This repo contains the code for final project of COSC 534. Its aim is to reproduce Cross-Language Attacks under a Swift/C context, and find a way to mitigate the attack using WebAssembly.

.
├── CSources
│   ├── Build
│   │   ├── libCLASwift-safe.so
│   │   ├── libCLASwift-unsafe.so
│   │   ├── safe-lib.o
│   │   ├── safe-lib.wasm
│   │   ├── safe-lib.wasm.c
│   │   ├── safe-lib.wasm.h
│   │   └── unsafe-lib.o
│   ├── init.c
│   └── init.h
├── Makefile
├── Package.swift
├── README.md
├── Screenshots
│   └── Double-Free-Attack-Swift-Free-and-SIGABRT.png
└── Sources
    └── CLA-Swift-exe
        ├── MemoryHelper.swift
        ├── main.swift
        └── module.modulemap

5 directories, 16 files

CSources contains all necessary C files and files generated by Makefile. Sources contains all Swift files and modulemap. Package.swift is required for building Swift executable. Makefile contains two targets, generating safe and unsafe shared libraries.

Only tests under Ubuntu 22.04 LTS, Clang 13.0.0, and Swift 5.7. Does NOT work on macOS (x86 or arm64).

1. Generate Shared Libraries Use provided Makefile located at the root of this project. This will generate libCLASwift-safe.so and libCLASwift-unsafe.so by default.
2. Move the Shared Libraries Simple way: move the generated shared libraies to target location, usually /usr/lib in Ubuntu. Swift Package Manager should be smart enough to find the libaray on its own. Hard way: manually the library during linking. Currently I don't know how to do this with Swift Package Manager. Should be possible in theory.
3. Compile Swift Executable Modify Sources/CLA-Swift-exe/main.swift at will, then run swift run under projcet root, and experiment!