DOI QR Code
(Department of Electrical and Computer Engineering and Inter-University Semiconductor Research Center, Seoul National University)
;
(서울대학교 전기정보학부, 반도체 공동연구소)
;
Rust is a promising system programming language that made its debut in 2010. It was developed to address the security problems in C/C++. It features a property called ownership, on which it relies to mitigate memory attacks. For this and its many other features, the language has consistently gained popularity and many companies have begun to seriously consider it for production uses. However, Rust also supports safe and unsafe regions under which the foreign function interface (FFI), used to port to other languages, falls. In the unsafety region, Rust surrenders most of its safety features, allowing programmers to perform operations without check. In this study, we analyze the security issues that arise due to Rust's safety/unsafety property, especially those introduced by Rust FFI.
This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korean government (MSIT) (NRF-2020R1A2B5B03095204) and the BK21 FOUR program of the Education and Research Program for Future ICT Pioneers, Seoul National University in 2021.