Mainjiniya kubva kuGoogle akapfupikisa mhedzisiro yekutanga yekuunza rutsigiro rwekusimudzira mumutauro weRust mupuratifomu yeAroid. Mu Android 13, ingangoita 21% yekodhi nyowani yakawedzerwa yakanyorwa muRust, uye 79% muC/C++. Iyo AOSP (Android Open Source Project) repository, iyo inovandudza kodhi kodhi yepuratifomu yeAroid, ine mitsara inosvika miriyoni imwe nehafu yeRust kodhi yakabatana nezvinhu zvitsva zvakadai seKeystore1.5 cryptographic key store, stack yeUWB chips (Ultra-Wideband) , kushandiswa kweiyo DNS-over-HTTP2 protocol, iyo AVF (Android Virtualization Framework) virtualization framework, kuyedza stacks yeBluetooth neWi-Fi.
Zvinoenderana neyakagamuchirwa zano rekudzikisa njodzi yekusagadzikana kunokonzerwa nekukanganisa mukushanda nendangariro, mutauro weRust parizvino unoshandiswa kunyanya mukugadzirwa kwekodhi nyowani uye kusimbisa zvishoma nezvishoma kuchengetedzwa kweakanyanya kutambudzika uye akakosha software zvikamu. Iko hakuna chinangwa chakazara chekuendesa chikuva chese kuRust uye kodhi yekare inoramba iri muC / C ++, uye kurwisa zvikanganiso mairi kunoitwa kuburikidza nekushandiswa kwekuongorora kwefuzzing, static analysis uye kushandiswa mukuvandudza matekiniki akafanana uchishandisa iyo MiraclePtr mhando (inosunga pamusoro peyakaomesesa anonongedzera, kuita mamwe macheki ekuwana yakasunungurwa nzvimbo dzekurangarira), iyo Scudo memory allocation system (yakachengeteka kutsiva malloc/yemahara) uye nzira dzekuona kukanganisa paunenge uchishanda nendangariro HWAsan (Hardware-assisted AddressSanitizer), GWP-ASAN uye KFENCE.
Kana dziri nhamba dzemhando yekusagadzikana mupuratifomu yeAroid, zvinocherechedzwa kuti sezvo kodhi nyowani inoshanda zvisina kuchengetedzeka nendangariro inoderera, kune kuderera kwehuwandu hwekusagadzikana kunokonzerwa nekukanganisa kana uchishanda nendangariro. Semuenzaniso, chikamu chekusagadzikana kwakakonzerwa nematambudziko ekurangarira chakadzikira kubva pa76% muna 2019 kusvika 35% muna 2022. Munhamba dzakakwana, 2019 ndangariro-dzine chekuita nekusagadzikana kwakaonekwa muna 223, zana nemakumi mashanu muna 2020, zana muna 150, uye makumi masere neshanu muna2021 (zvese zvakaonekwa kusasimba zvaive muC/C ++ kodhi; muRust kodhi, hapana matambudziko akafanana kusvika pari zvino aive asina. kuwanikwa). 100 raive gore rekutanga umo kusagadzikana kwakabatana nendangariro kwakaguma kutonga.
Sezvo kusakuvara kwakabatana nendangariro kunowanzova nengozi zvakanyanya, huwandu hwese hunoratidzawo kudzikira kwehuwandu hwezvinhu zvakakosha uye nyaya dzinogona kushandiswa kure. Panguva imwe cheteyo, masimba ekuona hurema husina chekuita nekushanda nendangariro anoramba ari padanho rakafanana kwemakore mana apfuura - 4 vulnerabilities pamwedzi. Mugove wematambudziko ane njodzi pakati pekusagadzikana kunokonzerwa nekukanganisa kana uchishanda nendangariro zvakare inoramba iripo (asi sezvo huwandu hwekusagadzikana kwakadaro huchidzikira, huwandu hwematambudziko ane njodzi hunodzikirawo).
Iwo manhamba anoteedzerawo kuwirirana pakati pehuwandu hwekodhi nyowani inoshanda zvisina kuchengetedzeka nendangariro uye nenhamba yekusagadzikana kwakabatana nendangariro (buffer mafashama, kuwana kune yakatosunungurwa ndangariro, nezvimwewo). Kucherekedza uku kunosimbisa fungidziro yekuti chinotariswa kana uchishandisa nzira dzakachengeteka dzekuronga dzinofanirwa kunge dziri pakubvisa kodhi nyowani pane kunyora zvakare kodhi iripo, sezvo kuwanda kwekusagadzikana kwakaonekwa kuri mukodhi nyowani.
Source: opennet.ru