[Gigachad]

Safe C code is like functional communism, we are yet to see a real example. It probably could exist though.

[JohnFen]

This is just incorrect. Perhaps it's that you don't notice the safe C software because it doesn't cause a problem.

[hanselot]

I'm guessing there aren't many rustaceans in the ranks of the various Military organisations of the world, outside of those planting vulnerabilities ofc...

[rhdunn]

SQLite? That has an extensive test suite and has been extensively vetted/checked.

[dwattttt]

True, but there are quite a few CVEs (of varying severity) https://www.cvedetails.com/vulnerability-list/vendor_id-9237...

Another way to look at that is "SQlite has had these bugs in the past, and our standards are unlikely to be that high". It does deal with a quite complex problem domain, but is still a strong warning re. vulnerabilities in C.

[thesnide]

I actually am waiting for the increase in CVE number of rust replacements. So we can compare.

As for now, less exposure means less CVE. So the numbers are biased.

As usually, time will tell.

[Gigachad]

We have the data now https://security.googleblog.com/2022/12/memory-safe-language...

1.5M lines of Rust in Android and not a single memory vulnerability found, including in their unsafe Rust code. They also observe that the number of memory vulnerabilities decreases almost exactly inline with the decreasing use of memory unsafe language in Android.

The Android Rust code is also showing to have less bugs in general than the C/++ code.