[mgaunard]

I don't think 70% of bugs are memory safety issues.

In my experience it's closer to 5%.

[cogman10]

I believe this is where that fact comes from [1]

Basically, 70% of high severity bugs are memory safety.

[1] https://www.chromium.org/Home/chromium-security/memory-safet...

[saagarjha]

High severity security issues.

[mgaunard]

Right, which is a measure which is heavily biased towards memory safety bugs.

[IshKebab]

70% of security vulnerabilities are due to memory safety. Not all bugs.

[stonemetal12]

Using the data provided, memory safety issues (use-after-free, memory-leak, buffer-overflow, null-deref) account for 67% of their bugs. If we include refcount It is just over 80%.

[tester756]

That's the figure that Microsoft and Google found in their code bases.

[redeeman]

probably quite a bit less than 5%, however, they tend to be quite serious when they happen

[mgaunard]

Only serious if you care about protecting from malicious actors running code on the same host.

[redeeman]

you dont? I would imagine people that runs for example a browser would have quite an interest in that

[mgaunard]

Browsers are sandboxed, and working on the web browsers themselves is a very small niche, as is working on kernels.

Software increasingly runs either on dedicated infrastructure or virtual ones; in those cases there isn't really a case where you need to worry about software running on the same host trying to access the data.

Sure, it's useful to have some restrictions in place to track what needs access to what resource, but in practice they can always be circumvented for debugging or convenience of development.

[yencabulator]

Browsers are sandboxed by the kernel, and we're talking about bugs in the kernel here...

[mgaunard]

Even if modern browsers lean more on kernel features, initially the sandboxing in browsers is implemented through a managed runtime.