Litcius/Paper detail

Keeping Safe Rust Safe with Galeed

Elijah Rivera, Samuel Mergendahl, Howard Shrobe, Hamed Okhravi, Nathan Burow

2021Annual Computer Security Applications Conference32 citationsDOIOpen Access PDF

Abstract

Rust is a programming language that simultaneously offers high performance and strong security guarantees. Safe Rust (i.e., Rust code that does not use the unsafe keyword) is memory and type safe. However, these guarantees are violated when safe Rust interacts with unsafe code, most notably code written in other programming languages, including in legacy C/C++ applications that are incrementally deploying Rust. This is a significant problem as major applications such as Firefox, Chrome, AWS, Windows, and Linux have either deployed Rust or are exploring doing so. It is important to emphasize that unsafe code is not only unsafe itself, but also it breaks the safety guarantees of ‘safe’ Rust; e.g., a dangling pointer in a linked C/C++ library can access and overwrite memory allocated to Rust even when the Rust code is fully safe.

Topics & Concepts

Rust (programming language)Memory safetyComputer scienceCode (set theory)Operating systemEmbedded systemPointer (user interface)Programming languageSystem programmingComputer securityComputer hardwareSoftwareSoftware developmentSet (abstract data type)Security and Verification in ComputingAdvanced Malware Detection TechniquesWeb Application Security Vulnerabilities
Keeping Safe Rust Safe with Galeed | Litcius