The point is that matrix transpose should be trivial. But my main point really is that looking at CVEs is just nonsense. In both cases it is is a rather meaningless.
furthermore the issue at core was an integer overflow, which is tricky in all languages and e.g. has poppet up on HN recently in context of "proven correct" code still having bugs (because the prove didn't use finit precision integers)
it's also less tricky in rust then in C due to no implicit casts and debug build checking for integer overflows and tests normally running against debug builds
Projects do sometimes enable it even on release builds for security sensitive code(1).
so if anything the linked issue is in favor of using rust over C while acting as a reminder that no solution is perfect
(1): It comes at a high performance cost, but sometimes for some things it's an acceptable cost. Also you can change such setting per crate. E.g. at a company I worked at a few years ago we did build some sensitive and iffy but not hot parts always with such checks enabled and some supper hot ML parts always with optimizations enabled even for "debug/test" builds.
Bounds checking for matrices is trivial. The point is that once you compete with C and need to do something slightly more complex, mistakes also can happen in Rust. Now, we can have a discussion if it is still safer and I may even agree), but it defeats the "eliminate a whole class of issues" marketing, doesn't it?
furthermore the issue at core was an integer overflow, which is tricky in all languages and e.g. has poppet up on HN recently in context of "proven correct" code still having bugs (because the prove didn't use finit precision integers)
it's also less tricky in rust then in C due to no implicit casts and debug build checking for integer overflows and tests normally running against debug builds
Projects do sometimes enable it even on release builds for security sensitive code(1).
so if anything the linked issue is in favor of using rust over C while acting as a reminder that no solution is perfect
(1): It comes at a high performance cost, but sometimes for some things it's an acceptable cost. Also you can change such setting per crate. E.g. at a company I worked at a few years ago we did build some sensitive and iffy but not hot parts always with such checks enabled and some supper hot ML parts always with optimizations enabled even for "debug/test" builds.