stv0g
commented
1 year ago Go is designed to be a memory-safe programming language. Memory safety refers to a language's ability to prevent certain classes of memory-related errors, such as buffer overflows, null pointer dereferences, and memory leaks. Go achieves memory safety through several language features and design choices:
- Garbage Collection: Go uses automatic garbage collection to manage memory, meaning the language runtime automatically handles memory allocation and deallocation. This helps prevent common memory-related bugs like memory leaks.
- Slices and Bounds Checking: Go's slices are bounds-checked, meaning the runtime checks array/slice accesses to ensure they stay within the bounds of the underlying memory. This helps prevent buffer overflows and related vulnerabilities.
- Strong Typing: Go is statically typed, and its type system helps catch many memory-related errors at compile-time.
- Pointers and Safety: While Go allows the use of pointers, it restricts direct memory manipulation and provides some safety measures like nil pointer checks.
However, it's important to note that no programming language can guarantee absolute memory safety. Developers must still be mindful of their code, write safe and secure practices, and follow best practices to minimize potential memory-related issues.
In Go-code, the memory safety guarantees can be circumvented by the use of the unsafe package which permits arbitrary memory access and can loose type safety.
As a security critical software component, go-rosenpass does not make use of the unsafe package.
See also
- https://www.memorysafety.org/docs/memory-safety
- NSA's Cybersecurity Information Sheet about Software Memory Safety
Future improvements
- Add CI checks to check against usage of
unsafepackage (see #58).
By @koraa in https://github.com/stv0g/go-rosenpass/issues/27#issuecomment-1604366038
Severerity: N/A – What is the situation with regards to buffer overflows, use-after-free errors in go?