That page makes the same mistake I did, which caused Ted to write the article in the first place. There's no memory safety issue at play, at least not in the way memory safety is usually referred to. As the TFA shows, the problem is explicitly reusing the same buffer. I don't think there's a general way to prevent this kind of code.
I guess more than just me assumed Heartbleed was a typical blindly allocate and read, going past the buffer bound. But that's not what happened. Writing the same thing is totally possible in OCaml. And in a safe language with GC, it's not unheard of to reuse objects for performance. So in fact it's perhaps even somewhat probable to end up with a Heartbleed-like bug.
True, I still wanted to get the information outthere.
Also I think, if you watch the Q&A at the end of the talk, they clame that the way you write and abstract code is diffrent and leads to saver code as well.
I dont want to clame that it is true, just pointing it out.
http://openmirage.org/blog/introducing-ocaml-tls
Here a Video about Mirage OS and this TLS Stack from the 31C3.
Trustworthy secure modular operating system engineering - http://media.ccc.de/browse/congress/2014/31c3_-_6443_-_en_-_...
There goal is to reduce the trusted computing base to a minimal.
Rust could deliver some of the same benefits to writing highperformance low level code.