whos the video by

some small youtuber

it was pretty interesting ngl

@glossy hatch @sonic tusk thoughts on a (funnier) README? https://github.com/Speykious/cve-rs/tree/test-new-readme

once i get one confirmation i'll go ahead and merge it

I think I largely prefer the periods to the exclamation marks

Makes it look more professional which contrasts even more with the repo lol

haha you have a point

Literally

like, with "you can corrupt your program's memory without corrupting your program's memory!"

everyone else who* contributed

whoops

nah that ain't it

i thought it was funny

:/

Here I'd have several options

• "Yes."
• "This project is licensed under the GLWTSPL."

Or something about reiterating that there's no unsafe blocks xD

like this?

Yeah haha

aight any other comments on https://github.com/Speykious/cve-rs/tree/test-new-readme before i push?

Other than that, fire section

fire as in, like, good section...?

yes

(sorry that was ambiguous lol)

haha nw

can i add an "...and godspeed." at the end

the gif doesn't load in vscode so just pretend it's there

$ cargo install cve-rs
$ cve-rs
``` not a fan of prepending dollar signs because it makes it slightly harder to copy-paste

so just

cargo install cve-rs
cve-rs

?

yeah

or removing the second line altogether

ok

with dollar signs you gotta manually select it, without you can just triple-click

sounds good 👍

any other comments or am i ok to merge?

push your changes first

yea that's what i meant

https://github.com/Speykious/cve-rs/tree/test-new-readme

pushed

## Wait, how safe is cve-rs?!?

This project is licensed under the [GLWTSPL](/LICENSE).
``` da hell

The response was my idea :p

whaddya think

previously it was

## Wait, how safe is cve-rs?!?

lmao

I think it looks like you copy-pasted the other thing and forgot to put something funny there

i think it's fine

hmmmmmm

soooo final consensus?

i like

aight, imma merge it if there are no serious qualms about it

I think I know what's happening with my transmute

I'm using Option and it would be optimised for some types but not others

so if you go from a type it would be optimised for, to a type it wouldn't, you have issues

and honestly idk what to do about that

if I just transmute references there's no issues at all; but then you can't transmute owned types

LMAO

i mean

that is a true answer

something like https://github.com/Speykious/cve-rs/issues/13#issuecomment-1957880936 ?

the commenter has a pretty good solution afaik

Dam

Hey @frank pier

all checks have passed
https://github.com/Speykious/cve-rs/pull/26

trying it now

looks like it could work

IT WORKED

HOLY SHIT

THAT GUY IS A GENIUS

Also the current implementation works without black_box or inline(never)

https://github.com/Speykious/cve-rs/issues/13#issuecomment-1962396685

I still can't believe this outperforms the standard library.

that's so fucking funny to me

Now my PR is a place for educating children

they're right, actually

https://doc.rust-lang.org/alloc/sync/struct.Arc.html#impl-Sync-for-Arc<T,+A>

see the bounds

I meant to bring this up before and then forgot

Ah, I see

I don't understand why though

Sync is if it is safe to send a reference something between threads, not if you actually can

If I have a RefCell it wouldn't be Sync and so Arc shouldn't make it Sync either

yeah i guess so

but this is the same even for like mutex

mutex is Sync

ok it requires send

and it makes non Sync things Sync

hmmm

Is there a thing that makes non-send things send

^

Maybe Mutex<T> should be used then

Kinda weird that Arc isn't that, I thought it would be 7_7

it's never safe to do

Send means you can move shit between threads

you shouldn't do that with like a thread local

https://doc.rust-lang.org/std/sync/struct.Exclusive.html#impl-Send-for-Exclusive<T>
this will but unstable nvm im blind

It's not safe to move an Arc<T> of a non-send T between threads?

yes

probably a common example is https://doc.rust-lang.org/proc_macro/enum.TokenTree.html

yeah i was wrong anyways

pointers

hmmmm

CLI arguments

weird

didn't see that coming

oh OH

the most clear example

ok yeah that makes sense

i think we're just going to have to require send

Also needed __cdecl and const

Yeah, we have to require Send

I mean

You can technically cast Ref<T> into Ref<()> so 🤷

hmmmmmmmmmmmmmmmmmmmmmmmmmmmmmmm

yeah ig if it works it works

Since black_box and #[inline(never)] were only needed for stack spamming :v

ah

ic

nice!

