-
The C Bounded Model Checker: Criminally Underused
This is also the backend for Kani - Amazon's formal verification tool for Rust.
https://github.com/model-checking/kani
- Boletín AWS Open Source, Christmas Edition
-
The Wizardry Frontier
Nice read! Rust has pushed, and will continue to push, the limits of practical, bare metal, memory safe languages. And it's interesting to think about what's next, maybe eventually there will be some form of practical theorem proving "for the masses". Lean 4 looks great and has potential, but it's still mostly a language for mathematicians. There has been some research on AI constructed proofs, which could be the best of both worlds because then the type checker can verify that the AI generated code/proof is indeed correct. Tools like Kani are also a step forward in program correctness.
-
Kani 0.40.0 has been released!
Ease setup in Amazon Linux 2 by @adpaco-aws in #2833
-
Kani 0.39.0 has been released!
Limit --exclude to workspace packages by @tautschnig in #2808
-
Kani 0.38.0 has been released !
Here's a summary of what's new in version 0.38.0:
-
CVE-2023-4863: Heap buffer overflow in WebP (Chrome)
> those applications need the proof for correctness so that more dangerous code---say, what would need `unsafe` in Rust---can be safely added
There are actually already tools built for this very purpose in Rust (see Kani [1] for instance).
Formal verification has a serious scaling problem, so forming programs in such a way that there are a few performance-critical areas that use unsafe routines seems like the best route. I feel like Rust leans into this paradigm with `unsafe` blocks.
[1] - https://github.com/model-checking/kani
-
Kani 0.36.0 has been released!
Enable concrete playback for failure of UB checks by @zhassan-aws in https://github.com/model-checking/kani/pull/2727
-
Kani 0.34.0 has been released!
Change default solver to CaDiCaL by @celinval in https://github.com/model-checking/kani/pull/2557 By default, Kani will now run CBMC with CaDiCaL, since this solver has outperformed Minisat in most of our benchmarks. User's should still be able to select Minisat (or a different solver) either by using #[solver] harness attribute, or by passing --solver= command line option.
-
Kani 0.33.0 has been released!
Add support for sysconf by feliperodri in #2557
ZLib
- Zlib 1.3.1 Out
-
Vulnerability found after scanning debian 12 bookworm VM
A fix has been checked into the upstream git repo: https://github.com/madler/zlib/pull/843 but a release has not yet been made including it.
-
ZLib VS jdeflate - a user suggested alternative
2 projects | 25 Nov 2023
-
CVE-2023-4863: Heap buffer overflow in WebP (Chrome)
So the real issue here is that the lack of tree validation before the tree construction, I believe. I'm surprised that this check was not yet implemented (I actually checked libwebp to make sure that I was missing one). Given this blind spot, an automated test based on the domain knowledge is likely useless to catch this bug.
[1] https://github.com/madler/zlib/blob/master/examples/enough.c
-
Notes: Advanced Node.js Concepts by Stephen Grider
In the source code of the Node.js opensource project, lib folder contains JavaScript code, mostly wrappers over C++ and function definitions. On the contrary, src folder contains C++ implementations of the functions, which pulls dependencies from the V8 project, the libuv project, the zlib project, the llhttp project, and many more - which are all placed at the deps folder.
- Zlib 1.3 · madler/zlib 09155ea
- Zlib 1.3 – A Spiffy yet Delicately Unobtrusive Compression Library
- Exploring the Internals of Linux v0.01
-
Dear Pirates Donate as much as you can
Seeing the text in red got me thinking for a moment, "wow, didn't realize pirates had such love for an open-source compression library"
-
Updated packages: do Arch devs update/build the original source as is or...
cd "${srcdir}/zlib-$pkgver/contrib/minizip" make install DESTDIR="${pkgdir}" install -D -m644 "${srcdir}/zlib-$pkgver/LICENSE" "${pkgdir}/usr/share/licenses/minizip/LICENSE" # https://github.com/madler/zlib/pull/229 rm "${pkgdir}/usr/include/minizip/crypt.h"
What are some alternatives?
prusti-dev - A static verifier for Rust, based on the Viper verification infrastructure.
zstd - Zstandard - Fast real-time compression algorithm
awesome-rust-formalized-reasoning - An exhaustive list of all Rust resources regarding automated or semi-automated formalization efforts in any area, constructive mathematics, formal algorithms, and program verification.
LZ4 - Extremely Fast Compression algorithm
MIRAI - Rust mid-level IR Abstract Interpreter
Snappy - A fast compressor/decompressor
gdbstub - An ergonomic, featureful, and easy-to-integrate implementation of the GDB Remote Serial Protocol in Rust (with no-compromises #![no_std] support)
LZMA - (Unofficial) Git mirror of LZMA SDK releases
rmc - Kani Rust Verifier [Moved to: https://github.com/model-checking/kani]
Onion - C library to create simple HTTP servers and Web Applications.
watt - Runtime for executing procedural macros as WebAssembly
Minizip-ng - Fork of the popular zip manipulation library found in the zlib distribution.