Jeez, I love Rust as much as the next guy, but people in this thread are getting weirdly defensive about it.
Yeah, so some standard libraries don’t offer that particular feature, what’s the point? They also don’t “offer” that vulnerability then. I can’t even twist my mind around to see what kind of argument this is supposed to be.
Yes, the Windows API is a cesspool in many places, and yes, other standard libraries might still be affected by a similar issue, but Rust’s stdlib also fucked it up. If you offer an interface, it’s your responsibility to ensure it does what you claim, not matter how batshit insane the underlying 3rd party implementation might be. If you can’t do that, I’d actually prefer if you didn’t offer said interface. In any case, they handled the issue, and now it’s hopefully fixed. That’s fine, commendable job.
I agree the headline could have been worded differently, but we can still use Rust, it’s still a great language, great goals etc., why try so hard to make it look like there wasn’t an issue?
You are not your standard library, you have not been defiled. You can still open that bedside drawer and put on your little purity ring every morning if that’s your thing, we won’t judge you, just don’t be all weird about it.
abhibeckert@lemmy.world 7 months ago
Once again this is not a Rust vulnerability.
This is a Windows vulnerability and Rust is simply the first set of tools to implement a workaround - since Microsoft can’t do it without breaking backwards compatibility.
breadsmasher@lemmy.world 7 months ago
If the issue is caused by rust not escaping arguments, and fixed by rust properly escaping arguments, how is it not a rust issue?
Giooschi@lemmy.world 7 months ago
Because Rust is not the only language that made this faulty assumption. It is an issue that affects Rust’s stdlib, just like it is an issue that affects Python’s stdlib and other libraries. In fact this was first reported as a vulnerability to yt-dlp (where it was actually exploitable) and then discovered it applied to many other libraries (where the exploitability is highly dependent on how the feature is used).
Rust here is only used as clickbait because of its aim to be “safe”, but it’s position is no different from other languages.
If you read the article from the researcher that discovered the vulnerability you’ll see they never call out Rust in particular, only as part of a list of languages that are affected. flatt.tech/…/batbadbut-you-cant-securely-execute-…
5C5C5C@programming.dev 7 months ago
If the issue exists in the standard library of every language that provides this capability and Rust’s standard library is the first to fix it, how is it a Rust issue?
It would be more accurate to say that it’s an issue in almost every language EXCEPT Rust at this point.
The only reason it isn’t being called a C or C++ issue is because their standard libraries don’t even attempt to offer this capability. But you can bet that all sorts of C/C++ libraries that do offer this, like Qt, will also be having this issue.
baru@lemmy.world 7 months ago
That Windows API is terrible. There isn’t a way to have the escaping done for you. Further, there is not an API where you do not need to do the escaping. There is no documentation on what kind of escaping is needed.
It’s not a Rust problem.
kbin_space_program@kbin.run 7 months ago
Because when it's a rust issue, clearly something else is at fault.
Frankly I'm more concerned about Java's wont fix
DreamlandLividity@lemmy.world 7 months ago
If windows does not document features of their API that would require escaping, how is it a Rust issue they had no way of knowing escaping is necessary? Its Windows whose API is not following the documented behavior/has undocumented behavior.
lazynooblet@lazysoci.al 7 months ago
Both the article and the CVE description point to how Rust handles escaping for CMD arguments. If it’s not a Rust issue then can you explain?
5C5C5C@programming.dev 7 months ago
Because this is the status of the bug across the standard libraries of various languages, per this article and others:
Notably C and C++ are missing from this list because their standard libraries don’t even offer this capability. Half of these standard libraries are responding to the issue by just warning you about it in the function documentation. Rust is one of the few that actually prevents the attack from happening.
The original BatBadBut bug report used JavaScript to illustrate the vulnerability.
baru@lemmy.world 7 months ago
I explained it elsewhere, but basically: an API that needs undocumented escaping doesn’t immediately make you think that the API has huge issues?
rottingleaf@lemmy.zip 7 months ago
If you read it more attentively, no, it does say that.
I dislike all the “rewrite it in Rust to be secure” bros, but not such a case here.