Embedded systems could really do with memory-safe memory unsafety.
Amen

nooooo the o(log n) curse has proven true

it's weird how mine doesn't have the bump

ah

it was caching

ctrl + f5

Insane 2k stars

it could also be parabolic

no
it's cubic
it's going to go back up into the stratosphere

🚀 🚀 CVE-RS CLIMBIN THE RANKS 🚀 🔥

trait Trans<T> {
    fn cast(self) -> T;
    fn cast_ref(&self) -> &T;
    fn cast_mut(&mut self) -> &mut T;
}
impl<T, T2> Trans<T2> for T {
    fn cast(self) -> T2 {
        let val: &mut AlignedOption<T2, T> = exploit(&mut AlignedOption::Some::<T, T2>(self, []));

        let AlignedOption::Some(val, _) = mem::take(val) else {
            unreachable!()
        };
        val
    }
    fn cast_ref(&self) -> &T2 {
        exploit(self)
    }
    fn cast_mut(&mut self) -> &mut T2 {
        exploit(self)
    }
}

so you can just do val.cast() now to change it's type

the trans joke brainrot is real; i am so tempted to call it gender_swap, temporary_gender_swap, and temporary_gender_swap_mut

lmfao https://github.com/Speykious/cve-rs/issues/27

https://private-user-images.githubusercontent.com/42136194/307065138-67ccdb71-153e-471f-bf8d-b22858aa5b05.png?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJnaXRodWIuY29tIiwiYXVkIjoicmF3LmdpdGh1YnVzZXJjb250ZW50LmNvbSIsImtleSI6ImtleTUiLCJleHAiOjE3MDg4MTQ3MTIsIm5iZiI6MTcwODgxNDQxMiwicGF0aCI6Ii80MjEzNjE5NC8zMDcwNjUxMzgtNjdjY2RiNzEtMTUzZS00NzFmLWJmOGQtYjIyODU4YWE1YjA1LnBuZz9YLUFtei1BbGdvcml0aG09QVdTNC1ITUFDLVNIQTI1NiZYLUFtei1DcmVkZW50aWFsPUFLSUFWQ09EWUxTQTUzUFFLNFpBJTJGMjAyNDAyMjQlMkZ1cy1lYXN0LTElMkZzMyUyRmF3czRfcmVxdWVzdCZYLUFtei1EYXRlPTIwMjQwMjI0VDIyNDAxMlomWC1BbXotRXhwaXJlcz0zMDAmWC1BbXotU2lnbmF0dXJlPTNlMjI4NDYxZDk1M2E5NTUyYTcxMWJiZGRhYzgyNTJjNWJiOWMyZjdlMzJkNTcxODc5YTk4Yjk3ZmFhYjBiNzAmWC1BbXotU2lnbmVkSGVhZGVycz1ob3N0JmFjdG9yX2lkPTAma2V5X2lkPTAmcmVwb19pZD0wIn0.QObBW1O1WeGkl64U373M9H_UOoRfzpuTb_ySxT934gg

@terse minnow is this what you got adding exports?

I'm not sure what to do about this

i kinda hate to allow unsafe for such a smol thing but i dont think there's another way to have our c(++) support

Bruh the transmute demo broke with my new transmute

Everything else works though...

also trans breaks with my new transmute
everything else works tho

Old but Involuntarily Celibate doesn't include insecurity as a term

sounds like something an incel would say

???

There is no unsafe in my thing

Also screenshot doesn't load

image seems to be a private link unfortunately

bruh what

i copied it from github

and it loads for me

it would

that's what private means, don't it?

Discord isn't signed in to github

It's a separate browser

maybe copy the image instead of linking to it?

yea

ill do it later

third party cookies exist
also browser cache exists

idk I'm just the janitor

I'm using the discord app

it's never signed in to github

idk dude

u_u

Maybe we could link to that video in the docs?

Or the readme idk :v

rust was dropping the data before i transmuted it lol

I added a test so it doesn't break in the future

cve-rs on  main [$!] is 📦 v0.6.0 via 🦀 v1.76.0
❯ cargo r segfault
    Finished dev [unoptimized] target(s) in 0.01s
     Running `target/debug/cve-rs segfault`
Nah, I'd wizsh: segmentation fault  cargo r segfault

yes or no

The text could be "Hey this isn't working! This isn't segfaulting!", mayhaps?

So it reads "Hey, this isn't workzsh: segmentation fault"

https://github.com/Speykious/cve-rs/issues/28 @glossy hatch @sonic tusk thoughts?

