• aberba (7/7) May 28 2017 https://lwn.net/Articles/708196/
• Ola Fosheim Grostad (8/15) May 28 2017 It consists of many libraries. Audio-video decoders tend to be
• piotrklos (5/7) May 28 2017 Intuitively it would be much better because overwhelming majority
• Paulo Pinto (7/14) May 29 2017 GStreamer has already adopted Rust and is slowly migrating away

aberba <karabutaworld gmail.com> writes:

https://lwn.net/Articles/708196/

 From the look of things and feedbacks from several security 
analysts and system developers, [exposed] I/O needs to be memory 
safe.

GStreamer multimedia library developed in C has safety issues 
[see article]. What would its safety be if it was written in D 
(along with its plugins)?

Ola Fosheim Grostad <ola.fosheim.grostad gmail.com> writes:

On Sunday, 28 May 2017 at 16:58:53 UTC, aberba wrote:
 https://lwn.net/Articles/708196/

 From the look of things and feedbacks from several security 
 analysts and system developers, [exposed] I/O needs to be 
 memory safe.

 GStreamer multimedia library developed in C has safety issues 
 [see article]. What would its safety be if it was written in D 
 (along with its plugins)?

It consists of many libraries. Audio-video decoders tend to be 
selected based on performance so no bounds checks. You can 
usually do it in a safe manner, but then you either need to adapt 
all the algorithms or prove correctness. Both alternatives are 
expensive. So really, sandboxing sounds like a more realistic 
alternative for an open source media player that aims to support 
all formats using third party codecs...

piotrklos <poliklosio happypizza.com> writes:

On Sunday, 28 May 2017 at 16:58:53 UTC, aberba wrote:
 https://lwn.net/Articles/708196/

 (...)

Intuitively it would be much better because overwhelming majority 
of the code can be written with  safe, but bounds checking would 
have to be switched off for some plugin code for performance 
reasons, so it would not be 100% secure.

Paulo Pinto <pjmlp progtools.org> writes:

On Sunday, 28 May 2017 at 16:58:53 UTC, aberba wrote:
 https://lwn.net/Articles/708196/

 From the look of things and feedbacks from several security 
 analysts and system developers, [exposed] I/O needs to be 
 memory safe.

 GStreamer multimedia library developed in C has safety issues 
 [see article]. What would its safety be if it was written in D 
 (along with its plugins)?

GStreamer has already adopted Rust and is slowly migrating away 
from C into Rust.

Search for their presentation at RustConf Kiev 2017.

Also GNOME guys have been having meetings with Rust design team 
as there is the possibility to replace Vala with Rust. See GUADEC 
Mexico city 2017.