How to become an author
Search
Write a publication
Pull to refresh

Comments 1

CVE-2022-21658 из раста как-то потерялась https://blog.rust-lang.org/2022/01/20/cve-2022-21658.html

Ее, конечно, спешно поправили (в Rust std), но подобные уязвимости остаются в С++ и никому нет до этого никакого дела.

Yes, all three libstdc++, libc++ and MS STL have the same vulnerability. And it's not just a question of implementation: <filesystem> specification is long known to be prone to TOCTOU problems, since it uses paths to refer to files. There were proposals to introduce TOCTOU-safe interface (P1031 and P1883) but these did not progress for some time.

https://www.reddit.com/r/rust/comments/s8h1kr/security_advisory_for_the_standard_library/htg6z6j/

This comment wasn’t rated yet0
Sign up to leave a comment.

Your account

Sections

Information

Services

Support
© 2006–2024, Habr