[Info-vax] Rust as a HS language, was: Re: Quiet?

[Simon Clubley]

On 2022-04-05, Dan Cross <cross at spitfire.i.gajendra.net> wrote:
> In article <jb2t2oF49voU1 at mid.individual.net>,
> Bill Gunshannon  <bill.gunshannon at gmail.com> wrote:
>>So, I have been following this discussion for some time now.  I have
>>never used Rust.  I have never even looked at Rust. But I do have one
>>question.
>>
>>Just what is it that Rust can do that none of the already existing
>>languages could do?
>
> There are three main interacting features that are unique in
> their combination in the language that Rust brings to bear:
>
> 1) Lifetimes attached to pointers are a first-class primitive in
>    the language.  They are literally part of the type.
>    References cannot outlive the objects they refer to.
> 2) A compile-time borrow checker that ensures that either a
>    single mutable reference to an object, or one or more
>    immutable references.  In safe rust code, data races are
>    impossible.
> 3) Object ownership is a first-class primitive in the language,
>    and every object has exactly one owner.  All objects must be
>    initialized before use.  Dangling pointers and uninitialized
>    pointers are 
>
> The combination of these things is incredibly powerful, and
> gives you type and memory safety _without garbage collection_.
> The result is that you program as if you were using a managed
> language, but with explicit control over memory allocation.
>
> You can even do this on bare metal.  The langauge gives you a
> high degree of abstraction with the "core" library, even in
> kernel mode.  In that context, it's actually quite pleasant to
> use.
>
> 	- Dan C.
>

Do you have any comments on the following Rust CVEs ?

It looks like Rust has come up with rather unique ways to screw up:

https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=rust

Take this one (which I picked at random) for example:

https://rustsec.org/advisories/RUSTSEC-2020-0148.html

Or this one (which is a nice good old fashioned out of bounds memory access):

https://rustsec.org/advisories/RUSTSEC-2020-0039.html

How do they fit into what you say above ?

Simon.

-- 
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.