This is bug #2628: https://github.com/mozilla/rust/issues/2628
After hacking on Servo I feel very strongly about this now. The vast majority of exploitable crashes are in code that Rust considers safe. In fact, I feel that if we *don't* do this, then we aren't any safer than C++ in a practical sense, despite all our efforts. A security auditor has to consider whether the target of every single call expression in safe or unsafe code could possibly alias an extern "C" function.
Patrick _______________________________________________ Rust-dev mailing list [email protected] https://mail.mozilla.org/listinfo/rust-dev
