12 releases
0.5.4 | May 8, 2024 |
---|---|
0.5.2 | Nov 1, 2022 |
0.2.0 | Jul 30, 2022 |
0.1.0 | Sep 7, 2020 |
#566 in Encoding
24KB
272 lines
rust-audit-info
Command-line tool to extract the dependency trees embedded in binaries by cargo auditable
.
It takes care of parsing the platform-specific formats (ELF, PE, Mach-O) and outputs the decompressed JSON.
This tool is intentionally minimal and does not implement vulnerability scanning on its own. However, it is useful for building your own vulnerability scanner. If you're looking for a Rust library instead of a command-line tool, see auditable-info
.
Features
- Parses binaries from any supported platform, not just the platform it's running on.
- Compiles down to a ~400Kb self-contained executable with no external dependencies.
- Binary parsing designed from the ground up for resilience to malicious inputs.
- 100% memory-safe Rust, including all dependencies. No memory-unsafe code anywhere in the dependency tree.
- Cross-platform, portable, easy to cross-compile. Runs on any Rust target with
std
. - Supports setting size limits for both input and output, to protect against OOMs and zip bombs.
Usage
Usage: rust-audit-info FILE [INPUT_SIZE_LIMIT] [OUTPUT_SIZE_LIMIT]
The limits are specified in bytes. The default values are:
INPUT_SIZE_LIMIT: 1073741824 (1 GiB)
OUTPUT_SIZE_LIMIT: 67108864 (64 MiB)
The highest possible RAM usage is INPUT_SIZE_LIMIT + OUTPUT_SIZE_LIMIT
, plus up to 1MB of overhead.
If you need to read from the standard input, pass /dev/stdin
as the FILE
.
Dependencies
$ cargo geiger
Metric output format: x/y
x = unsafe code used by the build
y = total unsafe code found in the crate
Symbols:
🔒 = No `unsafe` usage found, declares #![forbid(unsafe_code)]
❓ = No `unsafe` usage found, missing #![forbid(unsafe_code)]
☢️ = `unsafe` usage found
Functions Expressions Impls Traits Methods Dependency
0/0 0/0 0/0 0/0 0/0 🔒 rust-audit-info 0.5.2
0/0 0/0 0/0 0/0 0/0 🔒 └── auditable-info 0.6.2
0/0 0/0 0/0 0/0 0/0 🔒 ├── auditable-extract 0.3.2
0/0 0/0 0/0 0/0 0/0 🔒 │ └── binfarce 0.2.1
0/0 0/0 0/0 0/0 0/0 🔒 └── miniz_oxide 0.6.2
0/0 0/0 0/0 0/0 0/0 🔒 └── adler 1.0.2
0/0 0/0 0/0 0/0 0/0
Dependencies
~345–550KB
~11K SLoC