What you've described is a way of catching some memory-safety problems in C++ codebases. There's no easy way to catch them all. Even Chromium is riddled with memory-safety issues that result in serious security vulnerabilities. [0][1] We don't have a practical way of writing large and complex C++ codebases that are entirely free of memory-safety issues.
I don't know enough about Rust to comment on whether it does a better job than C++ on reference cycles, but my suspicion is that it does.
Chromium is a *way* legacy codebase, I think WebKit goes back to like Konqueror or something? Chromium is a very weird example to cite for modern C++ vs. modern Rust memory safety.
AFAIK avionics software is still largely written in Ada, because it won't let you fuck up meters vs feet type stuff. And if someone said: "Rust has a slam-dunk niche: we're going to crank static analysis past helpful to downright intrusive because sshd simply can't buffer overflow", I'd be like, yeah, ok.
But at the time I stopped using it, Alacritty couldn't handle meta keys on Big Sur, and I wanted to fix that, so I spent a weekend or two that I really couldn't spare trying to unfuck it, but between `print` not being obvious (because someone had already borrowed the thing I wanted to print out) and the build being slower than C++ I timed out.
OTOH Chrome has one of the best teams in the world working on it, funded by one of the richest companies in the world, with the best tools. And they take security very seriously.
A good point, but I imagine benreesman's counterpoint would be that things might be different if Chromium were written entirely in modern C++, strictly following modern best practices.
My suspicion is that this is too optimistic, but I can't really substantiate it.
What would be a good security-sensitive modern C++ codebase, ideally from a high-profile source like Google, to compare against?
I don't know enough about Rust to comment on whether it does a better job than C++ on reference cycles, but my suspicion is that it does.
[0] https://www.chromium.org/Home/chromium-security/memory-safet...
[1] Related discussion: https://news.ycombinator.com/item?id=26861273
reply