Abstract
Memory safety is a critical concern in software development, as related issues often lead to program crashes, vulnerabilities, and security breaches, leading to severe consequences for applications and systems. This paper provides a detailed analysis of how Rust effectively addresses memory safety concerns. The paper first introduces the concepts of ownership, reference and lifetime in Rust, highlighting how they contribute to ensuring memory safety. It then delves into an examination of common memory safety issues and how they manifest in popular programming languages. Rust’s solutions to these issues are compared to those of other languages, emphasizing the benefits of using Rust for enhanced memory safety. In conclusion, this paper offers a comprehensive exploration of prevalent memory safety issues in programming and demonstrates how Rust effectively addresses them. With its encompassing mechanisms and strict rules, Rust proves to be a reliable choice for developers aiming to achieve enhanced memory safety in their programming endeavors.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Caballero, J., Grieco, G., Marron, M., Nappa, A.: Undangle: early detection of dangling pointers in use-after-free and double-free vulnerabilities. In: Proceedings of the 2012 International Symposium on Software Testing and Analysis, pp. 133–143 (2012)
Grottke, M., Trivedi, K.S.: A classification of software faults. J. Reliab. Eng. Assoc. Jpn. 27(7), 425–438 (2005)
Jiang, H., Wang, L., Tao, X., Hu, H.: RHE: relation and heterogeneousness enhanced issue participants recommendation. In: Xing, C., Fu, X., Zhang, Y., Zhang, G., Borjigin, C. (eds.) WISA 2021. LNCS, vol. 12999, pp. 605–616. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-87571-8_52
Jung, R., Jourdan, J.H., Krebbers, R., Dreyer, D.: RustBelt: securing the foundations of the rust programming language. Proc. ACM Program. Lang. 2(POPL), 1–34 (2017)
Klabnik, S., Nichols, C.: The Rust Programming Language. No Starch Press (2023)
Lhee, K.S., Chapin, S.J.: Buffer overflow and format string overflow vulnerabilities. Softw. Pract. Exp. 33(5), 423–460 (2003)
Matsakis, N.D., Klock, F.S.: The rust language. ACM SIGAda Ada Lett. 34(3), 103–104 (2014)
MITRE: CVE record \(|\) CVE. https://www.cve.org/CVERecord?id=CVE-2020-0081. Accessed 25 June 2023
MITRE: CWE - 2022 CWE top 25 most dangerous software weaknesses. https://cwe.mitre.org/top25/archive/2022/2022_cwe_top25.html. Accessed 24 June 2023
MITRE: CWE - CWE-415: Double free (4.11). https://cwe.mitre.org/data/definitions/415.html. Accessed 24 June 2023
MITRE: CWE - CWE-476: null pointer dereference (4.11). https://cwe.mitre.org/data/definitions/476.html. Accessed 24 June 2023
Rust Community: Rust programming language. https://www.rust-lang.org/. Accessed 24 June 2023
Rust Community: The rustonomicon. https://doc.rust-lang.org/nomicon/. Accessed 25 June 2023
Serebryany, K., Iskhodzhanov, T.: ThreadSanitizer: data race detection in practice. In: Proceedings of the Workshop on Binary Instrumentation and Applications, pp. 62–71 (2009)
Stepanov, E., Serebryany, K.: MemorySanitizer: fast detector of uninitialized memory use in C++. In: 2015 IEEE/ACM International Symposium on Code Generation and Optimization (CGO), pp. 46–55. IEEE (2015)
Szekeres, L., Payer, M., Wei, T., Song, D.: SoK: eternal war in memory. In: 2013 IEEE Symposium on Security and Privacy, pp. 48–62. IEEE (2013)
Wikipedia contributors: Dangling pointer—Wikipedia, the free encyclopedia (2023). https://en.wikipedia.org/w/index.php?title=Dangling_pointer&oldid=1155171462. Accessed 24 June 2023
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Xu, B., Chu, B., Fan, H., Feng, Y. (2023). An Analysis of the Rust Programming Practice for Memory Safety Assurance. In: Yuan, L., Yang, S., Li, R., Kanoulas, E., Zhao, X. (eds) Web Information Systems and Applications. WISA 2023. Lecture Notes in Computer Science, vol 14094. Springer, Singapore. https://doi.org/10.1007/978-981-99-6222-8_37
Download citation
DOI: https://doi.org/10.1007/978-981-99-6222-8_37
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-99-6221-1
Online ISBN: 978-981-99-6222-8
eBook Packages: Computer ScienceComputer Science (R0)