Projects

I began programming sometime around 2008, but the earliest written code I can find dates back to 2010. I first learned Lua via the game Roblox. I never got too into the whole game programming scene, but I quickly developed a passion for exploring new concepts. I have a huge case of Not Invented Here syndrome, so I love trying to program things to figure out how they work.

DenuoCC (2019)

The Denuo C Compiler is my second attempt at a C compiler. Currently I am working on the front end, including the preprocessor, a deterministic recursive-descent parser, comprehensive error messages, and thorough unit tests.

Denuos (2016)

Denuos was my second attempt at writing my own operating system. This time I got substantially farther. Some features implemented so far: basic VGA rendering, keyboard and timer interrupts handled via PIC, dynamically allocated memory, and the beginnings of a system call interface with working transitions between privilege levels.

VOS (2015)

VOS was my first venture in writing my own operating system. I didn't get very far, as I was consumed by the minutia of trying to get Rust to compile for 16 bit protected mode--going so far as recompiling many of the core libraries myself before there was much ecosystem support for this. Perhaps the most interesting part of this project is the reasonably complete and well documented FAT filesystem implementation I planned to use.

Brainrust (2015)

Brainrust is a simple Brainfuck interpreter. It performs some obvious reductions in repetitive instructions. Similarly, brain86 is a trivial 60 line program I wrote to translate Brainfuck to x86 assembly.

LuaCrypt (2012)

As I've written about elsewhere, I have an interest in cryptography. I tried several times to implement basic security primitives in Lua (despite what everyone says). I only successfully finished SHA2. Eventually some one ended up finding a bug in my code much to my surprise that anyone ever even found my code, let alone used it.

Lua Bytecode Interpreter (2012)

LBI was a project initiated out of necessity. I began programming because of an online game called Roblox, which can vaguely be described as a platform for kids to create lego-like games that are scripted using Lua. Roblox creators often utilized a technique of obfuscation whereby they uploaded their scripts as precompiled bytecode in order to prevent introspection or modification. This was a form of copy-protection because scripts were ran on the user's computer and could be read from memory and then used to create a competing game. In 2012, Roblox removed the loadstring() function that enabled the loading of bytecode. Thus, by implementing this project I was hoping to salvage scripts I and many others had already precompiled.

This functionality was removed because specially crafted bytecode can exploit the internal state of the Lua virtual machine and potentially whatever C application is using it. These attacks are documented here. I attempted to apply some of these attacks to Roblox, but didn't find any C functions that seemed exploitable. However, I did encounter several modifications the Roblox developers had made to harden the VM, including adding read-only tables (as an atomic type, not accomplished through metatables).

I emailed one of the lead developers about both my findings and the original documentation of these bugs on 22 August 2011. They largely ignored my findings at the time because I had not actually found a useful way to exploit the game. Almost exactly one year later, Roblox announced the removal of loadstring. Someone else had found a Roblox API that was vulnerable to this exploit.

Maximum Overdrive System (2011)

MODS is a Lua bytecode assembler and disassembler.

social