Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

>>> With Rust and C++, even for embedded systems, what is the use case for starting a new project that does binary encoding and network with such an unsafe language like C?

>> Rust may have safe memory coding built-in, it doesnt guarantee the coding to be 100% bug free or fully secure from zero day attacks.

> Case in appoint, I had to interact with a piece of software that used this library and it is as battle-tested as expecting HTTP headers in very specific casing!

How would rewriting in $SOMETHING_OTHER_THAN_C help with this bug? This is a bug that would have happened in any language.

After all, Gow8876 was very specific about what he was referring to ("memory safety" bugs), because you were very specific about what you were referring to ("unsafe language").



> After all, Gow8876 was very specific about what he was referring to ("memory safety" bugs), because you were very specific about what you were referring to ("unsafe language").

I pointed out this defect because handling HTTP headers "correctly" is such a basic requirement for a websocket library, yet it failed at it, so the claim for "13 years proven battlefield use" is baseless and only based on the fallacy of "it is old therefore battle-tested".

> Rust may have safe memory coding built-in, it doesnt guarantee the coding to be 100% bug free or fully secure from zero day attacks.

No one is making this absurd claim, but what we know is that majority of RCE bugs are memory related.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: