Previously Welcome to /dcsvg/ where we discuss security vulnerabilities caused by stagnant C/C++ which is preventable by default by modern languages and their compilers.
>ITT Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely.
>Exploit summary This exploit would let an attacker invoke denial of service in Linux. Authentication is NOT required to exploit this vulnerability.
>Caused by Use after free. Here’s a simple example of user after free in C, it's a valid C code: uint8_t* pointer = (uint8_t*) malloc(SIZE); ... if (err) { abort = 1; free(pointer); } ... if (abort) { logError("operation aborted before commit", pointer); } >How modern languages tackle this issue: Like C++, Rust uses the RAII approach everywhere (Resources Acquisition Is Initialization). That means that every variable is deterministically freed when it goes out of scope (= a pair of curly braces). So with “safe” Rust, you NEVER need to worry about freeing memory. But Rust doesn’t stop there. It goes a crucial step further. It won’t let you access memory that was freed! That’s enforced via the Ownership rules.
In Rust, variables have a property that’s called Ownership. An owner has the rights to use its data freely. Also, it can lend its data for a limited lifetime (= Borrowing). Moreover, data can only have a single owner. Thus, the scope of the owner dictates where the data will be freed (via RAII).
TLDR: C == GUARANTEED SECURITY EXPLOITS >Why does windows has less exploits in comparison Written in C++, it has RAII
Try actually using the languages you shill. The Rust compiler disables overflow checks in release builds.
Gavin Young
And it doesn't do that in debug builds. Nice try diverting the attention from though, fucking CIA nigger
Joseph Smith
Test cases are not all encompassing.
It's quite easy for an integer overflow to escape testing, and in rust it'll quite easily land into release like with any other language.
You're a retarded diehard safety fag who won't listen to any reason whatsoever, and you clearly know nothing at all about actual software development.
Nathan Rodriguez
>safety is bad I know would say that why don't you try fucking right off, cocksucking faggot?
Brandon Parker
>>safety is bad Can you point to the post where I said that?
Carson Wilson
...
Blake Green
are you just RUST shill?
Colton Hall
I'm not seeing it. I see me calling you a diehard safety fag, but I don't see anywhere where I say that safety is bad.
Xavier Rodriguez
Not only C doesn't prevent integer overflow but also C doesn't prevent invalid pointer returns. What a shitty language.
Angel Johnson
What?
Jordan Davis
Nice backpedaling. 12 shekels will be deposited into your NSA/C defense force campaign account for trying to divert attention.
Chase Bailey
LOL repeat after me:
C was a _____
Brody Long
>C doesn't xyz It makes a lot more sense if you think of it as portable assembler. It gives you control over the hardware instead of trying to hide it.
Nolan Torres
Yes, I know that, what's your point? I'm not a diehard Cfag so I'm not going to defend that, but it's only when you start doing low level things where you start to appreciate the language not getting in your damn way all the time. Low level programming is inherently unsafe.
Backpedalling? where? If you think me calling you a diehard safety fag means I think safety is bad, then you'd be wrong. I don't think safety is bad, but I think people like you who defend it AT ALL COSTS and disregard any reasoning and coherency are severely retarded.
Example:
Jose Watson
"""portable""" garbage is for people who cannot write ASM
Gabriel Mitchell
Write a UEFI bootloader in your safe language, scriptkiddies.
Blake Ramirez
>Backpedalling? where? >I'm not a diehard Cfag >If you think me calling you a diehard safety fag means I think safety is bad, then you'd be wrong. Are you alright there, user?
Chase Brooks
does these threads just a shill thread?
Easton Lee
Yeah, I shill for safety. I shill for security
Brayden Jones
It's possible in Rust, you just need a few unsafe blocks. Rust is actually a proper systems language, and it's safety features can be easily bypassed when needed. It's just that it's easier and simpler to do in C or C++.
Of course, if you have any competency in programming at all, safety shouldn't be a concern for you, so C is a good choice for simplicity reasons.
Aaron Howard
It's hilarious how Rust faggots can only advocate for their shitty language by attacking other languages.
Jordan Butler
Point to the post where I claimed I was a Cfag. You don't have to be a Cfag to defend C. Actually I'm not even defending C, I'm just dispelling your stupidity.
Literally the only people who bash C is retards who don't know how to program. t. Rustfag
Grayson Ortiz
>Rust is actually a proper systems language, and it's safety features can be easily bypassed when needed _Its_ safety measures are unnecessary for competent programmers. Now learn some grammar and fuck off.
Liam Hill
Oh no it's not like C tards attack other languages for what shortcomings they have, amirite?
