Truly independent web browser
Find a file
Ben Wiederhake 3aeb57ed09 AK+Everywhere: Fix data corruption due to code-point-to-char conversion
In particular, StringView::contains(char) is often used with a u32
code point. When this is done, the compiler will for some reason allow
data corruption to occur silently.

In fact, this is one of two reasons for the following OSS Fuzz issue:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=49184
This is probably a very old bug.

In the particular case of URLParser, AK::is_url_code_point got confused:
    return /* ... */ || "!$&'()*+,-./:;=?@_~"sv.contains(code_point);
If code_point is a large code point that happens to have the correct
lower bytes, AK::is_url_code_point is then convinced that the given
code point is okay, even if it is actually problematic.

This commit fixes *only* the silent data corruption due to the erroneous
conversion, and does not fully resolve OSS-Fuzz#49184.
2022-10-09 10:37:20 -06:00
.github Meta: Add networkException's GitHub sponsors to the funding options list 2022-10-06 15:45:12 +02:00
AK AK+Everywhere: Fix data corruption due to code-point-to-char conversion 2022-10-09 10:37:20 -06:00
Base LibWeb+Base: Add grid repeat() functionality 2022-10-09 12:40:18 +01:00
Documentation Documentation: Update AddNewIDLFile for GC and Exposed changes 2022-10-09 10:14:57 +02:00
Kernel Kernel: Don't truncate physical memory space PDE pointers 2022-10-09 09:58:08 -06:00
Meta LibWeb: Re-implement HTML::Navigator using IDL 2022-10-09 10:14:57 +02:00
Ports Ports: Add dtc utility suite 2022-10-09 09:51:57 -06:00
Tests LibUnicode: Update code point ideographic replacements for Unicode 15 2022-10-07 18:17:40 +01:00
Toolchain Toolchain: serenity.nix: Fix fuse2fs not being installed 2022-10-06 16:16:51 +01:00
Userland AK+Everywhere: Fix data corruption due to code-point-to-char conversion 2022-10-09 10:37:20 -06:00
.clang-format
.clang-tidy
.editorconfig Meta: Add .editorconfig 2022-09-10 17:32:55 +01:00
.gitattributes
.gitignore Meta: Ignore vim's .exrc config 2022-10-06 16:06:50 +01:00
.mailmap Meta: Update my email-address 2022-09-27 15:15:36 +01:00
.pre-commit-config.yaml
.prettierignore LibJS: Handle empty named export 2022-09-02 02:07:37 +01:00
.prettierrc
azure-pipelines.yml
CMakeLists.txt Meta: Remove unused variables in CMakeLists.txt 2022-10-08 18:01:52 +01:00
CONTRIBUTING.md Meta: Add Andrew Kaster to list of project maintainers :^) 2022-10-09 15:16:06 +02:00
LICENSE
README.md Meta: Add Lucas Chollet to the contributors list :^) 2022-10-02 21:37:06 +02:00
SECURITY.md Meta: Add a security policy 2022-06-29 03:29:27 +00:00

SerenityOS

Graphical Unix-like operating system for x86 computers.

GitHub Actions Status Azure DevOps Status Fuzzing Status Sonar Cube Static Analysis Discord

About

SerenityOS is a love letter to '90s user interfaces with a custom Unix-like core. It flatters with sincerity by stealing beautiful ideas from various other systems.

Roughly speaking, the goal is a marriage between the aesthetic of late-1990s productivity software and the power-user accessibility of late-2000s *nix. This is a system by us, for us, based on the things we like.

You can watch videos of the system being developed on YouTube:

FAQ: Frequently Asked Questions

Screenshot

Screenshot as of b36968c.png

Features

  • Modern x86 32-bit and 64-bit kernel with pre-emptive multi-threading
  • Browser with JavaScript, WebAssembly, and more (check the spec compliance for JS, CSS, and WASM)
  • Security features (hardware protections, limited userland capabilities, W^X memory, pledge & unveil, (K)ASLR, OOM-resistance, web-content isolation, state-of-the-art TLS algorithms, ...)
  • System services (WindowServer, LoginServer, AudioServer, WebServer, RequestServer, CrashServer, ...) and modern IPC
  • Good POSIX compatibility (LibC, Shell, syscalls, signals, pseudoterminals, filesystem notifications, standard Unix utilities, ...)
  • POSIX-like virtual file systems (/proc, /dev, /sys, /tmp, ...) and ext2 file system
  • Network stack and applications with support for IPv4, TCP, UDP; DNS, HTTP, Gemini, IMAP, NTP
  • Profiling, debugging and other development tools (Kernel-supported profiling, detailed program analysis with software emulation in UserspaceEmulator, CrashReporter, interactive GUI playground, HexEditor, HackStudio IDE for C++ and more)
  • Libraries for everything from cryptography to OpenGL, audio, JavaScript, GUI, playing chess, ...
  • Support for many common and uncommon file formats (PNG, JPEG, GIF, MP3, WAV, FLAC, ZIP, TAR, PDF, QOI, Gemini, ...)
  • Unified style and design philosophy, flexible theming system, custom (bitmap and vector) fonts
  • Games (Solitaire, Minesweeper, 2048, chess, Conway's Game of Life, ...) and demos (CatDog, Starfield, Eyes, mandelbrot set, WidgetGallery, ...)
  • Every-day GUI programs and utilities (Spreadsheet with JavaScript, TextEditor, Terminal, PixelPaint, various multimedia viewers and players, Mail, Assistant, Calculator, ...)

... and all of the above are right in this repository, no extra dependencies, built from-scratch by us :^)

Additionally, there are over two hundred ports of popular open-source software, including games, compilers, Unix tools, multimedia apps and more.

How do I read the documentation?

Man pages are available online at man.serenityos.org. These pages are generated from the Markdown source files in Base/usr/share/man and updated automatically.

When running SerenityOS you can use man for the terminal interface, or help for the GUI.

Code-related documentation can be found in the documentation folder.

How do I build and run this?

See the SerenityOS build instructions. Serenity runs on Linux, macOS (aarch64 might be a challenge), Windows (with WSL2) and many other *Nixes with hardware or software virtualization.

Get in touch and participate!

Join our Discord server: SerenityOS Discord

Before opening an issue, please see the issue policy.

A general guide for contributing can be found in CONTRIBUTING.md.

Authors

And many more! See here for a full contributor list. The people listed above have landed more than 100 commits in the project. :^)

License

SerenityOS is licensed under a 2-clause BSD license.