wuffs - Wrangling Untrusted File Formats Safely

  •        75

(Formerly known as Puffs: Parsing Untrusted File Formats Safely).Wuffs is a domain-specific language and library for wrangling untrusted file formats safely. Wrangling includes parsing, decoding and encoding. Examples of such file formats include images, audio, video, fonts and compressed archives.

https://github.com/google/wuffs

Tags
Implementation
License
Platform

   




Related Projects

RustBooks - List of Rust books

  •    

Welcome! This book will teach you about the Rust Programming Language. Rust is a systems programming language focused on three goals: safety, speed, and concurrency. It maintains these goals without having a garbage collector, making it a useful language for a number of use cases other languages aren’t good at: embedding in other languages, programs with specific space and time requirements, and writing low-level code, like device drivers and operating systems. It improves on current languages targeting this space by having a number of compile-time safety checks that produce no runtime overhead, while eliminating all data races. Rust also aims to achieve ‘zero-cost abstractions’ even though some of these abstractions feel like those of a high-level language. Even then, Rust still allows precise control like a low-level language would. This is Rust-101, a small tutorial for the Rust language. It is intended to be an interactive, hands-on course: I believe the only way to really learn a language is to write code in it, so you should be coding during the course. If you have any questions that are not answered here, check out the "Additional Resources" below. In particular, the IRC channel is filled with awesome people willing to help you! I spent lots of time there ;-) I will assume some familiarity with programming, and hence not explain the basic concepts common to most languages. Instead, I will focus on what makes Rust special.

tock - A secure embedded operating system for Cortex-M based microcontrollers

  •    Rust

Tock is an embedded operating system designed for running multiple concurrent, mutually distrustful applications on Cortex-M based embedded platforms. Tock's design centers around protection, both from potentially malicious applications and from device drivers. Tock uses two mechanisms to protect different components of the operating system. First, the kernel and device drivers are written in Rust, a systems programming language that provides compile-time memory safety, type safety and strict aliasing. Tock uses Rust to protect the kernel (e.g. the scheduler and hardware abstraction layer) from platform specific device drivers as well as isolate device drivers from each other. Second, Tock uses memory protection units to isolate applications from each other and the kernel. Tock is documented in the doc folder. Read through the guides there to learn about the overview and design of Tock, its implementation, and much more.

mesalink - MesaLink is a memory-safe and OpenSSL-compatible TLS library.

  •    Rust

MesaLink is a memory-safe and OpenSSL-compatible TLS library. Since 2014, the industry has seen a huge impact and loss due to memory vulnerabilities in TLS stacks; such as the infamous "Heartbleed" bug. MesaLink is born with the goal of eradicating memory vulnerabilities in TLS stacks; and it is written in Rust, a programming language that guarantees memory safety. This significantly reduces the attack surfaces; which further facilitates auditing and restricting the remaining attack surfaces. MesaLink is cross-platform and provides OpenSSL-compatible APIs. It works seamlessly in desktop, mobile, and IoT devices. With the growth of the ecosystem, MesaLink would also be adopted in the server environment in the future. To get better functionality along with strong security guarantees, MesaLink follows the following rules-of-thumb for hybrid memory-safe architecture designing proposed by the Rust SGX SDK project.

rust-for-node-developers - An introduction to the Rust programming language for Node developers.

  •    Rust

An introduction to the Rust programming language for Node developers. Hi there, I'm a JavaScript developer who wants to learn Rust and as a part of this process I'll write here about my learnings. So what is Rust actually and why should you learn it? Rust is a systems programming language like C or C++, but with influences from functional programming languages and even scripting languages like JavaScript. It feels very modern - which is no surprise, because it is a relatively young language. It went 1.0 in 2015! That doesn't only mean it is fun to write, because it has less clutter to carry around, it is also fun to use, because it has a modern toolchain with a great package manager. Rust's most unique feature is probably the compile-time safety check: it catches errors like segfaults without introducing a garbage collector. Or to phrase it differently: maximum safety with maximum performance.

