Stream: wg-secure-code

Topic: integer-overflow-rfc


Alex Gaynor (Feb 09 2019 at 20:54, on Zulip):

Ok, first draft here: https://github.com/alex/rfcs/blob/usize-overflow/text/0000-usize-panic-overflow.md I'd appreciate any and all feedback before I actually submit.

Shnatsel (Feb 09 2019 at 21:06, on Zulip):

Looks good to me, except the "4 vulnerabitilities seen thus far all use usize" does not feel like a sufficient rationale. Perhaps it would be worth noting that usize generally occurs when you're dealing with pointers and in-memory sizes, and does not make much sense otherwise.

Alex Gaynor (Feb 09 2019 at 21:08, on Zulip):

If there's more samples elsewhere, I'd love to review them :-)

Shnatsel (Feb 09 2019 at 21:24, on Zulip):

nothing in rust-fuzz trophy case at least

Alex Gaynor (Feb 09 2019 at 22:46, on Zulip):

Nor in the rustsec advisory DB

Shnatsel (Feb 09 2019 at 23:43, on Zulip):

I'm tempted to make a meme about the situation or something. How often is it that you're trying to secure something, and your problem is that you don't have enough vulnerabilities?

Shnatsel (Feb 09 2019 at 23:45, on Zulip):

Judging by the track record so far, I'm pretty sure a bunch of them lurk in the stdlib, but my plan to extract them has hit a snag, see "automated fuzzing of stdlib" topic

Alex Gaynor (Feb 10 2019 at 20:29, on Zulip):

Well, it's submitted: https://github.com/rust-lang/rfcs/pull/2635 feedback very much appreciated

Tony Arcieri (Feb 11 2019 at 06:34, on Zulip):

@Shnatsel it's funny, that's a bit how I feel about RustSec. there were so many type confusion vulnerabilities in Ruby leading to remote code execution, and Rust has "sadly" eliminated many of those, so RustSec doesn't have the constant barrage of those to justify its existence

Last update: Nov 11 2019 at 21:55UTC