mirror of
https://github.com/bitdefender/bddisasm.git
synced 2024-12-22 05:58:07 +00:00
Fixed some typos.
Added SECURITY.md file.
This commit is contained in:
parent
08f4b31b7d
commit
52ed638c13
63
SECURITY.md
Normal file
63
SECURITY.md
Normal file
@ -0,0 +1,63 @@
|
|||||||
|
# Handling Security Issues Discovered in the bddisasm Related Projects
|
||||||
|
|
||||||
|
bddisasm contains several complex projects (x86/x64 disassembler, instruction emulator)
|
||||||
|
and complexity can lead to potential bugs. In this regard, we advise
|
||||||
|
researchers to follow responsible disclosure and notify us before publicly
|
||||||
|
disclosing any security issue, to give us the opportunity to fix it.
|
||||||
|
|
||||||
|
## How to Report a Security Issue
|
||||||
|
|
||||||
|
Identified security issues must be properly described, and steps of reproduction
|
||||||
|
must be provided. Proof of concepts are strongly encouraged, but not strictly
|
||||||
|
required, as long as the reproduction steps are clear, and we are able to
|
||||||
|
reproduce the issue. Please make sure to include the following:
|
||||||
|
|
||||||
|
* Brief description of the problem
|
||||||
|
* Steps of reproduction
|
||||||
|
* Core dumps, memory dumps and any other useful information that can be used to triage and fix the issue
|
||||||
|
* Impact
|
||||||
|
|
||||||
|
## Where to Report a Security Issue
|
||||||
|
|
||||||
|
Our security email address is `hvmi-security@bitdefender.com`. Please use the
|
||||||
|
following PGP key to encrypt your e-mail, and make sure to include your public
|
||||||
|
key, in case we need to contact you for more info:
|
||||||
|
|
||||||
|
```
|
||||||
|
-----BEGIN PGP PUBLIC KEY BLOCK-----
|
||||||
|
Version: GnuPG
|
||||||
|
|
||||||
|
mQENBFUgwRUBCADcIpqNwyYc5UmY/tpx1sF/rQ3knR1YNXYZThzFV+Gmqhp1fDH5
|
||||||
|
qBs9foh1xwI6O7knWmQngnf/nBumI3x6xj7PuOdEZUh2FwCG/VWnglW8rKmoHzHA
|
||||||
|
ivjiu9SLnPIPAgHSHeh2XD7q3Ndm3nenbjAiRFNl2iXcwA2cTQp9Mmfw9vVcw0G0
|
||||||
|
z1o0G3s8cC8ZS6flFySIervvfSRWj7A1acI5eE3+AH/qXJRdEJ+9J8OB65p1JMfk
|
||||||
|
6+fWgOB1XZxMpz70S0rW6IX38WDSRhEK2fXyZJAJjyt+YGuzjZySNSoQR/V6vNYn
|
||||||
|
syrNPCJ2i5CgZQxAkyBBcr7koV9RIhPRzct/ABEBAAG0IVNlY3VyaXR5IDxzZWN1
|
||||||
|
cml0eUBwYXJhZ29uaWUuY29tPokBOQQTAQIAIwUCVSDBFQIbAwcLCQgHAwIBBhUI
|
||||||
|
AgkKCwQWAgMBAh4BAheAAAoJEGuXocKCZATat2YIAIoejNFEQ2c1iaOEtSuB7Pn/
|
||||||
|
WLbsDsHNLDKOV+UnfaCjv/vL7D+5NMChFCi2frde/NQb2TsjqmIH+V+XbnJtlrXD
|
||||||
|
Vj7yvMVal+Jqjwj7v4eOEWcKVcFZk+9cfUgh7t92T2BMX58RpgZF0IQZ6Z1R3FfC
|
||||||
|
9Ub4X6ykW+te1q0/4CoRycniwmlQi6iGSr99LQ5pfJq2Qlmz/luTZ0UX0h575T7d
|
||||||
|
cp2T1sX/zFRk/fHeANWSksipdDBjAXR7NMnYZgw2HghEdFk/xRDY7K1NRWNZBf05
|
||||||
|
WrMHmh6AIVJiWZvI175URxEe268hh+wThBhXQHMhFNJM1qPIuzb4WogxM3UUD7m5
|
||||||
|
AQ0EVSDBFQEIALNkpzSuJsHAHh79sc0AYWztdUe2MzyofQbbOnOCpWZebYsC3EXU
|
||||||
|
335fIg59k0m6f+O7GmEZzzIv5v0i99GS1R8CJm6FvhGqtH8ZqmOGbc71WdJSiNVE
|
||||||
|
0kpQoJlVzRbig6ZyyjzrggbM1eh5OXOk5pw4+23FFEdw7JWU0HJS2o71r1hwp05Z
|
||||||
|
vy21kcUEobz/WWQQyGS0Neo7PJn+9KS6wOxXul/UE0jct/5f7KLMdWMJ1VgniQmm
|
||||||
|
hjvkHLPSICteqCI04RfcmMseW9gueHQXeUu1SNIvsWa2MhxjeBej3pDnrZWszKwy
|
||||||
|
