Comment by maleldil

5 months ago

> Normally no one talks anymore about things like buffer overflows, use after free,... since years

Some of the biggest vulnerabilities of recent years (e.g. Heartbleed) were out-of-bounds access. The most common vulnerability sources are things that are impossible in Rust, but cannot be fully solved via C++ static checkers.

3 comments

maleldil

arkush 5 months ago

> > Normally no one talks anymore about things like buffer overflows, use after free,... since years

> Some of the biggest vulnerabilities of recent years (e.g. Heartbleed) were out-of-bounds access.

If I understand the Heartbleed bug correctly, it did not involved buffer overflows. It was a logical bug where they "trusted" the user-provided payload length (that can be much larger than the actual payload) and allocated the response buffer accordingly without zeroing it (malloc vs calloc). The "trash" in the uninitialized memory turned out to be quite valuable.

"xkcd: Heartbleed Explanation":

https://xkcd.com/1354/

"Add heartbeat extension bounds check.":

https://github.com/openssl/openssl/commit/731f431497f463f3a2...

m3047 5 months ago

Rust has unsafe, just like Java.

maleldil 5 months ago

On the other hand, _all_ of C++ is unsafe.