The Safe-C Programming Language is a C-like programming language whose objectives are speed and reliability (by checking array indexes, pointers, etc ..)
The flaws listed as "C mistakes" are vulnerabilities that we deem are likely to not have happened should we have used a memory-safe language rather than C. The C mistakes are divided into the following areas: OVERFLOW, OVERREAD, DOUBLE_FREE, USE_AFTER_FREE, NULL_MISTAKE and UNINIT.
The flaws listed as "C mistakes" are vulnerabilities that we deem are likely to not have happened should we have used a memory-safe language rather than C. The C mistakes are divided into the following areas: OVERFLOW, OVERREAD, DOUBLE_FREE, USE_AFTER_FREE, NULL_MISTAKE and UNINIT.
@gullevek @maia Do it the way the Go team did it: write a C to Rust translator, then translate the C program into Rust and then fix all the translation errors by hand.
@gullevek @maia I mean Rust is great, but also a memory-safe language would be enough for curl, it does not have to be a high-performance memory safe language?
If you get rid of lifetimes and pass everything by reference life becomes _a lot_ simpler.
@juliank @gullevek @maia first, I don't think the premise that speed is unimportant holds. Then, I don't think there is any other language than rust that would be close to viable (and even that does not even support half the platforms curl runs on). Also, don't forget footprint.
then we would have 40% vulnerabilities in $Other_Language. you need an expert in that language + the same person being security aware (in full) to drastically reduce this number.And this person has to have fun writing code used y everyone while getting blamed by everyone when there is a small mistake or vulnerability. And these days, getting annoying Vulnerability reports created by KI by people who think they are good. I am grateful that Daniel uses his spare time to develop curl.
One could look at your contributions to curl and say that we could've avoided X% of security bugs, or indeed, all bugs, if we simply sent you on a long vacation somewhere without access to a computer π
AGRO TURBO.EXE SATAN πΊπ¦π¨πΏ
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to AGRO TURBO.EXE SATAN πΊπ¦π¨πΏ • • •AGRO TURBO.EXE SATAN πΊπ¦π¨πΏ
in reply to daniel:// stenberg:// • • •Tom
in reply to daniel:// stenberg:// • • •which does not necessarily mean that other languages would have prevented _all_ the mistakes, but probably some of them, I guess. π€
Thanks for the figure anyway!
adheethπ
in reply to daniel:// stenberg:// • • •Safe-C Programming Language
www.safe-c.orgLangerJan
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to LangerJan • • •@LangerJan
curl.se/docs/security.html explains:
The flaws listed as "C mistakes" are vulnerabilities that we deem are likely to not have happened should we have used a memory-safe language rather than C. The C mistakes are divided into the following areas: OVERFLOW, OVERREAD, DOUBLE_FREE, USE_AFTER_FREE, NULL_MISTAKE and UNINIT.
curl - CVEs
curl.sedaniel:// stenberg://
in reply to daniel:// stenberg:// • • •Enno T. Boland
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to Enno T. Boland • • •@Gottox mastodon.social/@bagder/113638β¦
daniel:// stenberg://
2024-12-12 08:03:49
Josh
in reply to daniel:// stenberg:// • • •maia // magmaus3
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to maia // magmaus3 • • •daniel:// stenberg:// reshared this.
gullevek β’οΈ π―π΅
in reply to daniel:// stenberg:// • • •Julian Andres Klode π³οΈβπ
in reply to gullevek β’οΈ π―π΅ • • •daniel:// stenberg://
in reply to Julian Andres Klode π³οΈβπ • • •Julian Andres Klode π³οΈβπ
in reply to daniel:// stenberg:// • • •I should have started with:
Someone should
And sure I'd love to be that someone but I don't have the time for it either :D
@gullevek @maia
Julian Andres Klode π³οΈβπ
in reply to Julian Andres Klode π³οΈβπ • • •@gullevek @maia I mean Rust is great, but also a memory-safe language would be enough for curl, it does not have to be a high-performance memory safe language?
If you get rid of lifetimes and pass everything by reference life becomes _a lot_ simpler.
daniel:// stenberg://
in reply to Julian Andres Klode π³οΈβπ • • •@juliank @gullevek @maia first, I don't think the premise that speed is unimportant holds. Then, I don't think there is any other language than rust that would be close to viable (and even that does not even support half the platforms curl runs on). Also, don't forget footprint.
But sure. It is just code.
Aris Adamantiadis π²Paid
in reply to daniel:// stenberg:// • • •lb1a
in reply to daniel:// stenberg:// • • •Maciek Flak
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to Maciek Flak • • •Stefan Eissing
in reply to daniel:// stenberg:// • • •Written as a Perl script, these CVEs would have been prevented.
Among many other thingsβ¦π
Rince
in reply to daniel:// stenberg:// • • •you need an expert in that language + the same person being security aware (in full) to drastically reduce this number.And this person has to have fun writing code used y everyone while getting blamed by everyone when there is a small mistake or vulnerability. And these days, getting annoying Vulnerability reports created by KI by people who think they are good. I am grateful that Daniel uses his spare time to develop curl.
Jonathan Yu
in reply to daniel:// stenberg:// • • •Thomas Lee β
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to Thomas Lee β • • •ITwrx
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to ITwrx • • •daniel:// stenberg://
Unknown parent • • •zwangseinweisung
in reply to daniel:// stenberg:// • • •