Sergey "Shnatsel" Davidoff
Sergey "Shnatsel" Davidoff
I've opened #68 for prost.
I believe that crate could also use a conversion to `MaybeUninit`
Apparently there is an issue in `bytes` crate where they deliberately trigger UB because the alternative costs too much performance. See https://github.com/rust-lang/unsafe-code-guidelines/issues/158
This is an all-volunteer effort, so don't feel pressured to complete the audit. Just note what you've already looked at and what the results were so that someone else could...
Another issue was discovered recently - a fairly obscure contract is violated: https://github.com/tokio-rs/bytes/issues/328 Another issue was found by accidentally stumbling into a segfault: https://github.com/tokio-rs/bytes/issues/340 and a related issue was later...
It seems all the issues described in the audit by @nuew above are fixed as of version 0.5.3: * `Inner::inline_ptr` appears to be gone * `Bytes::to_mut()` appears to be gone...
I was mistaken about the `*const` to `*mut` conversion, I've corrected my previous comment.
I am very hopeful about something like Clippy containing knowledge on anti-patterns instead of a guide. Simply because nobody cares about a guide, while clippy is _right there._ However, high-visibility...
https://github.com/rust-secure-code/rustsec-projects is the first stab at this, thanks to @DevQps
The slice-based approach as used right now is sadly unsound; I've opened #19 about that. More generally, to make this sound you need to write either to a `Vec` without...