Post AcmXASWHOnHNJpncrA by rain@hachyderm.io
(DIR) More posts by rain@hachyderm.io
(DIR) Post #AcmXAJzj5wUCsYVW0O by bagder@mastodon.social
2023-12-13T09:03:04Z
0 likes, 0 repeats
Making it harder to do wrong#curl is written in C. We try to write better C to reduce the risk of future vulnerabilities.https://daniel.haxx.se/blog/2023/12/13/making-it-harder-to-do-wrong/
(DIR) Post #AcmXAKnM7QBXMTj9MW by ikey@fosstodon.org
2023-12-13T10:26:37Z
0 likes, 0 repeats
@bagder I get that you're not into Rust - but this statement is just opening you up to flaming:"Rust is cool, but the language, its ecosystem and its users are rookies and newbies for system library level use."I certainly wouldn't be described as a rookie by anyone.
(DIR) Post #AcmXALimfu7eEab0sK by bagder@mastodon.social
2023-12-13T10:28:10Z
0 likes, 0 repeats
@ikey I think me specifying this "for system library use" make me right.
(DIR) Post #AcmXALt43gLUkTPDto by bagder@mastodon.social
2023-12-13T10:10:48Z
0 likes, 0 repeats
the "Lines of libcurl code per function use" graph will show up on the curl dashboard so that I can keep an eye on how this develops going forward
(DIR) Post #AcmXAMZbVWNCsPJCCm by ikey@fosstodon.org
2023-12-13T10:31:04Z
0 likes, 0 repeats
@bagder It smacks of C elitism - I'm sure you didn't intend that (context: I'm a longterm C dev that left for greener pastures).Do you mean the ABI of Rust itself? One could argue that its OK to whack an `extern C` wrapper onto the Rust lib and use symbol version scripts.FWIW - I'm not in the "you should RIIR" crowd, I'm more in the upgrade-component-by-component crowd ^^
(DIR) Post #AcmXANE15GhQtkDTCC by bagder@mastodon.social
2023-12-13T10:37:26Z
0 likes, 0 repeats
@ikey I don't follow. When would I mean the ABI? When I say rust is new for system libraries? No I don't. Maybe I should just ask you how long rust has been able to return error instead of panicking on out of memory?
(DIR) Post #AcmXANsmdhJEwBI1js by ikey@fosstodon.org
2023-12-13T10:43:36Z
0 likes, 0 repeats
@bagder you're conflating standard library with the language. There are various no-panic style decorator crates, the option to rebuild libstd, use no_std, or codepaths that don't panic.The same argument is true in C libraries when `abort()` is called instead of returning an error.
(DIR) Post #AcmXAORWYX6AfvXltA by bagder@mastodon.social
2023-12-13T10:44:57Z
0 likes, 0 repeats
@ikey I can't separate them for a library written in rust. When a library cannot avoid panic, it is just... wrong.
(DIR) Post #AcmXAOw0jBU8CTo7PM by ikey@fosstodon.org
2023-12-13T10:53:22Z
0 likes, 0 repeats
@bagder a sensible person would write the stubbed C FFI skeleton and invoke the Rust code via std::panic::catch_unwind so that any remaining panics were UB cases. I'm pretty sure curl avoids glib2 for similar reasonsI've said my piece - you apply different logic to C vs Rust because you favour C, and I got some PTO to take tbh. :)
(DIR) Post #AcmXAPXaTTXi51O7yi by bagder@mastodon.social
2023-12-13T10:59:38Z
0 likes, 0 repeats
@ikey your rust hat shows
(DIR) Post #AcmXAQ9ADlbHxYy8Y4 by ikey@fosstodon.org
2023-12-13T11:04:11Z
0 likes, 0 repeats
@bagder Its not hiding - its clearly displayed on my profile. And I've only recently switched to Rust after avoiding it for years, using C/C++/D/etc.You demonstrate an unwillingness to be reasonable outside of C, and tbh I find the "we have less CVEs than the other guys" argument extremely brittle.I've tried my utmost to be cordial here but its like talking to a brick wall. See ya.
(DIR) Post #AcmXAQHfi8PENwwvoG by bagder@mastodon.social
2023-12-13T10:46:42Z
0 likes, 0 repeats
@ikey and yes, I believe they are fixing this problem. But this is what I mean when I say it is new. Very new.
(DIR) Post #AcmXAQtbR6kOHahDvs by bagder@mastodon.social
2023-12-13T11:21:30Z
0 likes, 0 repeats
@ikey a brick wall that responds is a special kind of wall I guess...
(DIR) Post #AcmXARekboSedoksQC by hramrach@stranger.social
2023-12-13T18:02:08Z
0 likes, 0 repeats
@bagder @ikey I guess that about sums up the 'rust crowd'. They tell you you are dumb for not using rust, and they won't listen when you are telling them about the reasons you are not using it.A language that is defined by a compiler accepting the code, with biyearly update to said compiler, your code randomly failing to build with said update, for system libraries?Eww. No, thanks. 😑
(DIR) Post #AcmXASWHOnHNJpncrA by rain@hachyderm.io
2023-12-13T23:04:10Z
0 likes, 0 repeats
@hramrach @bagder as a Rust gal I don't support the way Ikey handled the situation, but the "code randomly failing to build" is, like, incredibly common with C compilers and dare I say way more than with Rust. Just yesterday I had to debug a new clang/old xmlsec1 compile incompatibility. I can't recall the last time I had to do that with old Rust projects
(DIR) Post #AcmXATHmYBHDhA1Ytk by bagder@mastodon.social
2023-12-13T23:10:44Z
1 likes, 0 repeats
@rain @hramrach oh yes, C is a language full of pitfalls and warts, I am not saying otherwise.
(DIR) Post #AcmXAWA5rDuQcBRxpY by rain@hachyderm.io
2023-12-13T23:07:37Z
0 likes, 0 repeats
@hramrach @bagder I definitely don't think the curl devs are "dumb" for not using Rust, I think the arguments are sound even if I wish the balance of concerns was in the other direction