Defining the Rust 2024 edition

Really? Nobody said that in this whole discussion.
I said that this particular CVE would probably not have existed, if the function was written in Rust.
Look at it!
It is a classical buffer overflow. Buffer overflows and integer overflows resulting in buffer overflows are *the* most common thing when it comes to security problems.
This bug would almost certainly not have been exploitable in Rust.
It would have been garbage data in -> garbage out (program termination).

But you know what? You are actually right.
Rust code can also have security problems, of course.
Rust only tries to make certain classes of bugs impossible or much much harder to express.

But it is no coincidence that these classes of bugs make the majority of security bugs.

And that is what makes Rust code have *almost* no security problems by definition.
Of course you can still incorrectly implement your security checks for your door entry mechanism. But Rust ensures that it won't outright blow up right into your face with UB.