<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title></title>
</head>
<body>
<div name="messageBodySection">
<div dir="auto">Good point. You can turn the checks on, but see this discussion about the default: <a href="https://github.com/rust-lang/rust/issues/47739">https://github.com/rust-lang/rust/issues/47739</a></div>
</div>
<div name="messageSignatureSection"><br />
<div class="matchFont">../Dave</div>
</div>
<div name="messageReplySection">On Jun 20, 2019, 12:26 AM -0400, D. Hugh Redelmeier via talk <talk@gtalug.org>, wrote:<br />
<blockquote type="cite" class="spark_quote" style="margin: 5px 5px; padding-left: 10px; border-left: thin solid #1abc9c;">| From: D. Hugh Redelmeier via talk <talk@gtalug.org><br />
<br />
| Rust does a few things that are relevant (I think -- I've not actually<br />
| used Rust):<br />
<br />
| - unfortunately, I think that Rust only catches integer overflow in<br />
| debug mode. That's a mistake, but it's probably because checking is<br />
| considered too expensive.<br />
| <http://huonw.github.io/blog/2016/04/myths-and-legends-about-integer-overflow-in-rust/><br />
<br />
A very recent CVE against the Linux kernel exploits integer overflow<br />
CVE-2019-11477: SACK Panic (Linux >= 2.6.29)<br />
<https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-001.md><br />
---<br />
Talk Mailing List<br />
talk@gtalug.org<br />
https://gtalug.org/mailman/listinfo/talk<br /></blockquote>
</div>
</body>
</html>