Pharo - Smalltalk inspired language

  •    C

Pharo is an open source Smalltalk. The goal of Pharo is to produce a clean and lean open-source Smalltalk. Pharo wants to bring Squeak to the next level. It is a pure object-oriented language with low memory footprint.


t81_558_deep_learning - Washington University (in St

  •    Jupyter

Deep learning is a group of exciting new technologies for neural networks. Through a combination of advanced training techniques and neural network architectural components, it is now possible to create neural networks of much greater complexity. Deep learning allows a neural network to learn hierarchies of information in a way that is like the function of the human brain. This course will introduce the student to computer vision with Convolution Neural Networks (CNN), time series analysis with Long Short-Term Memory (LSTM), classic neural network structures and application to computer security. High Performance Computing (HPC) aspects will demonstrate how deep learning can be leveraged both on graphical processing units (GPUs), as well as grids. Focus is primarily upon the application of deep learning to problems, with some introduction mathematical foundations. Students will use the Python programming language to implement deep learning using Google TensorFlow and Keras. It is not necessary to know Python prior to this course; however, familiarity of at least one programming language is assumed. This course will be delivered in a hybrid format that includes both classroom and online instruction. This syllabus presents the expected class schedule, due dates, and reading assignments. Download current syllabus.

redox - Redox: A Rust Operating System

  •    Shell

Redox is an operating system written in Rust, a language with focus on safety and high performance. Redox, following the microkernel design, aims to be secure, usable, and free. Redox is inspired by previous kernels and operating systems, such as SeL4, MINIX, Plan 9, and BSD. Redox is not just a kernel, it's a full-featured Operating System, providing packages (memory allocator, file system, display manager, core utilities, etc.) that together make up a functional and convenient operating system. You can loosely think of it as the GNU or BSD ecosystem, but in a memory safe language and with modern technology. See this list for overview of the ecosystem.

slang - 🎤 a simple audio programming language implemented in JS

  •    Javascript

Slang was created to explore implementing a programming language entirely in the browser. Parsing is handled by Ohm.js using a custom grammar, the editor uses CodeMirror with a simple syntax definition, and the runtime itself is written in JS using the Web Audio API. I've always wanted to write a programming language from scratch, but as someone who didn't study computer science I find it incredibly intimidating. Discovering Ohm.js changed my mind; its incredible editor and approachable JS API make it possible to experiment quickly with a lot of feedback. This project is my first pass at building a language and runtime environment from start to finish.

Noggit - JSON streaming parser

  •    Java

Noggit is the world's fastest streaming JSON parser for Java. It is used in Apache Solr.

vigil - Vigil, the eternal morally vigilant programming language

  •    Python

Vigil is a very safe programming language, and an entry in the January 2013 PLT Games competition. Many programming languages claim to take testing, contracts and safety seriously, but only Vigil is truly vigilant about not allowing code that fails to pass programmatic specifications.

Go kit - A standard library for microservices.

  •    Go

Go kit is a programming toolkit for building microservices (or elegant monoliths) in Go. We solve common problems in distributed systems and application architecture so you can focus on delivering business value. Go is a great general-purpose language, but microservices require a certain amount of specialized support. RPC safety, system observability, infrastructure integration, even program design — Go kit fills in the gaps left by the standard library, and makes Go a first-class language for writing microservices in any organization.