Zachary Gutierrez
I agree.
Asher Peterson
No, you're just seeing it that way.
Noah Peterson
Name one competent C programmer
Evan Butler
>windows has less exploits Oh my god
Charles Carter
Linus Torvalds
Dominic Morris
The reason Rust is being pushed so hard is because social justice warriors have found great difficulty penetrating the communities of open source system coders who use C and/or C++.
The "safety" features give advantages to lobotomised Feminist studies "coders" who are trying to "disrupt" these communities while breaking the knee caps of everyone else who knows what they are doing.
Literally nothing in Rust actually solves problems that haven't already been solved by RAII in C++ and even some GC/stack/heap techniques in the arguably superior but slower D compiler.
The advocates are all social justice warriors and this is their "long march through the development communities". They are employing critical theory against their main targets C and C++, by criticising everything it is and does and demonising its users. They've held back their "cis het white male" jargonism for now, but once they have established a foot hold "killer app", expect them to go wild with it. Just read through the big throbbing CoC they've erected on their main website.
Rust is kill. Don't touch it, spit on all its advocates.
Brody Myers
Thanks for the most bug ridden and vulnerable kernel in 2017, Linus. Consider your project dead after you die as well
Anthony Peterson
That would be Windows. Torvalds doesn't even write any code for Linux anymore, he just merges pull requests. Someone else is responsible for the bug in the OP.
Ryan Anderson
D hasn't removed their GC just yet, Rust is still miles ahead of D. Nice try to appeal gullible Sup Forums babbies with your muh SJW bogeyman so they forget about the elephant in the room called security and privacy
Eli Anderson
wont you tired of samefagging?
Brayden Cooper
>t. Rustfags
David Bailey
> He thinks a bloated language can replace C They lost before they even started. All the bloated languages that can't be deeply understood without devoting your life to them will eventually die.
C++, C#, Java, Object-C, Go, Python, all this shit will eventually go down in flames. Languages like C and Lua will prevail.
By the way, do you know any more small, may be niche, languages like C and Lua, that were not dissolved into uncountable dialects? Regex would count too, I suppose, there aren't too many differences once you know the basics.
Brody Reyes
>The "safety" features give advantages to lobotomised Feminist studies "coders" who are trying to "disrupt" these communities while breaking the knee caps of everyone else who knows what they are doing. Hmmmm >Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4, f2fs, or ubifs encryption, causing cryptographic transform objects to be freed prematurely. CVE-2017-7374 > The keyring_search_aux function in security/keys/keyring.c in the Linux kernel through 3.14.79 allows local users to cause a denial of service (NULL pointer dereference and OOPS) via a request_key system call for the "dead" type. (CVE-2017-6951) >The vc4_get_bcl function in drivers/gpu/drm/vc4/vc4_gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow detections, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) via inconsistent size values in a VC4_SUBMIT_CL ioctl call. (CVE-2017-5577) >The KEYS subsystem in the Linux kernel before 3.18 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving a NULL value for a certain match field, related to the keyring_search_iterator function in keyring.c. (CVE-2017-2647) All these in 2017. I'm afraid your Sup Forums bullcrap isn't solving any of these
Robert Gutierrez
Nigger
Jason Garcia
What are you talking about? C is a bloated language.
Justin Edwards
>Sup Forums babbies Notice how Rustfags can never call you a faggot or a nigger. They have to use infantalisation terms. This is because their SJW-programming short circuits the moment
>D hasn't removed their GC just yet, And?
C++ has shared_ptr, unique_ptr and weak_ptr, Rust literally has no point except for penetration of existing communities by the same freak Firefux show that fired the creator of javascript (Brendan Eich) because he exercised his democratic right to fund a lobbying firm. In truth, just to stop his resistance against w3c's agenda of inserting DRM into HTML5.
We are well aware of your agenda, don't think for a minute we are ignorant of it.
Jace Long
>Sup Forums outgrouping
Back to you go.
>C >bloated I mean what's less "bloated", FORTH? Scheme? Go fuck yourself.
Kevin Gonzalez
Well, if C is bloated, then Rust is your mom.
This is the nature of a monolithic kernel. There will always be bugs in a monolithic kernel. Microkernels are the answer.
Ayden Sanders
Isn't it amazing when C toddlers defend Linux when Linux itself is literal SJW garbage?
>D hasn't removed their GC just yet, >And? Suffers from sub par GC performance. Fuck off, idiot, D isn't all that bad but I'd wait until they completely remove GC to actually compete against Rust
Joseph Hill
>Notice how Rustfags can never call you a faggot or a nigger. But this one just did.
