-
llvm-project
The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
heap-exploitation
This book on heap exploitation is a guide to understanding the internals of glibc's heap and various attacks possible on the heap structure.
The fact that they haven't rewritten glibc's string parsing wouldn't make their criticism wrong.
If all of glibc had been written in assembly for every single target triplet, one wouldn't be wrong to point out that there was no benefit to doing that instead of writing it in C, and that it probably took more work and was more error-prone, even if they weren't willing to help port said code to C.
Just the same, they could have written this in C++.
Much of LLVM's libc is written in C++ with exposed C bindings (or all, I haven't checked 100%). For example, their libc stdio implementation is completely in C++.
https://github.com/llvm/llvm-project/tree/main/libc/src/stdi...
You could say the same thing about Rust and Relibc, but it seems much less likely that a C project would incorporate Rust than that it would incorporate C++.
Not in a HN news comment, I don't have that level of dedication to this because its definitely non trivial. However you can read about them in use against the glibc allocator are here: https://github.com/DhavalKapil/heap-exploitation/blob/master...
The "house of" attack method are attacks against the allocator, its been a while since I've looked into it, I hope musl have hardened their allocator against this kind of attacks.