Oh yeah saw that this morning

I didn't know about SIGBOVIK at all lol

but yeah why not

i mean... do we just submit it or do we have to write an article? i'm not entirely sure abt how this works

me neither :v

we're (most likely) not gonna go there in-person to give a talk

so the only other option on the site is to submit a paper

which... i've never done before :P

the description of cve-rs definitely does sound like a sigbovik article tho 😭 though looking at the actual contents idk if cve-rs is complex enough to warrant an article

I think it's quite interesting, because Rust itself is complex enough that talking about the soundness hole would be interesting like that

yeah but the explanation is (comparitively) quite simple

and i fear that the rest of the papers will make ours look kinda elementary in comparison

Especially with Residual Entropy's videos

hm

lol i c

idk xD

Submitting a readable paper wouldn't be bad, would it?

you should link that, that sounds interesting

sigbovik seems centered around complex, useless, but fun computer science

(at least that's what i think)

https://sigbovik.org/2023/proceedings.pdf

starts at page 114

some of these papers are pretty funny tho

i mean no some of these are simpler

s e m i c o l o n

i feel like we wouldn't be the simplest paper there

hey i mean

are y'all down to write a (possibly nonserious) paper?

I could offer help if possible/helpful 👉👈

If this is in there then surely we can be there lol

yep

i think something like:

1. introduction (rust is a "safe" language, we found a soundness hole)
2. explanation of the soundness hole and why it works
3. explanation of stack abuse transmute (and how we found out it didn't exactly work) (+uaf? does that use stack abuse?)
4. explanation of enum abuse transmute
5. explanation of buffer overflow, segfault, etc. with transmute

there are plenty of papers in there written in a non-serious tone as well i'd think we'd fit right in

uaf is honestly the earliest example xd

it doesn't try to abuse the stack

lol yeah fair

but it has tons of inline never and stuff to make it more predictable

we can discuss uaf in the intro then

I'm sure it segfaults in some instances and just reads garbage memory in another

mhm

but since it's to demonstrate a uaf it's fine

yep

anyways i'm down for writing a short ish paper

If we do I'm definitely including the for<'x, 'y> into the explanations

mhm yep

I swear Residual Entropy made the soundness hole clearer for me and at the same time made me understand why for<'lifetime> is a thing

nice

what's residual entropy?

I've not heard of SIGBOVIK before

it sounds like it could be fun tho

I can also push the new transmute and we can maybe write about it too

the person who made the youtube vid about cve-rs

annual collection of interesting papers about useless/impractical computer science

residual entropy released another vid as well https://www.youtube.com/watch?v=fdu6OcQX5gE

bruh there's a second???

the pokemon cards lmfao

lol

how about that

i feel like there's a really funny message we could put there

sazsh

"Remember, never have unprotectedsegmentation fault"

assuming you can exactly control the length of text before the segfault

lmfao

+1 to that

I'm printing a message and just using stdout.flush()

It's not actually interrupting a print

Brilliant, yoink

:3

nooo terrible news

the new transmute doesn't outperform std on my linux desktop

it does on my m1

:c

Wait nvm it does

ok it's much closer on linux than it was on mac, it was consistently faster on mac

oh well

https://github.com/Speykious/cve-rs/tree/new-transmute

jesus that's a long comment

in src/transmute.rs

Wait, does rustc let me have a look at the LLVM IR or the assembly code it's compiling down to?
I wanna go check out each trasmutes assembly code

probably in the build files somewhere?

yeah im gonna move it xd

omfg it's going back up!!!

yeah

:O

looks great, lemme pull and bench

It is literally a command
cargo rustc -- --emit asm

oh nvm then lol

Lmao

new crate transmute is ~100ns slower (like 1%) than the std one on my laptop!

:D

also wtf the transmute implementation with trait Object is wild

great work!

yeah it uses traits because apparently rust doesn't check associated types for trait objects

that is

actually really nice

this right here

yeah i saw that -- is there a rust issue about this?

probably

yeah lol

I didn't find it

I looked at the issue and then improved its code

shoot i forgot to link the issue didn't i

should do that before merging

yea there's no link in there

otherwise, lgtm 👍

also need to move the documentation and clean it up

so it's not just

[imposing wall of text]

yea i can help with that if you'd like

honestly, I think I just want to write a blog post about it

and link to the blog post

also:

/// This is where [`Option`] comes in. The default value for an option is `None`, which
/// doesn't have to store any data. This means you can use `take` with *any* data, just
/// by wrapping it in an option; you take the data from `Some`, and replace it with `None`,
/// which doesn't require you to generate any data. So, basically, to get around LLVM errors
/// and the borrow checker, we actually transmute `&mut Option<T>`; this creates a pointer,
/// which LLVM is okay with casting, and borrow that can be taken with [`core::mem::take`]
/// to get back the owned data.

im pretty sure Option<T> just has a take() function right?

so you don't have to use mem::take

it uses mem::replace under the hood, with a note to use mem::take

so it's basically the same

I don't have a take method for alignedoption

is why I didn't mention it

i see

maybe i should explain that

yea probably

So the old one I can look at but the new one gets mangled so the function names are generic, and there's like 50 of them. Old one is actually really efficient. Only one stack push/pop and very few jumps

old one as in the aligned option enum abuse?

ye

I mean, really all it should do is cast the pointer

Ye. but compiler optimised assembly is, very interesting.

compiler will do insane things that look wierd but are actually better

doubt there's anything better than just returning the address :p

valid

So we're using two exploits now?

