Hacker News new | past | comments | ask | show | jobs | submit login

C image libraries likr imagemagick are full of dangerous bugs. Using a performant memory safe language for image parsing and manipulation is a big win for security (and stability).

If this image handling can be extracted into its own library ( maybe it already has), then it can be used by other projects, and maybe even by C and C++ projects.




For example, https://imagetragick.com/

"One of the vulnerabilities can lead to remote code execution (RCE) if you process user submitted images."


(FWIW, I don't think any of those bugs are directly addressed by Rust's memory safety guarantee, since they mostly seem to be string injection problems. The strong abstraction power of Rust versus C may help people create APIs that are more resistant, but people can always write bad code. And of course, those are unlikely to be the only bugs in that C code.)


Unfortunately, these bugs will not be prevented by using rust as they are not memory related bugs.

If you code a command that reads and then deletes a file on the command line and people allow remote users to invoke that command remotely, the programming language is not going to help you.

ImageMagick doesn't have the design that is necessary to be exposed to remote users. So it shouldn't be.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: