-
Notifications
You must be signed in to change notification settings - Fork 11
Resisting Underhandedness
Erick Tryzelaar edited this page Feb 28, 2017
·
14 revisions
This is a living document all about unsafety and general underhandedness. Please help keep this article up to date with any and all relevant articles and links.
- Rust Book chapter on unsafe.
- Rustonomicon is a book all about how to write safe unsafe code.
-
Too Many Lists is a book all about writing a doubly linked list, which needs
unsafeto resolve the ambiguity on who is responsible for destroying the link list nodes. - John Regehr is a professor at the University of Utah, and has focused his research on automatically discovering software bugs. He also spoke about compiler fuzzing at the Bay Area Rust Meetup in 2014.
-
RFC forming the Memory Model Strike Team. This Rust Compiler subteam formed to explore, document, and improve how to safely use
unsafein Rust. Discussions from the team can be found here. - If You Use Unsafe, You Should Be Using Compiletest - an article about using compiletest to test assumptions about unsafe code.
- Reflections on Rusting Trust - an article exploring the implications attacks being hidden inside the Rust compiler, and how the community could prevent such attacks.
- Rust Book chapter on testing.
- quickcheck is a library to generate random input for test cases.
- compiletest is a test framework that allows developers to check if their code is properly failing to compile. This helps to validate if you are creating a safe wrapper around unsafe code.
- afl.rs is a Fuzz Testing tool that generates pseudo-random data as input into a binary. It is built upon the tool American fuzzy lop. See this post to see how to get it up and running.
- cargo-fuzz is a new fuzzing tool that is built upon the LLVM project libfuzzer. As opposed to afl.rs, libfuzzer links directly to the thing-to-be-tested, and directly fuzzes a function.
- Using cargo-fuzz to find bugs in capnproto-rust
- rust-san has a series of examples on how to use Rust's new experimental support for AddressSanitizer, LeakSanitizer, MemorySanitizer, and ThreadSanitizer.
- clippy is a tool that adds many lints to the Rust compiler to catch common mistakes. See this post to understand how it can help.
- rustfmt is a tool to automatically and consistently format Rust code. It can be used to help avoid underhanded syntax formatting.
- RustSec Advisory Database is a repository of security advisories filed against Rust crates.
-
cargo-audit is tool that will audit a
Cargo.lockfile for the use of crates with security vulnerabilities.
- I-unsound - open soundness issues in the Rust compiler that are a likely target for avoiding the Rust
-
Rust version 1.15.1 was released due to a bug in 1.15.0 where
as_mut_slicewas accidentally written to apply to immutable functions:
pub fn as_mut_slice(&self) -> &mut [T] {
unsafe {
slice::from_raw_parts_mut(self.ptr as *mut T, self.len())
}
}