This is wild... xDDD

yup lmao

and the second outperforms std

wait outperforms std?!?!? but that's not possible bc std transmute is a no-op...

still crazy though

kek

actually it's a call to a function

it's extern unsafe, so it may or may not lack some optimizations

?

experimentation confirms transmute is not in fact a function call https://godbolt.org/z/v45EaMf6b

transmute is just a way to bypass the type system of rust

i'd chalk the performance increase up to experimentation inconsistency

idk this is intrinsics stuff

no idea how that works

<w>

look at the benchmarks

lel

did you post them?

run them

I did though

i did run them

cve_rs transmute is 100ns slower

than std transmute

😔

https://github.com/Speykious/cve-rs/issues/13#issuecomment-1962396685

it's faster on my laptop

on my desktop, i ran it twice, first time std was faster, second time ours was

the difference isn't big but I was getting it reliably

random suggestion

can you swap the order of the crate transmute and std transmute in the benchmark

i.e. run the crate transmute at the end

and see if the performance increase persists

heh

swap the positions of the bench_function calls

like this

    c.bench_function("std transmute [f64; 1024] -> [u8; 8192]", |b| unsafe {
        b.iter(|| std::mem::transmute::<[f64; 1024], [u8; 8192]>(black_box([1.0; 1024])));
        b.iter(|| std::mem::transmute::<[f64; 1024], [u8; 8192]>(black_box([420.69; 1024])));
        b.iter(|| std::mem::transmute::<[f64; 1024], [u8; 8192]>(black_box([f64::NAN; 1024])));
    });
    c.bench_function("cve_rs transmute_old [f64; 1024] -> [u8; 8192]", |b| {
        b.iter(|| {
            cve_rs::transmute::transmute_old::<[f64; 1024], [u8; 8192]>(black_box([1.0; 1024]))
        });
        b.iter(|| {
            cve_rs::transmute::transmute_old::<[f64; 1024], [u8; 8192]>(black_box([420.69; 1024]))
        });
        b.iter(|| {
            cve_rs::transmute::transmute_old::<[f64; 1024], [u8; 8192]>(black_box([f64::NAN; 1024]))
        });
    });
    c.bench_function("cve_rs transmute_ref [f64; 1024] -> [u8; 8192]", |b| {
        b.iter(|| {
            *cve_rs::transmute::transmute_ref::<[f64; 1024], [u8; 8192]>(&black_box([1.0; 1024]))
        });
        b.iter(|| {
            *cve_rs::transmute::transmute_ref::<[f64; 1024], [u8; 8192]>(&black_box([420.69; 1024]))
        });
        b.iter(|| {
            *cve_rs::transmute::transmute_ref::<[f64; 1024], [u8; 8192]>(&black_box(
                [f64::NAN; 1024],
            ))
        });
    });
    c.bench_function("cve_rs transmute [f64; 1024] -> [u8; 8192]", |b| {
        b.iter(|| cve_rs::transmute::<[f64; 1024], [u8; 8192]>(black_box([1.0; 1024])));
        b.iter(|| cve_rs::transmute::<[f64; 1024], [u8; 8192]>(black_box([420.69; 1024])));
        b.iter(|| cve_rs::transmute::<[f64; 1024], [u8; 8192]>(black_box([f64::NAN; 1024])));
    });

yeah i know

ok i didnt put it last

i mean i was more thinking the slice as the overhead of the small transmutes mostly comes from the loop...

still faster xd

hm

¯_(ツ)_/¯

i guess it just is faster than

Those are the small ones

But yeah I don't think order is the issue here

If anything that ought to give std the advantage because it'll have warmed up by then

Ok I reran and it was 4ps slower this time

So it's inconsistent unfortunately

But I've run it a lot and most times cve rs was a bit ahead

Large still was faster

i wouldn't draw a conclusion from that though...

