profile
viewpoint
Trail of Bits trailofbits New York, New York https://www.trailofbits.com See also: binary lifters @lifting-bits, blockchain @crytic

trailofbits/algo 19012

Set up a personal VPN in the cloud

trailofbits/ctf 1100

CTF Field Guide

trailofbits/deepstate 550

A unit test-like interface for fuzzing and symbolic execution

trailofbits/cb-multios 384

DARPA Challenges Sets for Linux, Windows, and macOS

trailofbits/binjascripts 194

Scripts for Binary Ninja

trailofbits/audit-kubernetes 165

k8s audit repo

trailofbits/AppJailLauncher 109

CTF Challenge Framework for Windows 8 and above

trailofbits/appjaillauncher-rs 84

AppJailLauncher in Rust

trailofbits/clang-cfi-showcase 74

Sample programs that illustrate how to use control flow integrity with the clang compiler

trailofbits/constexpr-everything 71

Rewrite C++ code to automatically apply `constexpr` where possible

startedtrailofbits/manticore

started time in 4 hours

startedtrailofbits/manticore

started time in 7 hours

startedtrailofbits/manticore

started time in 7 hours

startedtrailofbits/algo

started time in 8 hours

startedtrailofbits/sinter

started time in 10 hours

startedtrailofbits/sinter

started time in 10 hours

startedtrailofbits/sinter

started time in 11 hours

startedtrailofbits/manticore

started time in 11 hours

startedtrailofbits/sinter

started time in 12 hours

startedtrailofbits/sinter

started time in 12 hours

startedtrailofbits/sinter

started time in 12 hours

startedtrailofbits/algo

started time in 12 hours

startedtrailofbits/sinter

started time in 13 hours

startedtrailofbits/sinter

started time in 13 hours

startedtrailofbits/manticore

started time in 14 hours

startedtrailofbits/sinter

started time in 15 hours

startedtrailofbits/algo

started time in 16 hours

startedtrailofbits/algo

started time in 17 hours

startedtrailofbits/sinter

started time in 17 hours

Pull request review commenttrailofbits/manticore

Allow Coveralls Upload to Fail

 jobs:         ./run_tests.sh     - name: Coveralls Parallel       run: |-        coveralls+        coveralls || true

Maybe allow it to fail just if "GITHUB_TOKEN is not set" ??

ehennenfent

comment created time in 18 hours

startedtrailofbits/sinter

started time in 18 hours

startedtrailofbits/algo

started time in 18 hours

PR opened trailofbits/manticore

Allow Coveralls Upload to Fail

External PRs don't have access to the Coveralls token, and so can't upload coverage reports on our behalf. See: https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#using-encrypted-secrets-in-a-workflow

+1 -1

0 comment

1 changed file

pr created time in 19 hours

create barnchtrailofbits/manticore

branch : allow-coverage-upload-failure

created branch time in 19 hours

startedtrailofbits/sinter

started time in 20 hours

startedtrailofbits/sinter

started time in 20 hours

Pull request review commenttrailofbits/manticore

Fix BitVec with symbolic offset and fix TranslatorSmtlib.unique thread safety

 def ULE(a, b):   def EXTRACT(x, offset, size):-    if isinstance(x, BitVec):+    if isinstance(x, BitVec) and not isinstance(offset, BitVec):

Yea, that's the one that was failing with dynamic offset, but size is always 8.

geohot

comment created time in 20 hours

Pull request review commenttrailofbits/manticore

Fix BitVec with symbolic offset and fix TranslatorSmtlib.unique thread safety

 def ULE(a, b):   def EXTRACT(x, offset, size):-    if isinstance(x, BitVec):+    if isinstance(x, BitVec) and not isinstance(offset, BitVec):

Right! Even from the evm.BYTE size if safely concrete. nvm that.
https://github.com/trailofbits/manticore/blob/402de84c0686b892c7ef987882f330cad565760e/manticore/platforms/evm.py#L1603-L1606

geohot

comment created time in 20 hours

Pull request review commenttrailofbits/manticore

Fix BitVec bug and fix TranslatorSmtlib.unique thread safety

 def ULE(a, b):   def EXTRACT(x, offset, size):-    if isinstance(x, BitVec):+    if isinstance(x, BitVec) and not isinstance(offset, BitVec):

Oh I don't think size can be symbolic, that will fail. But with the new change, offset should be able to.

geohot

comment created time in 21 hours

Pull request review commenttrailofbits/manticore

Fix BitVec bug and fix TranslatorSmtlib.unique thread safety

 def ULE(a, b):   def EXTRACT(x, offset, size):-    if isinstance(x, BitVec):+    if isinstance(x, BitVec) and not isinstance(offset, BitVec):

Hmm I do not really know if the EXTRACT symbol actually supports symbolic size. Maybe Operators.EXTRACT needs to force/ request a concrete size. And any user of it must concretize the size before doing the EXTRACT. ... .

geohot

comment created time in 21 hours

more