|
|
|
|
|
|
by server_bot
2218 days ago
|
|
|
Good intro to the benefits of Rust for a broad audience, but one important omission: the Use-After-Free and Double-Free protection he mentioned is provided by compile-time static analysis, but Rust also does runtime bounds checks to prevent classic stack smashing (with minimal performance overhead). That may not seem like a big deal for the x86_64 world where modern mitigations largely make shellcode a thing of the past (hence heap exploitation, ROP/JOP, etc) but it is a BIG DEAL for embedded microcontrollers that lack OS/HW memory protection - an area where #![no_std] Rust shines. As a security researcher and not a developer, let me be very frank: you should STRONGLY consider Rust in place of C or C++. But know that release profile builds don't do integer overflow checking, so don't get cocky :P |
|
|