Though interestingly it did slow down

Why

Like it's regularly getting around the same time and is usually slightly faster

no i mean

i mean

yeah ig we could say that it's faster in some situations

but it seems like it's too inconsistent to make a generalized statement

maybe

I just mean I've run this a bunch and the majority of times it comes out on top

I think the difference is small enough that it could be messed up really easily

so I'm just going by what I see most of the time

FASTER🚀than RUST STD!!!!¹

||¹sometimes||

faster than blazingly fast

multipurpose library

it's a drop-in replacement for mem::transmute

Actually tho

what other hilariously unsafe things are there in rust

we've already got transmute and null references...

what if we made memcpy and memset from c to rust

Honestly idk what those are

We could add stuff to mutate read only structs and references

memcpy copies a section of memory to another and memset sets a region of memory to a specified byte

i'm thinking

pub fn memcpy(start: usize, len: usize, dest: usize) {
  // ...
}
pub fn memset(start: usize, len: usize, val: u8) {
  // ...
}

but yeah i mean we could do a make_mutable function but that's just a transmute

It is; trying to think if there's a cleaner thing we can add

Like that makes it easier

I could make cast_mut take &self instead of &mut self

pub fn<T> clone(val: T) -> (T, T) {
  let v1: T = {idk what the null init thing was};
  let v2: T = {idk what the null init thing was};
  memcpy(val, std::mem::size_of::<T>(), &v1);
  memcpy(val, std::mem::size_of::<T>(), &v2);
  (v1, v2)
}```

new clone function

:⁾

trait CveClone {
  fn clone(T: Self) -> (Self, Self);
}
impl<T: Sized> CveClone for T {
  // ...
}

to finally give everything a .clone method!

LOL

trait Breed

🫦

then i switch channels and see:

YES

we're getting closer!

Tris, we're coming for ya very quite fast

use std::cell::RefCell;

fn main() {
    let a = {
        let v = 0u8;
        &v as *const _ as usize
    };
    let b = {
        let v = 0u8;
        &v as *const _ as usize
    };
    let i = a - b;
    let arr = [
        RefCell::new(Some(Box::new(1))),
        RefCell::new(None),
        RefCell::new(None),
    ];
    assert_ne!(i, 0);
    let r = arr[i].borrow();
    let r = r.as_ref().unwrap();
    *arr[0].borrow_mut() = None;
    println!("{}", *r);
}

segfault

;compile

:P

Too overlycomplex

im lost lol

woah wait

that compiles?

no wait it would cause refcell

won't it error

https://github.com/rust-lang/rust/issues/107975 apparently it's this issue

cause it's borrowed immutably still

well lemme see how i can exploit this

ok so

;compile

fn f() -> usize {
    let v = 0;
    &v as *const _ as _
}

fn main() {
    let a = f();
    let b = f();
    println!("{a:?} == {b:?} evaluates to {}", a==b);
    println!("{a:?} == {b:?} evaluates to {}", a==b);
}

;compile

fn f() -> usize {
    let v = 0;
    &v as *const _ as _
}

fn main() {
    let a = f();
    let b = f();
    println!("{a:?} == {b:?} evaluates to {}", a==b);
    println!("{a:?} == {b:?} evaluates to {}", a==b);
}

:v

if I do this enough it will break

or it requires release mode

so this code asserts that i is NOT zero

Just do a buffer overrun in release mode

It'll be a segfault

I think in release mode this is ignored

since it's optimized out

which is what causes the segfault

im still confused lol

at compile assert_ne!(i, 0); is known to be true

hmm I wonder

ok and it uses that assert to optimise the code?

yes

if you put in a println!("{i}"); it stops working

so let i = a - b; doesn't actually exist

I am struggling to follow too though

ok so it's using compiler optimisations

wild

I didn't know an assert could do that

Somebody linked that if you assert something like i < 5, all indexing on arrays longer than 5 will not have bounds checks because it already knows its valid at compile time

I don't remember where

i'd think that it's something because of llvm realizing that the program would have crashed if the assertion failed so it doesn't need to do more checks

but then it miscompiles the assertion as passing when it shouldn't be

ah

that'd make sense

I can't even

this is

slkjdnfbslkjdnfbsjnkbfslndjfbjnksdfbnjsdl

I go to some server

and this is what happens

xDDDDDDDDDDD

LMAO

WHAT ARE THE ODDS

it's like I've been summoned fr

Smack em for being WRONG!

lmao

lmfao

did they realize you were the owner of the repo?

That user specifically hasn't responded yet lol

but now it's obvious

LMAO

i mean you can segfault python dont see what this person is talkin about

they're just seething and malding

(Python doesn't advertise with amazing memory safety)

(rust just advertises amazing memory safety compared to other non-gc langs)

the video is awesome

the youtube channel made yet another video! https://www.youtube.com/watch?v=qqgDuEi7OU0&themeRefresh=1

also they made a crate https://crates.io/crates/odd_is_odd

x as bool

that's not as fun though

huh that doesnt work

x>>2<<2==x

x & 1 == 1

well yeah but everyone knows that already

Hold on, isn't a boolean check just a nonzero check?

