Sergey "Shnatsel" Davidoff
Sergey "Shnatsel" Davidoff
https://crates.io/crates/claxon FLAC decoder in Rust, within 10% performance margin compared to reference C implementation. Not terribly widely used (300 downloads/day) but high-risk due to being a binary format decoder. Uses...
https://crates.io/crates/reqwest Popular HTTP client library. 5000 downloads/day. High-risk due to handling untrusted input from the network. Uses unsafe.
https://crates.io/crates/imageproc Extra image processing operations on top of `image` crate. Had plenty of unsafe code last time I checked. Relatively low-profile (at about 100 downloads a day), but could be...
https://crates.io/crates/encoding_rs Implementation of the [encoding standard](https://encoding.spec.whatwg.org/). 7000 downloads/day, used by **Firefox,** reqwest, actix-web, etc. Plenty of unsafe code.
https://crates.io/crates/goblin Parser for binary formats: ELF, Mach-O, PE. 750 downloads/day. High-risk due to being a binary parser and potentially exposed to untrusted input. At a glance the ELF module contains...
https://crates.io/crates/crc32fast Implementation of crc32 with hardware acceleration where applicable. Over 9000 downloads per day. Exposed to untrusted input through a zillion of compression/decompression libraries. Contains unsafe code around CPU feature...
Many widely used libraries use unsafe code where it's not strictly necessary. Typically this is done for performance reasons, i.e. there are currently no safe abstractions to achieve the goal...
We already have some excellent tooling for generating test cases for programs to make them blow up: - Parametric testing: [QuickCheck](https://github.com/BurntSushi/quickcheck) and [Proptest](https://github.com/altsysrq/proptest) - Fuzzing: [AFL](https://github.com/rust-fuzz/afl.rs), [libfuzzer](https://github.com/rust-fuzz/cargo-fuzz) and [honggfuzz](https://github.com/rust-fuzz/honggfuzz-rs) We...
Two [serious](https://cve.mitre.org/cgi-bin/cvename.cgi?name=%20CVE-2018-1000657) [vulnerabilities](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000810) have been discovered in libstd to date. Another one was introduced but reverted before release because it was so bad that it [caused crashes even on valid...
[Clippy](https://github.com/rust-lang/rust-clippy) is great heuristic tool, but does not have many safety or security analysis lints yet. We should extend it with anti-patterns we discover. This is tracked as ~~#24~~ #27....