Compilers

High-fidelity build instrumentation with blight

High-fidelity build instrumentation with blight

| | Compilers, Research Practice
TL;DR: We’re open-sourcing a new framework, blight, for painlessly wrapping and instrumenting C and C++ build tools. We’re already using it on our research projects, and have included a set of useful ...
Trail of Bits Blog
Breaking the Solidity Compiler with a Fuzzer

Breaking the Solidity Compiler with a Fuzzer

| | blockchain, Compilers, fuzzing
Over the last few months, we’ve been fuzzing solc, the standard Solidity smart contract compiler, and we’ve racked up almost 20 (now mostly fixed) new bugs. A few of these are duplicates ...
Trail of Bits Blog

Security assessment techniques for Go projects

| | Compilers, Dynamic Analysis, education, fuzzing, Go, Kubernetes, Static Analysis
The Trail of Bits Assurance practice has received an influx of Go projects, following the success of our Kubernetes assessment this summer. As a result, we’ve been adapting for Go projects some ...
Trail of Bits Blog
Zero-Day Snafus — Hunting Memory Allocation Bugs

Zero-Day Snafus — Hunting Memory Allocation Bugs

| | Compilers, programming, security, shiftleft, Static Analysis
Zero-Day Snafus — Hunting Memory Allocation BugsPrefaceLanguages like C/C++ come with the whole “allocation party” of malloc, calloc, zalloc, realloc and their specialized versions kmalloc etc. For example, malloc has a signature void *malloc(size_t ...
ShiftLeft Blog - Medium

Use constexpr for faster, smaller, and safer code

| | Compilers, Mitigations, Static Analysis
With the release of C++14, the standards committee strengthened one of the coolest modern features of C++: constexpr. Now, C++ developers can write constant expressions and force their evaluation at compile-time, rather ...
Trail of Bits Blog
Creating an LLVM Sanitizer from Hopes and Dreams

Creating an LLVM Sanitizer from Hopes and Dreams

| | Compilers, Internship Projects, Static Analysis
Each year, Trail of Bits runs a month-long winter internship aka “winternship” program. This year we were happy to host 4 winterns who contributed to 3 projects. This project comes from Carson ...
Trail of Bits Blog
Leaves of Hash

Leaves of Hash

| | Compilers, cryptography
Trail of Bits has released Indurative, a cryptographic library that enables authentication of a wide variety of data structures without requiring users to write much code. Indurative is useful for everything from ...
Trail of Bits Blog
How McSema Handles C++ Exceptions

How McSema Handles C++ Exceptions

| | Compilers, McSema
C++ programs using exceptions are problematic for binary lifters. The non-local control-flow “throw” and “catch” operations that appear in C++ source code do not map neatly to straightforward binary representations. One could ...
Trail of Bits Blog
Binary view of the sum_of_squares function

Protecting Software Against Exploitation with DARPA’s CFAR

| | Compilers, McSema, Mitigations, Program Analysis
Today, we’re going to talk about a hard problem that we are working on as part of DARPA’s Cyber Fault-Tolerant Attack Recovery (CFAR) program: automatically protecting software from 0-day exploits, memory corruption, ...
Trail of Bits Blog
Figure 1: How branch misprediction leads to speculative execution. When the branch predictor makes an incorrect guess about the destination of a conditional branch, some instructions are speculatively executed. The execution of these instructions is undone, but their effects on the cache remain. Spectre causes the branch predictor to guess wrong and speculatively execute a carefully chosen set of instructions.

An accessible overview of Meltdown and Spectre, Part 2

| | Compilers, Exploits, security bloggers network
This is the second half of our blog post on the Meltdown an Spectre vulnerabilities, describing Spectre Variant 1 (V1) and Spectre Variant 2 (V2). If you have not done so already, ...
Trail of Bits Blog