|
|
|
|
|
|
by AlotOfReading
678 days ago
|
|
|
I'm not addressing that because I don't think it's an interesting discussion. There's excellent tooling for validating crypto code. I'm emphasizing the difference between rust and C here because unlike Martin, I don't agree that it's meaningfully possible to eliminate UB in C by careful analysis. You're able to do this in Rust in large part because those issues are all concentrated in a few tightly scoped blocks with clear responsibilities. Unsafe also gives you a massive hint where to look when you're debugging. |
|
|