It's hard to appreciate how good Rustls is at avoiding UaF since UaF avoidance is taken for granted in idiomatic Rust code. Tiny things like `#[must_use]` are small but help avoid big failures. Our friends doing concurrency & malloc/free in C are still struggling w/ the basics.
Well, not if it’s, say, a reference to the inside of a std::vector that can be resized.
-
-
(As I recall we’ve had several vulns due to exactly this.)
-
It’s an example of why this problem is so annoying: C++ wants you to use std::vector (just like Rust wants you to use Vec) but in a GC’d world you just created a landmine that can easily blow up in your face.
- 3 more replies
New conversation -
-
-
Then it doesn't meaningfully have a refcounted reference on it. An actually-refcounted object cannot be freed (including moved) until its reference count reaches 0.
-
I suspect the real problem here is people redefining terms like refcounting to mean something much weaker because it (1) performs better, and (2) fits with the language idioms they want to use, which are incompatible with real refcounting.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.