Stealing secrets with Rust Macros proof-of-concept via VSCode
We discussed this vulnerability during Episode 77 on 18 May 2021
This is another one of those, IDE/tooling doing more than you expect issues. In Rust you have #[proc_macro]
s which are functions that are executed at compile time. The issue here is that the Rust-Analyzer, a common Language Server protocol implementation (used by the Rust plugin on VSCode) will expand these macros when analyzing the code also, creating an opportunity to, as in this PoC’s case, exfiltrate data.