I've considered starting a markdown file with anti-patterns found via Safety Dance in its repo, but then realized we'll be writing requests for Clippy lints anyway, so might as well skip right to that.
I'm just starting out, there's plenty more we can glean from the code that's been already fixed.
sounds like a great idea
Requested another lint: https://github.com/rust-lang/rust-clippy/issues/4515
Also I was surprised to find that Clippy already lints against transmuting references (suggests pointer casting instead) and then catches alignment issues with casts
Aaaand discussion in one of those Clippy lints actually spawned an RFC: https://github.com/rust-lang/rfcs/pull/2756
By Alkosh, I love Rust community
More lint requests: https://github.com/rust-lang/rust-clippy/issues/4520
I suppose I could use some upvotes on this one: https://github.com/rust-lang/rust-clippy/issues/4515
Oh hey, one requested lint is already implemented, just waiting on review: https://github.com/rust-lang/rust-clippy/pull/4511
Clippy has just merged a lint to complain about unsound transmutes of owned collections: https://github.com/rust-lang/rust-clippy/issues/4515
At this point all lints we've requested that lead to UB in practice and not just in theory are implemented. We need to request some more!
that, or we need to start exploiting more UB in the compiler to move things from the "theory" to the "practice" side of this ;)
@Shnatsel should we file an issue for a more general security-oriented categorization of clippy lints?
@Tony Arcieri I'm not opposed to that in theory, but I do not see which lints would qualify as of yet. The "this is a security vulnerability" lints hugely overlap with "correctness" lints, and it's not like we have lints for SQL injection or some such.