[2021-02-12] <Daniel Stenberg> Will I ever rewrite curl in rust? I don't believe in rewrites, no matter which language. I believe in replacing code and fixing components gradually over time. That could mean that we have a curl written mostly in rust in 10 years. Or in 20 years. Or not. -- https://twitter.com/bagder/status/1360131939794042884
[2023-02-14] <The article> the fuzzer quickly uncovered memory corruption bugs, specifically use-after-free issues, double-free issues, and memory leaks
People arguing against the usage of Rust just because they don‘t „believe“ in its advantages puzzle me. They are usually proven wrong with multiple CVE‘s shortly after.
Rust was never expected to be a magic fix-all, but after the C++ committee‘s stubborn refusal of introducing some sense of memory safety into the language in favor of keeping ABI compatibility, it might turn out to be a self fulfilling prophecy.
> Yet everyone’s idea of safety still seems to be “just write bug-free C code, bro”.
Does it though? I think "the industry" has pretty much come around on C being unsafe, and generally not a great choice of language for new projects.
But the fact is that there's a lot of C code out there, and we can't just ditch or rewrite it all overnight. In an ideal world, we wouldn't be starting from here. But we are, and it's going to take time to get to where we need to be.
> The slowest of the “big compilers” to adopt C99 was the Microsoft Visual C++ compiler, which did not adopt it properly until 2015 and added more compliance in 2019. A large number of our users/developers are still stuck on older MSVC versions so not even all users of this compiler suite can build C99 programs even today, in late 2022.
What are the chances that the kinds of people who are still doing development on systems where the C compiler is from 2015 or earlier, or on a more niche system that Windows that lots of new safe languages haven't been ported to yet (and such ports aren't even on the radar), are going to able to start moving to developing in rust or whatever anytime soon?
I maintain very large scale C++ code and have zero memory issues. No memory leaks. No reading/writing after free. No out of bounds access. I achieve this using the many excellent tools available on Linux to find those problems and fixing them.
To be fair cURL is pretty aged now. I wrote a cURL-like recently and was surprised my ver benched 2x as fast. (though I cheated by not using crappy 3rd party libs)
TLDR: We fuzzed something that wasn't previously fuzzed — specifically, CLI arguments — and found some good bugs. Lesson: Don't forget to fuzz all the methods people might use to interface with your software.
`curl` is widely integrated via its CLI: you'll find all kinds of programs (from simple shell scripts to actual compiled binaries) that interact with `curl` through command-line arguments. So the attacker model here isn't "nobody would type this" it's "does your SoHo router or other software shell out to cURL in an attacker-controllable way."
[+] [-] nayuki|3 years ago|reply
[2023-02-14] <The article> the fuzzer quickly uncovered memory corruption bugs, specifically use-after-free issues, double-free issues, and memory leaks
[+] [-] selfmodruntime|3 years ago|reply
Rust was never expected to be a magic fix-all, but after the C++ committee‘s stubborn refusal of introducing some sense of memory safety into the language in favor of keeping ABI compatibility, it might turn out to be a self fulfilling prophecy.
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] gigaflops|3 years ago|reply
Yet everyone’s idea of safety still seems to be “just write bug-free C code, bro”.
[+] [-] Karellen|3 years ago|reply
Does it though? I think "the industry" has pretty much come around on C being unsafe, and generally not a great choice of language for new projects.
But the fact is that there's a lot of C code out there, and we can't just ditch or rewrite it all overnight. In an ideal world, we wouldn't be starting from here. But we are, and it's going to take time to get to where we need to be.
Heck, take a look at the recent story about "Considering C99 for curl": https://news.ycombinator.com/item?id=33704054
From the linked article:
> The slowest of the “big compilers” to adopt C99 was the Microsoft Visual C++ compiler, which did not adopt it properly until 2015 and added more compliance in 2019. A large number of our users/developers are still stuck on older MSVC versions so not even all users of this compiler suite can build C99 programs even today, in late 2022.
What are the chances that the kinds of people who are still doing development on systems where the C compiler is from 2015 or earlier, or on a more niche system that Windows that lots of new safe languages haven't been ported to yet (and such ports aren't even on the radar), are going to able to start moving to developing in rust or whatever anytime soon?
[+] [-] afrcnc|3 years ago|reply
[+] [-] deterministic|3 years ago|reply
[+] [-] intelVISA|3 years ago|reply
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] CharlesW|3 years ago|reply
[+] [-] mannykannot|3 years ago|reply
[+] [-] unknown|3 years ago|reply
[deleted]
[+] [-] andrewmcwatters|3 years ago|reply
[+] [-] woodruffw|3 years ago|reply
[+] [-] bolanyo|3 years ago|reply