Some commentary would have helped me. I don't read (or write) rust but my understanding:<p><pre><code> * an untyped, unchecked region of memory is modeled by `let mut mem = Vec::<char>::new();`
* First, a fixed range of 16 bytes in mem is allocated for the password to be read
* Then the password to check against is allocated and stored in mem
* Then the input with embedded `'\0'`s is read into the range, without respecting the BUF_CAP
* Finally, the two regions within `mem` are compared for string equality
</code></pre>
There were no unsafe operations, but an "undesired" result can occur.
How is this called a Buffer Overflow and not a logic error? you are not overflowing the buffer and rewriting the registers, but taking the user input in the same buffer that holds the password and writing the user input from beginning of the buffer. It is not overflowing anything, only wrong bound check for user input. You can't write past the buffer, Rust will halt the program and throw an error.<p>It could be more interesting to have another buffer holding user input and then overflow it and corrupt the password buffer.<p>I am curious if that is possible without using unsafe?