Is rust language really safe?
0 likes423 views
The document discusses whether the Rust programming language is truly safe. It begins by defining safety as protection from harm. It then provides examples of bugs in other systems that caused major issues like erroneous website classifications, radiation overdoses in medical machines, and multimillion dollar losses. The document outlines some key features of Rust like memory safety guarantees and lack of data races that aim to prevent these issues. However, it notes that unsafe code blocks allow bypassing some checks and could lead to memory corruption if used incorrectly. Therefore, while Rust aims to be safe, vulnerabilities may still be possible through its unsafe capabilities or limitations of compile-time checks.
![Definition of safety
“Safety is the state of being "safe" (from French sauf), the condition of being
protected from harm or other non-desirable outcomes”[3]](https://image.slidesharecdn.com/isrustlanguagereallysafefinal-171120164216/85/Is-rust-language-really-safe-2-320.jpg)
![Why safety matters?
● “In January 2009, Google's search engine erroneously notified users that
every web site worldwide was potentially malicious, including its own.”[1]
● “A bug in the code controlling the Therac-25 radiation therapy machine was
directly responsible for at least five patient deaths in the 1980s when it
administered excessive quantities of beta radiation.”[1]
● “The European Space Agency's Ariane 5 Flight 501 was destroyed 40
seconds after takeoff (June 4, 1996). The US$1 billion prototype rocket self-
destructed due to a bug in the on-board guidance software.”[1]
● “Knight’s $440 Million Error – One of the biggest American market makers for
stocks struggled to stay afloat after a software bug triggered a $440 million
loss in just 30 minutes.”[1]](https://image.slidesharecdn.com/isrustlanguagereallysafefinal-171120164216/85/Is-rust-language-really-safe-3-320.jpg)
![Rust Language
“Rust is a systems programming language that runs blazingly fast, prevents
segfaults, and guarantees thread safety.”[4]
● zero-cost abstractions
● move semantics
● guaranteed memory safety
● threads without data races
● pattern matching
● type inference
● minimal runtime](https://image.slidesharecdn.com/isrustlanguagereallysafefinal-171120164216/85/Is-rust-language-really-safe-4-320.jpg)
![C++ sample
capacity
elem
ptr
size
0
[…]
STACK HEAP](https://image.slidesharecdn.com/isrustlanguagereallysafefinal-171120164216/85/Is-rust-language-really-safe-7-320.jpg)
![Rust Ownership
“Prevents use after free in compile time...”[6]](https://image.slidesharecdn.com/isrustlanguagereallysafefinal-171120164216/85/Is-rust-language-really-safe-9-320.jpg)
![Rust Borrowing
“Borrowing prevents moving...”[6]](https://image.slidesharecdn.com/isrustlanguagereallysafefinal-171120164216/85/Is-rust-language-really-safe-11-320.jpg)
![Unsafe keyword
“There are some times when your code might be okay, but Rust thinks it’s not! In
these cases, you can use unsafe code to tell the compiler, “trust me, I know what
I’m doing.” The downside is that you’re on your own; if you get unsafe code wrong,
problems due to memory unsafety like null pointer dereferencing can occur.”[5]](https://image.slidesharecdn.com/isrustlanguagereallysafefinal-171120164216/85/Is-rust-language-really-safe-16-320.jpg)
![Unsafe Memory Corruption
Vector set_len idea[7]](https://image.slidesharecdn.com/isrustlanguagereallysafefinal-171120164216/85/Is-rust-language-really-safe-17-320.jpg)
Is rust language really safe?
- 1. Is rust language really safe? twitter.com/jrabell0
- 2. Definition of safety “Safety is the state of being "safe" (from French sauf), the condition of being protected from harm or other non-desirable outcomes”[3]
- 3. Why safety matters? ● “In January 2009, Google's search engine erroneously notified users that every web site worldwide was potentially malicious, including its own.”[1] ● “A bug in the code controlling the Therac-25 radiation therapy machine was directly responsible for at least five patient deaths in the 1980s when it administered excessive quantities of beta radiation.”[1] ● “The European Space Agency's Ariane 5 Flight 501 was destroyed 40 seconds after takeoff (June 4, 1996). The US$1 billion prototype rocket self- destructed due to a bug in the on-board guidance software.”[1] ● “Knight’s $440 Million Error – One of the biggest American market makers for stocks struggled to stay afloat after a software bug triggered a $440 million loss in just 30 minutes.”[1]
- 4. Rust Language “Rust is a systems programming language that runs blazingly fast, prevents segfaults, and guarantees thread safety.”[4] ● zero-cost abstractions ● move semantics ● guaranteed memory safety ● threads without data races ● pattern matching ● type inference ● minimal runtime
- 9. Rust Ownership “Prevents use after free in compile time...”[6]
- 10. Rust Borrowing zionvm fetch sample
- 11. Rust Borrowing “Borrowing prevents moving...”[6]
- 12. Stack Based Buffer Overflow 1
- 13. Stack Based Buffer Overflow 1
- 14. Stack Based Buffer Overflow 2
- 15. Heap Based Buffer Overflow
- 16. Unsafe keyword “There are some times when your code might be okay, but Rust thinks it’s not! In these cases, you can use unsafe code to tell the compiler, “trust me, I know what I’m doing.” The downside is that you’re on your own; if you get unsafe code wrong, problems due to memory unsafety like null pointer dereferencing can occur.”[5]
- 17. Unsafe Memory Corruption Vector set_len idea[7]
- 18. Unsafe Memory Corruption Capacity WTF??
- 19. Conclusion ● Rustc realiza varias inferencias em tempo de compilacao, porem nos exemplos que foram demonstrados aqui, algumas checagens em tempo de execucao poderiam ter sido feitos em tempo de compilacao ● Rust e novos desafios para pesquisadores de seguranca da informacao ● Exploracao de vulnerabilidades em rust totalmente plausivel
- 20. References 1. https://en.wikipedia.org/wiki/List_of_software_bugs 2. https://www.exploit-db.com/exploit-database-statistics/ 3. https://en.wikipedia.org/wiki/Safety 4. https://www.rust-lang.org/en-US/ 5. https://doc.rust-lang.org/book/second-edition/ch19-01-unsafe-rust.html 6. https://www.youtube.com/watch?v=agzf6ftEsLU 7. https://avadacatavra.github.io/rust/gdb/exploit/2017/09/26/attackingrustforfuna ndprofit.html