search

Scille / parsec-cloud

Open source Dropbox-like file sharing with full client encryption !
https://parsec.cloud
Other
269 stars 40 forks source link

Oxidation overflow #2284

Open TimeEngineer opened 2 years ago

TimeEngineer commented 2 years ago

Observation

Arithmetic operations in rust can panic (overflow, division by zero, etc...)

In release mode, arithmetic operations will act like C, in modular arithmetic

Many alternatives are exposed in std lib:

These numeric values ​​are also exposed to user input (network for example)

What to do

?

FirelightFlagboy commented 2 years ago

~Could you provide more information on what this isssue is ?~

touilleMan commented 1 year ago

What should we do about that ?

My guess is we should ban non-checked arithmetic as much as possible, is there e.g. a clippy rule to enforce this ?