Comment by zozbot234 6 days ago Firefox is safe from this because their CSS handling was the first thing they rewrote in Rust. 5 comments zozbot234 Reply bawolff 6 days ago I mean, even if it was written in c or c++, its unlikely two separate code bases would have the exact same use after feee vuln. jacquesm 6 days ago It's unlikely, but it does actually happen. I've seen more than one complete rewrite of something important that had exactly the same bug. And I'm very sure that those sources were not related somehow. ceteia 6 days ago Does the Rust implementation not use any unsafe and does not use libraries using unsafe? nish__ 5 days ago No. What would be the point of that? ceteia 5 days ago Not Firefox, but Servo has quite a lot of unsafe, even though some of the results are false positives.https://grep.app/search?f.repo=servo%2Fservo&f.repo.pattern=...So Servo at the very least cannot be said to be 'safe'. And I believe the Rust code in Firefox is similar.
bawolff 6 days ago I mean, even if it was written in c or c++, its unlikely two separate code bases would have the exact same use after feee vuln. jacquesm 6 days ago It's unlikely, but it does actually happen. I've seen more than one complete rewrite of something important that had exactly the same bug. And I'm very sure that those sources were not related somehow.
jacquesm 6 days ago It's unlikely, but it does actually happen. I've seen more than one complete rewrite of something important that had exactly the same bug. And I'm very sure that those sources were not related somehow.
ceteia 6 days ago Does the Rust implementation not use any unsafe and does not use libraries using unsafe? nish__ 5 days ago No. What would be the point of that? ceteia 5 days ago Not Firefox, but Servo has quite a lot of unsafe, even though some of the results are false positives.https://grep.app/search?f.repo=servo%2Fservo&f.repo.pattern=...So Servo at the very least cannot be said to be 'safe'. And I believe the Rust code in Firefox is similar.
nish__ 5 days ago No. What would be the point of that? ceteia 5 days ago Not Firefox, but Servo has quite a lot of unsafe, even though some of the results are false positives.https://grep.app/search?f.repo=servo%2Fservo&f.repo.pattern=...So Servo at the very least cannot be said to be 'safe'. And I believe the Rust code in Firefox is similar.
ceteia 5 days ago Not Firefox, but Servo has quite a lot of unsafe, even though some of the results are false positives.https://grep.app/search?f.repo=servo%2Fservo&f.repo.pattern=...So Servo at the very least cannot be said to be 'safe'. And I believe the Rust code in Firefox is similar.
I mean, even if it was written in c or c++, its unlikely two separate code bases would have the exact same use after feee vuln.
It's unlikely, but it does actually happen. I've seen more than one complete rewrite of something important that had exactly the same bug. And I'm very sure that those sources were not related somehow.
Does the Rust implementation not use any unsafe and does not use libraries using unsafe?
No. What would be the point of that?
Not Firefox, but Servo has quite a lot of unsafe, even though some of the results are false positives.
https://grep.app/search?f.repo=servo%2Fservo&f.repo.pattern=...
So Servo at the very least cannot be said to be 'safe'. And I believe the Rust code in Firefox is similar.