gF45GO9/v4tkIXNMy5J1AtOyRgQ3IUMqp8EAEQEAAYkBHwQYAQIACQUCVSDBFQIb
|
||||||
|
DAAKCRBrl6HCgmQE2jnIB/4/xFz8InpM7eybnBOAir3uGcYfs3DOmaKn7qWVtGzv
|
||||||
|
rKpQPYnVtlU2i6Z5UO4c4jDLT/8Xm1UDz3Lxvqt4xCaDwJvBZexU5BMK8l5DvOzH
|
||||||
|
6o6P2L1UDu6BvmPXpVZz7/qUhOnyf8VQg/dAtYF4/ax19giNUpI5j5o5mX5w80Rx
|
||||||
|
qSXV9NdSL4fdjeG1g/xXv2luhoV53T1bsycI3wjk/x5tV+M2KVhZBvvuOm/zhJje
|
||||||
|
oLWp0saaESkGXIXqurj6gZoujJvSvzl0n9F9VwqMEizDUfrXgtD1siQGhP0sVC6q
|
||||||
|
ha+F/SAEJ0jEquM4TfKWWU2S5V5vgPPpIQSYRnhQW4b1
|
||||||
|
=xJPW
|
||||||
|
-----END PGP PUBLIC KEY BLOCK-----
|
||||||
|
```
|
||||||
|
|
||||||
|
## Rewarding the Security Researchers
|
||||||
|
|
||||||
|
While there are no bounties offered for issues discovered in this project,
|
||||||
|
we do credit all the security researchers who contribute to making the
|
||||||
|
project safer.
|
@ -1,5 +1,5 @@
|
|||||||
# CPUID feature flags.
|
# CPUID feature flags.
|
||||||
# Synthax: NAME : leaf, subleaf, register, bit
|
# Syntax: NAME : leaf, subleaf, register, bit
|
||||||
# NAME can be anything, but it should match an ISA extension type.
|
# NAME can be anything, but it should match an ISA extension type.
|
||||||
# leaf - CPUID leaf value (eax input value)
|
# leaf - CPUID leaf value (eax input value)
|
||||||
# subleaf - CPUID subleaf (ecx input value). Use 0xFFFFFFFF if not used.
|
# subleaf - CPUID subleaf (ecx input value). Use 0xFFFFFFFF if not used.
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
# Flags access templates; many instructions have the same flag usage, so define them here.
|
# Flags access templates; many instructions have the same flag usage, so define them here.
|
||||||
# Synthax: NAME: FLAG=modifier|FLAG=modifier|.... See the definitions for some examples.
|
# Syntax: NAME: FLAG=modifier|FLAG=modifier|.... See the definitions for some examples.
|
||||||
# Accepted flags: CF, PF, AF, ZF, TF, IF, OF, DF, AC, IOPL, RF, NT, VIF, VIP, VM
|
# Accepted flags: CF, PF, AF, ZF, TF, IF, OF, DF, AC, IOPL, RF, NT, VIF, VIP, VM
|
||||||
# Accepted modifiers: t (tested), m (modified according to the result), 0 (cleared), 1 (set), u (undefined)
|
# Accepted modifiers: t (tested), m (modified according to the result), 0 (cleared), 1 (set), u (undefined)
|
||||||
|
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
# Valid operating modes for instructions. Please use these templates and not inline definitions. If a template does
|
# Valid operating modes for instructions. Please use these templates and not inline definitions. If a template does
|
||||||
# not exist already, create a new one.
|
# not exist already, create a new one.
|
||||||
# Synthax: NAME : group1:mode11[+mode12[|group2:!mode21+!mode22]] etc.
|
# Syntax: NAME : group1:mode11[+mode12[|group2:!mode21+!mode22]] etc.
|
||||||
#
|
#
|
||||||
# NAME cam be anything and can be used as a placeholder when defining the instruction.
|
# NAME cam be anything and can be used as a placeholder when defining the instruction.
|
||||||
# group - can be one of the 4 operating groups:
|
# group - can be one of the 4 operating groups:
|
||||||
|
Loading…
Reference in New Issue
Block a user