SystemVerilog and Verilog Formatter

Problem

ASLR (address-space layout randomization) is a mitigation technique that increases the difficulty of performing buffer-overflow attacks that require the attacker to know the address of the program in memory. This is done by loading the program at a randomly selected address in the process' address space. ASLR-enabled kernels can choose a random load address only for position-independent executables and code.

Problem

Software components contain executable code that performs actions implemented during its development. These actions are called behaviors. In the analysis report, behaviors are presented as human-readable descriptions that best match the underlying code intent. While most behaviors are benign, some are commonly abused by malicious software with the intent to cause harm. When a software package shares behavior traits with malicious software, it may become flagged by security solutions. Any detection from security solutions can cause friction for the end-users during software deployment. While the behavior is likely intended by the developer, there is a small chance this detection is true positive, and an early indication of a software supply chain attack.

Problem

Software components sometimes need to interact with higher privilege parts of the operating system, often requiring administrative access to accomplish a task. Operating systems include a complete network stack with many services that allow the machine to connect to the internet. Some of these services are used to secure network access. For that reason, attackers often aim to tamper with system network settings. Disabling firewalls and other network security features enable the malicious code to execute without being blocked. While the presence of code that tampers with system network settings does not necessarily imply malicious intent, all of its uses in a software package should be documented and approved. Only select applications should consider using functions that interact with system network settings. One example of acceptable use for such functions is allowing specialized applications to use non-standard network ports by updating the firewall allowlist.

Problem

Control Flow Guard (CFG/CFI) protects the code flow integrity by ensuring that indirect calls are made only to vetted functions. This mitigation protects dynamically resolved function targets by instrumenting the code responsible for transferring execution control. Because the code flow integrity is verified during runtime, malicious code is less likely to be able to hijack trusted execution paths.

Problem

Control Flow Guard (CFG/CFI) protects the code flow integrity by ensuring that indirect calls are made only to vetted functions. This mitigation protects dynamically resolved function targets by instrumenting the code responsible for transferring execution control. Higher-level programming languages implement structured exception handling by managing their own code flow execution paths. As such, they are subject to code flow hijacking during runtime. Language-specific exception handling mitigation enforces execution integrity by instrumenting calls to manage execution context switching. Any deviation from the known and trusted code flow paths will cause the application to terminate. This makes malicious code less likely to execute.