| category | crev | description |
|---|---|---|
Unsound |
dangerous |
Bindings for a C++ flamegraph profiler |
Pros:
- Probably works?
- XB1 and PS4 port allusions
Cons:
- 98% networked exposed C++
- that also string parses
- and disassembles
- and rewrites x86 code on the fly
- I don't see fuzz tests upstream either
- If this isn't unsound somewhere, I'll eat my hat.
- Exceeding the max scope depth appears unsound.
- Exceeding the ~1024 max timer count asserts then overflows.
- Don't use in production, only development, IMO
| version | thoroughness | understanding | rating | Notes |
|---|---|---|---|---|
| 0.2.1 | low | low | negative | Much skimming |
| file | rating | notes |
|---|---|---|
| src/microprofile/distorm/include/distorm.h | ❔ | Skimmed, BSD |
| src/microprofile/distorm/include/mnemonics.h | ❔ | Skimmed |
| src/microprofile/distorm/src/config.h | ❔ | Skimmed |
| src/microprofile/distorm/src/decoder.c | ❔ | Skimmed |
| src/microprofile/distorm/src/decoder.h | ❔ | Skimmed |
| src/microprofile/distorm/src/distorm.c | ❔ | Skimmed |
| src/microprofile/distorm/src/instructions.c | ❔ | Skimmed |
| src/microprofile/distorm/src/instructions.h | ❔ | Skimmed |
| src/microprofile/distorm/src/insts.c | ❔ | Skimmed, magic constants table |
| src/microprofile/distorm/src/insts.h | ❔ | Skimmed |
| src/microprofile/distorm/src/mnemonics.c | ❔ | Skimmed, magic constants table |
| src/microprofile/distorm/src/operands.c | ❔ | Skimmed |
| src/microprofile/distorm/src/operands.h | ❔ | Skimmed |
| src/microprofile/distorm/src/prefix.c | ❔ | Skimmed |
| src/microprofile/distorm/src/prefix.h | ❔ | Skimmed |
| src/microprofile/distorm/src/textdefs.c | ❔ | Skimmed |
| src/microprofile/distorm/src/textdefs.h | ❔ | Skimmed |
| src/microprofile/distorm/src/wstring.c | ❔ | Skimmed |
| src/microprofile/distorm/src/wstring.h | ❔ | Skimmed |
| src/microprofile/distorm/src/x86defs.h | ❔ | Skimmed |
| src/microprofile/distorm/COPYING | ❌ | Upstream file missing, legally required for redistribution |
| src/microprofile/microprofile_html.h | ❔ | Skimmed... 15 KLOC of C++ HTML/JS strings, oof |
| src/microprofile/microprofile.cpp | ❌ | Skimmed... 13 KLOC of network exposed, string parsing, instruction rewriting C++11. |
| src/microprofile/microprofile.h | ❔ | Skimmed |
| src/microprofile/patch_osx.s | ❔ | Skimmed |
| src/microprofile/patch_win32.asm | ❔ | Skimmed |
| src/build.rs | ✔️ | cc |
| src/lib.rs | ❔ | No docs, haven't verified C ABI, uses static mut, but not obviously unsound. |
| .cargo_fcs_info.json | ✔️ | |
| .cargo-ok | ✔️ | |
| Cargo.toml | ❌ | Says MIT, includes BSD code. |
| Cargo.toml.orig | ❌ | Says MIT, includes BSD code. |
| Other | Rating | Notes |
|---|---|---|
| unsafe | ❌ | 98% C/C++ code - including string parsing, network stuff |
| fs | ❔ | Yes |
| io | ❌ | C/C++ networking and string parsing code |
| docs | ❌ | distorm is well documented, microprofile (both the C++ and Rust) aren't so much |
| tests | ❌ | Not a fuzz test in sight |