Rust won't help. Sure the compiled code would be bounds-checked, but nobody woul... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Arnavion on March 7, 2023 \| parent \| context \| favorite \| on: A Vulnerability in Implementations of SHA-3, Shake... Rust won't help. Sure the compiled code would be bounds-checked, but nobody would notice the bug unless they gave it the crashing input. And then when they reimplemented the code in their non-bounds-checked language then that would reintroduce the bug anyway. A formal verification implementation would catch it at authoring time, yes.

ysleepy on March 7, 2023 [–]

It seems to be an array out of bounds read/write. Rust does bound checks, so this should be covered.

GoblinSlayer on March 7, 2023 | [–]

All languages except for C do bound checks, you don't need a borrow checker for this.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact