So an attacker should sign their malicious webp or jpeg files beforehand? That doesn’t help at all.
No, I agree very much with parent here. I think compile time safety and rust fanatism has been oversold, but let’s face it this is the perfect use case, a match made in heaven.
Decoding in C/C++ has a Dunning Kruger deceitful appeal. People think they can do it, but time and time again, we find critical holes, even when written by 10x wizard Nobel laureate engineers.
At the same time, decoding needs to be crazy performant. So, this is the moment to shine for languages like Rust. I am 100% in support of this.
No, I agree very much with parent here. I think compile time safety and rust fanatism has been oversold, but let’s face it this is the perfect use case, a match made in heaven.
Decoding in C/C++ has a Dunning Kruger deceitful appeal. People think they can do it, but time and time again, we find critical holes, even when written by 10x wizard Nobel laureate engineers.
At the same time, decoding needs to be crazy performant. So, this is the moment to shine for languages like Rust. I am 100% in support of this.