Skip to content

JuliaComputing/Hardened.jl

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits

.github/workflows

.github/workflows

 
 

docs

docs

 
 

src

src

 
 

test

test

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

Project.toml

Project.toml

 
 

README.md

README.md

 
 

Repository files navigation

Hardened

Hardened.jl is a simple package to strictly check that Julia is running with the correct flags for Hardened Compilation. This is useful for security and safety crtical systems.

Currently this checks for:

  • Bounds checking
  • Global IEEE math mode
  • Function overwrite

Bounds checking: overrides any @inbounds declarations IEEE math mode: overrides any @fastmath declarations Function overwrite: insures against resource injection and ensures testing integrity

Example workflow

using Hardened
using PrecompileTools

# PrecompileTools workload
@setup_workload begin

    # This will check that the compilation is hardened
    Hardened.check()

    @compile_workload begin
        # ...
    end
end

Covered CWEs

CWE-125: Out-of-bounds Read

https://cwe.mitre.org/data/definitions/125.html

CWE-787: Out-of-bounds Write

https://cwe.mitre.org/data/definitions/787.html

CWE-1339: Insufficient Precision or Accuracy of a Real Number

https://cwe.mitre.org/data/definitions/1339.html

CWE-99: Improper Control of Resource Identifiers ('Resource Injection')

https://cwe.mitre.org/data/definitions/99.html

Additional Checks

This package only provides coverage against some CWEs. For additional checks, tools such as JuliaHub can provide greater static coverage.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

5 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages