Mozilla’s safer-C programming language used to shore up media wrangling code
Mozilla says it will next month ship the first official Firefox build that sports code written in its more-secure-than-C Rust programming language.
The Firefox 48 build – due out August 2 – will include components developed using Rust, Moz’s C/C++-like systems language that focuses on safety, speed and concurrency.

It’s hoped the Rust-written code will avoid the usual programming blunders present in other web browsers – typically use-after-free() and heap corruption bugs – which malicious websites exploit to install malware on computers.
For one thing, Rust’s toolchain is extremely strict and refuses to build source that potentially suffers from data races, buffer overflows and so on.

Therefore, it should be a lot harder to attack the Rust-hardened sections of Firefox.
The first use of Rust will be in the media parser tools, where the security strengths of the language are best put to use. Mozilla believes the memory safety features of Rust will do the most good when handling embedded media files, a favorite ammunition for drive-by malware attacks.
“Media formats are known to have been used to trick decoders into exposing nasty security vulnerabilities that exploit memory management bugs in web browsers’ implementation code,” wrote Mozilla director of strategy Dave Herman.
“This makes a memory-safe programming language like Rust a compelling addition to Mozilla’s tool-chest for protecting against potentially malicious media content on the web.”
Herman noted that early tests on the code have shown that the new Rust components run at identical speeds to their C++ predecessors, meaning users should see little to no difference in performance from the move. Meanwhile, the new Firefox build should, in theory, become more secure.
Going forward, Mozilla says it is working on nightly builds of Servo, a Rust-written browser engine that uses Moz’s C/C++ SpiderMonkey JavaScript engine. Meanwhile, Rust was recently updated to version 1.10.
“Rust itself is the product of a tremendous, vibrant community,” Herman declared.
“None of this work would have been possible without the incredible contributions of issues, design, code, and so much more of Rustaceans worldwide.” ®
Sponsored: 2016 Cyberthreat defense report

Leave a Reply