¯_(ツ)_/¯

we're checking if odd

or even

whatever

It transmutes a u8 into a bool

true

Why does it not tell that every number except 0 is odd?

Funny

transmute(x) where x is i8 is basically returning even or odd

til

Fixed

Happens to best of us
https://github.com/residualentropy/odd_is_odd/commit/e7cc2ab91e39d51911eebef9e6145132959f95aa

lmao

we're almost to 3k

How does the graph look?

Bruh spey was faster

Oh no

Wifi slo

There it go

0/10 do not recommend wifi at frc competitions

It's flat nooo 😭

we made 3k!

Woooo

Invest in cve-rs stars

We keep going up

Wooo

Where graph
[That meme template goes here]

stonks

oops

WE ACTUALLY FUCKING DID IT

LMOA

tris not being very happy because his 2-year long youtube archive has less stars than a shitpost

lol

projected growth rate

https://github.com/residualentropy/odd_is_odd

lmao

smart

I was looking for the meme is_odd crate

which I can't find now

other people: needs funny transmute to check for oddity
me: x & 1 😎 /j

what is this lmao

https://youtu.be/04gTQmLETFI

this

cve-rs appeared in there xd

it's kinda wild to know Nicholas Matsakis has said this

WHAT LMAO

God it keeps appearing

That's insane

I mean, it does exploit a bug

haha awesome!

timestamp is 21:06 for anyone wondering

https://github.com/rust-lang/rust-clippy/pull/12471

Clippy lint PR!

les go

When the compiler bug gets fixed, how much of a breaking change will it be?

Well it's a soundness hole, It shouldn't be there in the first place, so if you're writing actually safe rust code you'll never be affected by it

Yeah I don't think it's breaking

It's such a niche thing anyways that it's kinda impossible to accidentally exploit

Merge a commit into tokio that adds cve-rs as a dependency

ok mr. jia tan

• rewrites xz-utils in rust
• makes the project open-source on github
• account named mr. tan jia adds cve-rs as a dependency

in the memes channel of another server

ah yes

alert alert actual, real cve in rust on windows!
https://github.com/frostb1ten/CVE-2024-24576-PoC
https://github.com/rust-lang/rust/security/advisories/GHSA-q455-m56c-85mh

it would be funny if we implemented this in cve-rs

oh that one is old

Tbh that's a Windows CVE not a Rust CVE IMHO. Windows passes untokenised arguments even though the prompt input includes spaces and whatever normal delimiters.
arg" stuff here still goes to first arg slot
Now if you look at the first argument of that line it isn't arg" but the whole fucking line and when that's passed to a batch script then it splits and whatever is after " gets executed as a new command...

If Rust patches that then it's because Rust can't trust that when it expects tokenised arguments it would receive those... They should be tokenised but Nah...

It's both. The Rust standard library had implemented its own thing to handle that. Happens :v

I don't see how that's on Windows' end, beside the general inaccessible API

they just parse stuff differently than POSIX

it's not Microsoft's fault that the Rust devs assumed that, no?

or am I misunderstanding the issue

nah you're right

Their implementation just wasn't thorough enough

Lol
https://github.com/Speykious/cve-rs/issues/33

[stone]?
I thought it was a weight slash mass unit
*explodes*

stone is a mass unit

keep it alive!!!!

(https://github.com/Speykious/cve-rs/issues/27)

what

Made a pr that adds this to readme

Woah, how'd you make that? That's so neat

https://github.com/charmbracelet/vhs

woahhhhh

neat

awesome! i'm running ci for this as this might be a breaking api change

lmao

anyways yeah i'm gonna merge the pr (since idt anyone has any complaints about it)

actually, the gif does seem a bit slow...

eh whatever

it's probably fine :)

:)

That can be easily configured

Set Theme "Catppuccin Mocha"
Set FontFamily "JetBrainsMono Nerd Font"
Set Margin 20
Set MarginFill "#B4BEFE"
Set BorderRadius 10
Set Shell bash
Set TypingSpeed 0
Hide
Type "source vhs/config.bash"
Enter
Show
Set TypingSpeed 0.1
Type "bat examples/segfault.rs"
Enter
Sleep 5s
Type "cargo run --example segfault"
Sleep 5s
Enter
Sleep 3s

