查看文章

Since parsers are the line of defense between binaries and untrusted data, they are some of the most common sources of vulnerabilities in software. Language-Theoretic Security provides an approach to implement hardened parsers. We specify the binary format as a formal grammar and implement a recognizer for this formal grammar. However, most binary formats use constructs such as the length field, repeat field, and an offset instruction. Most grammar formats do not support these features. Building on PEGs and calc-regular languages, we propose Calc-Parsing Expression Grammars (Calc-PEGs), a formalization of parsing expression grammars that supports the length field. We design an algorithm to parse Calc-PEGs in time and a parallel algorithm to parse Calc-PEGs in O(n) time. We also present Pegmatite, a tool to generate these parsers in C, with an option to generate VHDL code.