Nicholas Williams
>>Sup Forums outgrouping > >Back to you go. What you don't realize is Sup Forums and /lgbt/ are actually crossboarders. Never been to Sup Forums? I thought so
>Sending a Sup Forums fag to /lgbt/ manually How new are you?
Aiden Butler
C++'s scoped pointers don't have any support by the compiler; shared_ptr doesn't protect against data races and none of them stop access after the resource has been destroyed, moreover Rust's type checker guards against data races, iterator invalidation and other things C++ doesn't because it can't due to the fundamental design choices it made early in its lifetime.
People outgroup Sup Forums because you're all incapable of not dragging your dumb internet crusades into unrelated topics and use it to divert from topical discussions, like you just did with your response.
>C++ LMAO Even C is bettar than that fucking SHITE broken language
Landon Hill
>shared_ptr doesn't protect against data races and none of them stop access after the resource has been destroyed Yes they do if you use the locks properly, holy fuck are you retarded? You sound like you haven't written a line of C++.
>Rust's type checker guards against data races, iterator invalidation and other things C++ doesn't because it can't due to the fundamental design choices it made early in its lifetime. Except it can if you use the right tools. e.g >People outgroup Sup Forums because you're all incapable >We outgroup you into this group because you're part of this group Good to know your Rustic mind can't recognise circular logic. Cool argument bro.
Hudson Murphy
>awesome sanitizers xzDdddDDDDxdd welcome to 2007, the year you were born
Lincoln Morgan
Nuke this board already, it's all stupid generals, falseflagging shills, and Sup Forumsermin.
Landon Powell
OH MY GOD I HATE C++ NOW!!!!!!!11XD
I AM NOW A FULLY FLEDGED TRANNIE-USING RUST. YOUR CODEBASE IS NOW SAFE FROM MY MENTAL ILLNESS.
THANK YOU BASED (((MOZILLA))).
Asher Bennett
->60059147 >C++ You tried. No (you) for you
Camden Bailey
>xzDdddDDDDxdd Seriously if I didn't know any better I would have thought the Rust faggots on this thread were false flaggers.
But clearly they're this retarded. Threads like this are why no body likes your shit language.
Julian Sanchez
He didn't say safety was bad, he said you were a safety fag. Which even if one takes context into account and a negative connotation, only means that safety is bad in your case. And I can see his point. You post these threads daily and seem either paid or obsessed. Anything in that extreme is bound to be bad in some ways. I think the go-to though is a shitty community which constantly baits and shills a language that may well have been decent, but now everyone hates. And its mostly because of you screaming incoherently about safety.
Thus you are a safety fag. Mods you don't have to ban rust threads, but can you please ban rust shitposters at least?
Jason Gray
Oooooh, struck your nerve, haven't I?
Jaxson Scott
>waaa mods ban them they hurt my feelings Fuck off back to plebbit, NSA cuck
Christopher Hernandez
C really was a mistake after all. 45 years and these bugs still pop up
Jack Cox
>Amount of C apologists ITT Fucking WEW. No wonder there, CIA posts on Sup Forums now
HURR DURR DON'T BRING THIS UP GOYIM, C IS GOOD
Luis Bell
>NSA cuck >Implying Mozilla is not compromised after Eich was removed
Gavin Wilson
>Yes they do if you use the locks properly, This isn't something enforceable by the compiler in C++ and "it works right if you don't make mistakes" is a tangent to the idea that rust is better because it stops these errors from happening by way of compiler checks in the first place.
>Except it can if you use the right tools. These are runtime debugging tools; they can't catch all errors of those categories and they only work if and when the control flow reaches the bug during testing.
>Good to know your Rustic mind can't recognise circular logic. Generalizing about someone from the negative qualities of a group isn't the same as dismissing someone for solely being part of it. You don't seem any better at this.
Colton Clark
Holy fucking shit, can Rust faggots be any more fucking shit. This thread is so fucking horrible holy fuck. C is a perfectly fine language, you can not blame it for the mistakes of inept programmers who do simple things like use after free, or don't check their buffer bounds.
Benjamin Bell
This. If you are defending C after all these you are either an idiot suffering from baby duck syndrome or an actual paid NSA shill.
China, Russia and (((Israel))) are constantly attacking our cyberspace and there are idiots that defend C in this decade
Lincoln Watson
Why do you have to blame the programmer if the language/compiler is able automate tedious tasks for you?
Nolan Thompson
So this is the power of Linux
Ryan Gray
You mean the power of C
Nathan Thompson
because those things cause extra overhead if they are happening at runtime, otherwise you could just employ static analysis and be able to achieve the same results.