Maybe i can shorten the typing speed and wait time

Shortening the wait time is definitely good here

I'd say, set the typing speed to something like twice as fast as it is now

Then wait 1 or 2 seconds instead of 5 to start typing the next command

And wait no time to press enter

I've meant it to have a dramatic effect

I would set it to 2 seconds

i vaguely recall this being posted before but

;compile

trait Object<U> {
    type Output;
}

impl<T: ?Sized, U> Object<U> for T {
    type Output = U;
}

fn foo<T: ?Sized, U>(x: <T as Object<U>>::Output) -> U {
    x
}

fn llvm_failing_transmute<T, U>(x: T) -> U {
    foo::<dyn Object<U, Output = T>, U>(x)
}
fn transmute<T, U>(x: T) -> U {
    *llvm_failing_transmute::<Box<T>, Box<U>>(Box::new(x))
}

fn main() {
    println!("{:?}", transmute::<Vec<char>, [usize; 3]>(vec!['o', 'h', ' ', 'n', 'o']));
}

yea

more info: https://github.com/rust-lang/rust/issues/57893

Incredible

Think that's what I use in the new transmute branch?

Just skimming tho so idk

https://github.com/Speykious/cve-rs/assets/100917739/759ae52d-f5a9-47de-ad3d-c70f7aa9dcf8 Now it has shell completions

@sonic tusk opinion on whether the bloat of clap is worth it this time?

Idc

Meme project anyways...

lol xd

https://youtu.be/r0rocq3w5CU
I didn't realize because I discarded that video at first

Prime literally goes to cve-rs in that video.

I think there's a lot of his argument that is quite misleading. Left as-is he makes it sound like Rust doesn't solve anything because humans are flawed.

Remind me to leave a comment under that video in a few hours I guess. hey it's done now

Leave a comment under that video

Lol

Imma just steal a comment from that video:

This “Rust security vulnerability” affected

Erlang (documentation update)
Go (documentation update)
Haskell (patch available)
Java (won’t fix)
Node.js (patch will be available)
PHP (patch will be available)
Python (documentation update)
Ruby (documentation update)

Yes, Rust also had to fix it. You should change the title of the video, it’s clickbaity and not REALLY the truth, and I think whoever titled the video knows that.

Java (won't fix)

LMFAO WHAT XDDD

Gotta love java

Yeah I have no idea why fucking morons are calling this a rust issue. It's windows being an ungodly pile of fuckstained garbage

Oh no it is a Rust issue.

It's just not only a Rust issue, it's also an Erlang, Go, Haskell, Java, Node.js, PHP, Python and Ruby issue. And what it certainly isn't is a memory safety issue.

I mean. It's window's fault for allowing this bullshit though

Partially, yeah. But blaming all of it on Windows is like blaming memory safety issues of C on skill. Implementations did it wrong, let's just make sure we acknowledge that.

yeah fair

Wrote the lengthy comment
https://www.youtube.com/watch?v=r0rocq3w5CU&lc=UgxCJtf6lI-8yMr2op54AaABAg

Author of cve-rs here. I'm glad you like the repo and the license but I think the argument you're trying to justify is misleading.

TLDR: language design matters, not everything is black and white, and Rust is empirically doing an excellent job.

As other people have said already, this issue affected multiple other programming language ecosystems, because they also got it wrong, but this is not what's misleading about the argument this video presents. Even if only Rust had this issue somehow, it would still be misleading and way too close to something a C/C++ programmer would say to avoid recognizing the flaws of that language.

The important thing about this is that while it is a Rust implementation issue, it is not one related to Rust's memory safety guarantees in any capacity. People only talk about this CVE because the discussion often dilutes from talking about memory safety specifically to talking about safety in general. It happens very often, and frankly it is ridiculous. In a Discord server I'm active in, we sometimes had to tell beginners that Rust doesn't solve every safety problem on earth (it's quite literally impossible because of the halting problem) and that it just does its best to first and foremost erase a whole class of memory safety issues (which it does extremely well), and also is designed in a way that you can better think about the safety of your program in more concrete terms, with language constructs like ownership, and algebraic data types (enums) and other functional goodness that allow better analysis of the correctness of a program, without losing too much on productivity. Fundamentally, Rust is not and cannot be perfect when it comes to safety - no language can, and even if it was it would probably be very hard to use. So instead what it does is that it provides a safe environment where a lot of valid code exists, and an unsafe environment which allows more stuff to happen, with some guarantees that you have to make yourself before going back to safe. Essentially focusing on eliminating the false positives at the price of some false negatives that need to be done in unsafe.

