Re: [rust-dev] Integer overflow, round -2147483648
On 27/06/14 01:45 AM, Gregory Maxwell wrote: On Thu, Jun 26, 2014 at 10:30 PM, Daniel Micay danielmi...@gmail.com wrote: It's a perfect example of a case where this feature wouldn't have helped. Performance critical loops with years of micro-optimization are not going to use checked arithmetic types. Every branch that the programmer thinks can be avoided will be avoided. Checked integer operation during tests would potentially have detected this even where the tests were not quite good enough to usefully trigger the out of bounds memory access, even given your argument that the tests would be off in production. (We had bugs like that in the development of the opus specification which were detected by Regehr's interger overflow checker but didn't trigger valgrind for inputs probable enough for the fuzzer to reach.) If you had actually written a test to pass 16M of zeroes to it on 32-bit, and terabytes of data on 64-bit. It wouldn't have ever been caught on 64-bit hardware. signature.asc Description: OpenPGP digital signature ___ Rust-dev mailing list Rust-dev@mozilla.org https://mail.mozilla.org/listinfo/rust-dev
Re: [rust-dev] Integer overflow, round -2147483648
This bug would be harmless in safe code in Rust as exploiting it requires array access without bound checking. On 27 June 2014 07:07, Tony Arcieri basc...@gmail.com wrote: Thought I'd just throw this one on the fire ;) http://blog.securitymouse.com/2014/06/raising-lazarus-20-year-old-bug-that.html ___ Rust-dev mailing list Rust-dev@mozilla.org https://mail.mozilla.org/listinfo/rust-dev ___ Rust-dev mailing list Rust-dev@mozilla.org https://mail.mozilla.org/listinfo/rust-dev
Re: [rust-dev] Integer overflow, round -2147483648
On 6/27/14 1:31 AM, Igor Bukanov wrote: This bug would be harmless in safe code in Rust as exploiting it requires array access without bound checking. Correct. This is a prime example of what I was talking about in my earlier message: weaponizing integer overflows is much more difficult in a memory-safe language. Patrick ___ Rust-dev mailing list Rust-dev@mozilla.org https://mail.mozilla.org/listinfo/rust-dev
[rust-dev] Code Review: Guessing Game (help the new docs!)
Hey all, So! The new tutorial will be focused on building several small projects in Rust. This example is the first one: a classic 'guessing game.' This was one of the first programs I wrote when I first learned C. I'd like the feedback of the community before I actually start writing the guide. So this code will be the final code of the first real example Rust programmers see. So I want it to be good. I don't claim this code is good, I just worked something out real quick. Please check out this gist, and send me either off or on-list, suggestions on how to make it better. Thanks! 3 https://gist.github.com/steveklabnik/7916d6256a6517e8282e ___ Rust-dev mailing list Rust-dev@mozilla.org https://mail.mozilla.org/listinfo/rust-dev