Dr. Yiming Jing is a senior security scientist at Baidu X-Lab. He has been working on Android security research and building secure software systems. He is the author and maintainer of MesaLink, a TLS library providing OpenSSL compatible C APIs.
Efficient FFI bindings are one of the core features of Rust; however dereferencing raw pointers, conversion between Rust and C types, memory allocation, …, all could possibly go wrong in FFI code and undermine the memory safety guarantee of Rust. The Rustonomicon and a few previous talks at RustFest discuss the topic of Rust FFI; but overlook the challenges in writing correct and safe FFI code. In this talk, we discuss a taxonomy of common pitfalls in Rust FFI with real-world examples. Moreover, we will review relevant principles and share our approach to effectively avoid the pitfalls.