Memory safe languages in Android 13

Sponsored:

Browsing without a VPN is like mailing your passwords on a postcard. Hackers, advertisers, and your ISP are tracking every click.

PureVPN wraps your data in military-grade encryption, making you completely invisible to snoops while unlocking restricted content worldwide. Don’t leave your digital life exposed for another second.

Reclaim your online privacy. Click here to secure your connection now!

Author: Thom Holwerda
Source

In Android 13, about 21% of all new native code (C/C++/Rust) is in Rust. There are approximately 1.5 million total lines of Rust code in AOSP across new functionality and components such as Keystore2, the new Ultra-wideband (UWB) stack, DNS-over-HTTP3, Android’s Virtualization framework (AVF), and various other components and their open source dependencies. These are low-level components that require a systems language which otherwise would have been implemented in C++. To date, there have been zero memory safety vulnerabilities discovered in Android’s Rust code. We don’t expect that number to stay zero forever, but given the volume of new Rust code across two Android releases, and the security-sensitive components where it’s being used, it’s a significant result. It demonstrates that Rust is fulfilling its intended purpose of preventing Android’s most common source of vulnerabilities. Historical vulnerability density is greater than 1/kLOC (1 vulnerability per thousand lines of code) in many of Android’s C/C++ components (e.g. media, Bluetooth, NFC, etc). Based on this historical vulnerability density, it’s likely that using Rust has already prevented hundreds of vulnerabilities from reaching production. These numbers don’t lie.

Read more