Where I think your argument is misleading is that you use this Windows shell argument bug and cve-rs as instances that prove that at the end of the day there are always going to be bugs and that "bugs are a constant". No. The presence of bugs is a constant when you don't prove everything you do; the number of bugs however is the metric that endeavors such as Rust's language design aim to drastically reduce and manage to achieve concretely. At this point we're in 2024, we've already had tangible evidence that it works, like that article in 2022 of Google reporting net zero memory safety vulnerabilities in their Rust Android code, compared to an average of 1 CVE per 1000LOC on the C++ side.

Languages like Rust exist because all programmers are flawed and that we cannot rely on skill for everything. Implying that Rust's efforts, or whatever else, are a problem because bugs like these can occur is therefore completely absurd. It's even more absurd when you put things into perspective: the bugs that get the most attention in Rust are, seemingly, one logic bug that lots of other languages had, and a repo that makes a shitpost out of a tricky compiler bug that needs black magic to exist. Meanwhile in C/C++, memory safety vulnerabilities occur all the time, so much so that only a few of them get any attention at all. Like, if these are the most prominent bugs that Rust gets, that is a direct testament of Rust doing an excellent job at what it is supposed to achieve.

Can't wait for you to get inevitably "Um actually'ed" by people

I think out of everything I wrote, this is the sentence I'm gonna keep in my repertoire for a while

the bugs that get the most attention in Rust are, seemingly, one logic bug that lots of other languages had, and a repo that makes a shitpost out of a tricky compiler bug that needs black magic to exist.

it's been a few hours, comment under that video

:)

:)

already done lmao

you didn't specify that I shouldn't remind you if you already did it

:)

you've given me carte blanche clearance to ping you!

YOU FOOL

https://tenor.com/view/yugioh-no-u-no-you-reverse-uno-uno-gif-22508660

J'ACTIVE LA CARTE NOIRE

Reminding you to leave a comment under that video in a few hours you guess.

It sounds like you probably did it already but just in case here's a reminder to go comment on that video

Lmfao

A windows issue not rust issue /hj

it's a little bit of a mixture between the way Windows handles command-line arguments (that is, it doesn't, programs just get a string with everything) and the way Rust tries to apply an abstraction on top of that designed based on how Unix-likes handle them

Windows's way of doing it is still bad imo

Well I think windows is a hopeless case. Even if a wizard turned Microsoft into a good company, it's already so bad that the only solution is to discontinue it

The NT kernel itself is fine, I actually find its process scheduler to be really effecient. It's just that the dogturd OS they've slapped on top of it is dogshite and needs taking out behind the shed and shot

I heard this in another server:

I know people in basically every FAANG company
I know a guy who's become incredibly cynical from working at Microsoft on the NT kernel lol
I legit think he hates software development now

Well life could be so much easier if all OSes we used were unix

"WHy nOT uSe \ fOR paThS"

shut up

I think we should find a middleground and use | for paths

let's use spaces for path separators

Let's embrace Java and use dots

\r\n as path separator

As for the extensions, a NUL byte shall suffice

extension should be a GUID of the filetype

Yes

Documented as a note somewhere under NTFS documentation

(All operating systems use their own IDs)

No, path separator should be the word "in", and the path should be in reverse order, C:\foo\bar\baz should be bazinbarinfooinC

I bet you could configure this in TempleOS smh

the ideal OS

TempleOS? Haven't tried that for a while.

A perfect thing to do now

use a fork

Why would you use a fork to install an operating system

can you even control a computer with a fork

silly toby

you can't?

skill issue lmao

honestly, as much as this is a good educational comment, i dont think Prime will change.

heres my theory on whats going on: Prime has a personal grudge against some people somehow involved in Rust, and is using is not inconsiderable platform to get to them - by dragging the entire language through the mud any chance he can get, without making it too obvious thats what hes doing.

I think he just likes being contrarian for the views

At least I can provide context for other people looking at the comments so eh it's fine

i believe he is a contrarian AND a populist somehow

he believes the popular contrarian opinion

(car (cdr (sort opinions)))

tbh

if

rust isnt memory safe

python isnt either

People who actually say that are just either coping or missing the point

ikr

also

;compile

from ctypes import py_object

py_object.from_address(id(globals()) + 8).value = None```

._.

oh

Lel

ok but it works guys trust me

it triggers a segfault

i mean this is basically akin to using unsafe { } in rust... it's using a feature of the language that's deliberately unsafe to do unsafe memory shenanigans

if there were like a bug in the python interpreter that allows you to segfault without using ctypes or the like that would be cause for concern

;compile

x = lambda: 0
x.__code__ = x.__code__.replace(co_consts=())
x()

there we go

i couldnt really find it

;compile

exec((lambda:0).__code__.replace(co_consts=()))``` + a oneliner