Sergey "Shnatsel" Davidoff
Sergey "Shnatsel" Davidoff
@Manishearth frankly mostly because I've never seen it yell at me that I was doing something insecure. It might be a completely wrong impression. Is it the case that Clippy...
I feel a single tool doing everything at once would be overwhelming. It would spit out so many warnings that people would just ignore all of them. The fact that...
Not directly relevant to auditing crossbeam itself, but I've noticed they're pulling in a dependency with 170 unsafe expressions just to write a few lines with it, so I've replaced...
https://github.com/Eh2406/auto-fuzz-test is an experiment in automatically generating fuzzing harnesses based on function signatures. No docs yet, but it seems to be a functional proof-of-concept.
The hub for work on LLVM sanitizers in Rust is https://github.com/japaric/rust-san
If someone can concoct an alternative to Memory Sanitizer that does not require _all_ of the code to be instrumented and merely requires Rust code to be, that would be...
MSAN is now usable on Nightly with `-Z build-std` option, see https://doc.rust-lang.org/nightly/unstable-book/compiler-flags/sanitizer.html#memorysanitizer If C code is being linked into the binary, you will also need to pass some C compiler...
I've opened https://github.com/rust-fuzz/cargo-fuzz/pull/233 to make `cargo-fuzz` pass the required flags behind the scenes and make Memory Sanitizer "just work".
Previous vulns for reference: https://github.com/RustSec/advisory-db/tree/master/crates/smallvec There are still open concerns about use of uninitialized memory: https://github.com/servo/rust-smallvec/issues/126 https://github.com/servo/rust-smallvec/issues/139 Porting to `MaybeUninit` would resolve them. There is also not much internal consistency...
PR for conversion to `MaybeUninit` is up: https://github.com/servo/rust-smallvec/pull/162 It will also require bumping the minimum supported Rust version, so a lot of unsafe code present for backwards-compatibility could be cleansed...