|
|
|
|
|
|
by gpm
2058 days ago
|
|
|
Confident, not because rustc is written better but because your comment confuses two types of bugs. The bugs you're talking about in JVM, flash, and javascript implementations are bugs that allow malicious code to confuse the language implementation and break out of the programming language defined sandbox. Rust eliminates this class of bugs by not trying to sandbox anything in the first place :P. If you did try and modify rustc to create that type of sandbox, you would fail, rustc is filled with the sort of bugs that allow malicious code to trick the compiler (largely as a result of using llvm as the backend). However the bugs that would undermine the security of correctly written code are a different sort of bug. These are bugs where the compiler takes well defined non-exploitable code and miscompiles it to produce a program that when fed malicious input is exploitable. These bugs are much rarer, because the input to the compiler is not malicious so the compiler is much more likely (almost always) to be on the happy/correct path. |
|
|