It's hard to appreciate how good Rustls is at avoiding UaF since UaF avoidance is taken for granted in idiomatic Rust code. Tiny things like `#[must_use]` are small but help avoid big failures. Our friends doing concurrency & malloc/free in C are still struggling w/ the basics.
-
-
For me the biggest annoyance is that Rust doesn’t have a wonderful solution for the most pernicious UAF in browsers: unexpected reentrancy from DOM into malicious JS. I don’t know that there *is* a good solution, really…
-
I'm still a fan of the DOM-is-implemented-in-JS idea.
-
Me too, from an elegance point of view. Still, there has to be a boundary between DOM and native *somewhere*, even if only at windowing layer.
-
I don't know quite why it's hard to find the places where we get unexpected reentrancy. I kind of imagine that most of this "unexpected" reentrancy happens many times through a few paths that are kind of stubbornly not rearchitected to avoid it. That's a pretty uninformed guess.
-
Mutation observers are the most common source of this problem. Remove a node from the DOM while in the middle of an operation on that node.
-
Mutation Events? Mutation Observers run around microtask time, which is pretty clearly defined and not reentrant.
-
Yeah, you are right. I always get those names mixed up for some reason.
End of conversation
New conversation -
-
-
It seems to me that we've done okayish at modernizing the Mozilla-native C++ code. At least in contrast to IPC, which is a nightmare even though its original authorship is more recent.
-
I think the push for modernization of C++ in both Chromium and Firefox was after Firefox forked it.
End of conversation
New conversation -
-
-
This is fair, although if you're writing *new* code and you choose C++ I have to seriously question your life choices. Also, the problem remains that the compiler just won't stop you from making stupid mistakes even if you're mostly using smart pointers etc.
-
I haven't written C++ in so long, at this point I'd be learning an entirely new language. I went back about 4 years ago to relearn modern C++ at which point I discovered Rust. Since then it's never even crossed my mind.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.