trophy-case
book
trophy-case | book | |
---|---|---|
14 | 626 | |
394 | 14,290 | |
1.0% | 1.4% | |
2.8 | 8.7 | |
26 days ago | about 22 hours ago | |
Rust | ||
Creative Commons Zero v1.0 Universal | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
trophy-case
-
Rust from a security perspective, where is it vulnerable?
You could check cargo-fuzz trophy case, which is a list of issues that have been found via fuzzing.
-
capnproto-rust: out-of-bound memory access bug
I've added it to the trophy case.
-
[LWN] A pair of Rust kernel modules
That said, what's present in what quantities under what circumstances in the Rust fuzzing trophy case does a pretty good job of illustrating how effective the Rust compiler is at ruling out entire classes of bugs.
-
Looking for simple rust programs to crash
The same fuzzing techniques applied to Rust yielded a lot of bugs as well. But in Rust's case only 7 out of 340 fuzzer-discovered bugs, or 2%, were memory corruption issues. Naturally, all of the memory corruption bugs were in unsafe code.
-
Everything Is Broken: Shipping rust-minidump at Mozilla, Part 1
https://github.com/rust-fuzz/trophy-case has like 70 of my issues in it, including the nine minidump bugs
-
Fuzzcheck (a structure-aware Rust fuzzer)
If you have found any bugs with this tool, perhaps add them to the Rust fuzz trophy case?
-
Rust is more portable than C for pngquant/libimagequant
Source: https://github.com/rust-fuzz/trophy-case (over 40 of those are just from me).
-
Rust takes a major step forward as Linux's second official language
But to bring some data, check out the fuzz trophy case. It shows that failures in Rust are most often assertions/panics (equivalent to C++ exception) with memory corruption being relatively rare (it's not never—Rust isn't promising magic—but it's a significant change).
-
Shouldn't have happened: A vulnerability postmortem
You need to read the list more carefully.
• The list is not for Rust itself, but every program every written in Rust. By itself it doesn't mean much, unless you compare prevalence of issues among Rust programs to prevalence of issues among C programs. For some context, see how memory unsafety is rare compared to assertions and uncaught exceptions: https://github.com/rust-fuzz/trophy-case
• Many of the memory-unsafety issues are on the C FFI boundary, which is unsafe due to C lacking expressiveness about memory ownership of its APIs (i.e. it shows how dangerous is to program where you don't have the Rust borrow checker checking your code).
• Many bugs about missing Send/Sync or evil trait implementations are about type-system loopholes that prevented compiler from catching code that was already buggy. C doesn't have these guarantees in the first place, so lack of them is not a CVE for C, but just how C is designed.
- Safer usage of C++ in Chrome
book
-
Learning Rust: A clean start
My first port of call was to google learn rust which lead me to "the book". The book is a first steps guide written by the rust community for newbies (or Rustlings as they're called) to gain a 'solid grasp of the language'.
-
Prodzilla: From Zero to Prod with Rust and Shuttle
Before Prodzilla, I’d read 'The Book' a couple of times, and had made my way through Rustlings, but hadn’t yet built a serious project in Rust.
-
Help me stop hating rust
To answer your last question;
Start with the Rust book.
https://doc.rust-lang.org/book/
Then do Rustlings until the syntax becomes muscle memory.
Then join the Discord and start doing little projects.
You won’t get up to the proficiency of other languages as quickly in Rust. It takes longer. For me it’s taking a lot longer, but I enjoy it.
-
Top 10 Rusty Repositories for you to start your Open Source Journey
Before diving into these repositories, familiarize yourself with Rust and its development ecosystem. The official Rust book is an excellent resource for developers at all levels. Each repository has documentation on how to contribute, covering code style, issue tracking, and pull requests.
-
Command Line Rust is a great book
This is my third Rust book after the official book and Rust in Action. The other two books are great, but they were too theoretical for me. I'm a slow learner and had much trouble grokking Rust's features and idiosyncrasies. When I was done with these books, I was lost and unsure of what I could do.
- Advice Sought: Double down on Solidity dev or switch to Product?
-
Nim
It's the same reason everything digital and downloadable isn't free: there's a cost to create it and there's a value to it.
For a language developer to charge for a book about that language, I think that's a completely valid way to make some money off of their work.
Even the Rust book, "The Rust Programming Language" is available freely online [0], but also as a print and ebook for sale via NoStarchPress [1].
[0] https://doc.rust-lang.org/book/
[1] https://nostarch.com/rust-programming-language-2nd-edition
-
Systems programming - Rust
You know you can just read it online right now in 2 different variants It does contain some systems programming.
-
Ask HN: How do you learn Rust in 2023?
I am looking at The Book (https://doc.rust-lang.org/book/), but hoped there was an amazing person on youtube.
Yeah, I'll build something, finally trying webassembly.
-
Give me the best Resources to learn Rust
https://doc.rust-lang.org/book/ https://github.com/rust-lang/rustlings https://doc.rust-lang.org/rust-by-example/
What are some alternatives?
diem - Diem’s mission is to build a trusted and innovative financial network that empowers people and businesses around the world.
rust-by-example - Learn Rust with examples (Live code editor included)
go-fuzz - Randomized testing for Go
Rustlings - :crab: Small exercises to get you used to reading and writing Rust code!
gccrs - GCC Front-End for Rust
solana-program-library - A collection of Solana programs maintained by Solana Labs
BLAKE3 - the official Rust and C implementations of the BLAKE3 cryptographic hash function
nomicon - The Dark Arts of Advanced and Unsafe Rust Programming
bitwarden_rs - Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs [Moved to: https://github.com/dani-garcia/vaultwarden]
github-cheat-sheet - A list of cool features of Git and GitHub.
go - The Go programming language
rust - Empowering everyone to build reliable and efficient software.