Jason Long
>This isn't something enforceable by the compiler in C++ Which is a GOOD THING because that's not the compiler's job. That's what sanitizers are for.
> Generalizing about someone from the negative qualities of a group >Still employing circular logic by outgrouping as priori What part of circular logic does your tiny head not comprehend?
Henry Walker
>you could just employ static analysis Why is that optional? Static analysis should and must be compulsory in compiler or project management.
Linux is not a hobby project. I'm pretty sure people that write Linux is smarter than you and yet they keep "mysteriously" forgetting about using static analysis
Hunter Harris
Fresh OC
Anthony Foster
Why does C attract underage memelords? Legit question.
Aiden Wood
Why does Rust attract homosexuals?
Lucas Lopez
Why do pro rust shitposters all sound like they learned to speak "Sup Forums" from Sup Forums?
Blake Evans
Case on point.
Colton Jenkins
>you can not blame it for the mistakes of inept programmers who do simple things like use after free, or don't check their buffer bounds. Basically every major project written in C has a not-insignificant portion of incompetent programmers then, based on the long track-record of vulnerabilities. It's good we can agree C users are too inept and need better tools then.
Rust (and many other safe languages) run their checks at compile time with zero runtime cost, and C and C++ do not have enough sophistication in their type system to support the same level of static analysis.
>Which is a GOOD THING because that's not the compiler's job. Type checking your program to guard against clear semantic errors is exactly what the compiler's job is and the more well-developed the type system, the better job it will do of it.
>WRONG. All three of the tools listed in the title of that video have runtime components that are linked to the resulting binary. Check their documentation in the llvm project.
>What part of circular logic does your tiny head not comprehend? Sorry, your understanding of the idea seems thin and you're bad at explaining your interpretation of it in relation to what I've posted. I guess you'll have to take solace in calling me dumb some more :^(
Luis Fisher
This
Brayden Perry
>no GC Enjoy your memory leaks, rustfags I'll stay comfy over here using Go
Benjamin Lopez
Rust does a pretty good job preventing memory leaks but some leaks aren't prevented. It's the same with GC though
Samuel Martinez
How exactly is that perfectly valid C code? You free the pointer and then use it again. Obviously that's not valid. Yes if there is no error, the pointer won't be freed, and the program will compile and execute. But I fail to see why you'd free the pointer at all if there is an error, and I definitely don't see that as good code. I wouldn't blame the language for that, I'd blame sloppy devs Unless you know of a valid reason to free that pointer in the if statement.
Ayden Perry
It's not invalid and hence it compiles
Angel Wood
It's hilarious to see how many languages have to tried to upend C and failed miserably.
C++ is the only one that really can, and even when it's used in place of C, few of the "features" of C++ are used.
Owen Robinson
>shit library devs are the language's problem!
Just use a sandboxed language if you're this retarded.
Angel Peterson
Is whether or not it compiles all you care about? That's a poor philosophy, IMHO I would consider this a bug or a runtime error For one, relying on compiler's to be smart is bad practice. For two, even "safe" languages have buggy code that runs but gives an unintended result. The only difference is that this buggy code leads to unsafe memory. If code is buggy, it should be fixed. I don't see why it is the languages fault for people writing buggy code. Under your definition of "valid code" bugs are perfectly valid, and run time errors can emerge from valid code. I can't say I agree with that understanding.
Austin Williams
now that multiple c to j.asm compilers exist, and of course any language really can do this. why not just move a javascript interpreter into the kernel and forget native code entirely
it's the most popular language with the most powerful modern oop opensource codebase.
portability would be solved forever and we can really do what we've been flirting with for years now, this is obviously what we need
browsers are the portal to 90% of average users programs, this can finally end this and make the computing world make sense.
Q2. what about vm overhead! it can never truly be as fast! WRONG!. Infact according to a study by Microsoft a shift to virtual memory protection instead of hardware based irq we can increase speed by 25 - 40% using a conservative 80-90% vm overhead we can actually gain a modest speed increase with our new kernal j.asm interpreter source: research.cs.wisc.edu/areas/os/Seminar/schedules/papers/Deconstructing_Process_Isolation_final.pdf
Q3. Won't this be insecure! WRONG! how often does javascript break out of sandbox today? Anyway. libcurl is written in one of the most insecure and outadted languates ever C, with no garbage collection and shitty manual memory management its practically a joke in the security world; yet libcurl is constantly and exhaustively searched for issues and therefore remains relevant even now source: daniel.haxx.se/blog/2017/03/27/curl-is-c/
so Sup Forums, is it time to dump native code and move everything to the worlds most popular language? I say yes