Item shadowing

Question

Item shadowing

burdges opened this issue 4 years ago · comments

Are we concerned about item shadowing? Do we want lints that forbid shadowing?

At a technical level, item shadowing might not create so many new threats per se, but they simplify innocent looking bug doors.

It remains unclear to me if rust-lang/rfcs#2845 makes the item shadowing situation better or worse.

Sergey "Shnatsel" Davidoff · Answer 1 · Tue Jun 16 2020 06:11:04 GMT+0800 (China Standard Time)

Item shadowing is a double-edged sword. Intentional use for removing variables you don't want to use accidentally is great. On the other hand, accidental shadowing may cause issues.

I don't recall any RustSec advisories for issues caused by shadowing, for what it's worth. Neither do I recall any in the fuzzing trophy case, but I can't remember all of those for sure.

IIRC there is a clippy lint that makes any kind of shadowing a warning.

kpcyrd · Answer 2 · Tue Jun 16 2020 09:39:57 GMT+0800 (China Standard Time)

I usually use shadowing when I get something like Result<Option<T>> and I actually want a T. There used to be an underhanded-rust contest going on, maybe it's time to do another round. :)

Jeff Burdges · Answer 3 · Tue Jun 16 2020 10:13:57 GMT+0800 (China Standard Time)

I'd think such attacks live only in NPM land still, but we've so much large crypto-currency software being written in rust that bug door attacks using shadowing sound plausible eventually.

IIRC there is a clippy lint that makes any kind of shadowing a warning.

Any? We do not care about local variable shadowing, only cross-crate method shadowing. We can close this issue if clippy can do methods only. We've some cargo tool to run clippy on dependencies?