Eta - A powerful language for building scalable systems on the JVM

  •    Haskell

Eta is a pure, lazy, strongly typed functional programming language on the JVM. It is a dialect of Haskell on the JVM. It is pure by default which means that calling a function with the same arguments will yield the same results every time. It is lazy by default which means that data stays in unevaluated state until a function needs to peek inside.

terra - Terra is a low-level system programming language that is embedded in and meta-programmed by the Lua programming language

  •    C++

Terra is a new low-level system programming language that is designed to interoperate seamlessly with the Lua programming language. It is also backwards compatible with (and embeddable in) existing C code. Like C, Terra is a monomorphic, statically-typed, compiled language with manual memory management. But unlike C, it is designed to make interaction with Lua easy. Terra code shares Lua's syntax and control-flow constructs. It is easy to call Lua functions from Terra (or Terra functions from Lua). Furthermore, you can use Lua to meta-program Terra code. The Lua meta-program handles details like conditional compilation, namespaces, and templating in Terra code that are normally special constructs in low-level languages. This coupling additionally enables more powerful features like function specialization, lisp-style macros, and manually controlled JIT compilation. Since Terra's compiler is also available at runtime, it makes it easy for libraries or embedded languages to generate low-level code dynamically.

Pegged - A Parsing Expression Grammar (PEG) module, using the D programming language.

  •    D

Pegged is a parsing expression grammar (PEG) generator implemented in the D programming language. The idea is to give the generator a PEG, with the syntax presented in the reference article . From this grammar definition a set of related parsers will be created, to be used at runtime or compile time.

netcap - A framework for secure and scalable network traffic analysis

  •    Go

The Netcap (NETwork CAPture) framework efficiently converts a stream of network packets into highly accessible type-safe structured data that represent specific protocols or custom abstractions. These audit records can be stored on disk or exchanged over the network, and are well suited as a data source for machine learning algorithms. Since parsing of untrusted input can be dangerous and network data is potentially malicious, implementation was performed in a programming language that provides a garbage collected memory safe runtime. It was developed for a series of experiments in my bachelor thesis: Implementation and evaluation of secure and scalable anomaly-based network intrusion detection. Currently, the thesis serves as documentation until the wiki is ready, it is included at the root of this repository (file: mied18.pdf). Slides from my presentation at the Leibniz Supercomputing Centre of the Bavarian Academy of Sciences and Humanities are available on researchgate.

urweb - The Ur/Web programming language

  •    Standard

Ur is a programming language in the tradition of ML and Haskell, but featuring a significantly richer type system. Ur is functional, pure, statically typed, and strict. Ur supports a powerful kind of metaprogramming based on row types. This type safety is just the foundation of the Ur/Web methodology. It is also possible to use metaprogramming to build significant application pieces by analysis of type structure. For instance, the demo includes an ML-style functor for building an admin interface for an arbitrary SQL table. The type system guarantees that the admin interface sub-application that comes out will always be free of the above-listed bugs, no matter which well-typed table description is given as input.

iOS-Swift-Demos - 精心收集并分类整理的Swift开发学习资源,包括Apple官方提供的示例代码和文档,以及github上的项目和国内外开发者的技术博客。欢迎提交pull-request一起维护。QQ交流群 32958950 申请请注明开发经验

  •    Swift

Swift is a high-performance system programming language. It has a clean and modern syntax, offers seamless access to existing C and Objective-C code and frameworks, and is memory safe by default. On December 3, 2015, the Swift language, supporting libraries, debugger, and package manager were published under the Apache 2.0 license with a Runtime Library Exception, and Swift.org was created to host the project.

Akumuli - Time-series database

  •    C++

Akumuli is a time-series database for modern hardware. It can be used to capture, store and process time-series data in real-time. The word "akumuli" can be translated from Esperanto as "accumulate".

awesome-safety-critical - List of resources about programming practices for writing safety-critical software

  •    Makefile

This is a list of resources about programming practices for writing safety-critical software. What kind of special training do engineers working on mission-critical software receive? [closed] and its followup on Reddit.

dogs - data structures for pure functional programming in scala

  •    Scala

It intends to be a library containing data structures which facilitate pure functional programming in the Scala programming language. Some of these are replacements for structures already present in the Scala standard library, but with improvements in safety, some are data structures for which there is no analogue in the Scala standard library. Dogs is currently available for Scala 2.11, and 2.12.





We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.