|
|
|
|
|
|
by timschmidt
698 days ago
|
|
|
Microsoft: 70% of all security bugs are memory safety issues: https://www.zdnet.com/article/microsoft-70-percent-of-all-se... Chrome: 70% of all security bugs are memory safety issues: https://www.zdnet.com/article/chrome-70-of-all-security-bugs... "Rust is an emerging programing language that aims at preventing memory-safety bugs without sacrificing much efficiency. The claimed property is very attractive to developers, and many projects start using the language. However, can Rust achieve the memory-safety promise? This paper studies the question by surveying 186 real-world bug reports collected from several origins which contain all existing Rust CVEs (common vulnerability and exposures) of memory-safety issues by 2020-12-31. We manually analyze each bug and extract their culprit patterns. Our analysis result shows that Rust can keep its promise that all memory-safety bugs require unsafe code...": https://arxiv.org/abs/2003.03296 Seems persuasive to me. |
|
|