GStreamer course in Rust

Overview

The GStreamer framework’s core is written in C programming language. Still, it was designed with the possibility of being used from other programming languages that may be conceptually different from C. It is achieved through the language bindings and a technology called Glib Dynamic Type System: glib serves as a layer between the framework (GStreamer in this case) and a certain programming language for which the glib and GStreamer bindings have been generated. Bindings for many languages (that might have garbage collectors or other features) have already been created: Go, Java, Python, Haskell, D, Ruby, C#, and others, including the Rust programming language, which will be the topic of this article.

Rust programming language is relatively new and supposed to bring more safety to system programming - something that has been tried since the early 90s. It’s been replaced by different approaches, such as C++, Java, and Ada. One who opens older books and magazines will find that C was already considered obsolete. Meanwhile, in 2025, we discuss the framework written in C, resulting from a natural open-source experiment. C code that appeared in the year 2000 as an mp3 player for Linux has become one of the most popular frameworks for telecommunications 25 years past, even though newer and, therefore, presumably better languages were already there.

However, C is often criticized for manual memory management and direct memory access. Programmers always try to reduce the ability of human mistakes—through language paradigms or external tooling—because certain mistakes can be exploited to break the system, steal confidential data, or even grant full control over a vulnerable system. Such a mistake is called a vulnerability or CVE—Common Vulnerabilities and Exposures.

Cybersecurity is a universe that is mainly based on audit - new CVEs are constantly being discovered and reported through special platforms. Sometimes, the vulnerability is inside of an algorithm or a protocol; sometimes, it’s in the logic of a program, and sometimes, it is a mistake of a wrong memory access. Following the latest statistics, CVEs based on the wrong memory access form nearly 60-70% of the reports. We mention wrong memory access because it’s a mistake that is possible to run into when writing in C and C++. However, many of the recent highly critical reported CVEs are not related to memory access but to simple errors in the logic instead.

For example, in October 2024, Gitlab reported they had fixed a 10/10 severity critical issue that was found in a parser written in Ruby. Another recent report talks about a CVE that has been exploited in real life - that turned out to be an SQL injection, which is also not related to memory access. This kind of CVE is called 0-day, meaning that the CVE has been discovered or exploited before it has been fixed. Here is another one: an attacker could grant Bluetooth access on Ubuntu devices, which is also not related to memory access.

Nothing is perfect, so other CVEs have also been discovered in Rust code. Strictly speaking, security is not considered a concern for most industry products; it just falls out of scope. However, when it is important, auditing seems unavoidable because modern history even knows that CVEs were discovered in the Rust standard library.

However, it wouldn’t be fair to say that CVEs related to memory access do not matter much. Many of them are related to buffer overflows and have been discovered in GStreamer, such as this one. Recent research on GStreamer has discovered 29 new vulnerabilities in the C code. Many tools are developed to audit the code - some scan the assembly, and others randomly break valid data. These are called fuzzers.

So Java and Python are memory safe, but the key point of Rust programming language is that it reduces the performance overhead of the safety checks by checking memory access at the compile time - something called “borrows checker.” However, Rust is not only the borrow checker; it also comes with a development environment - its build system called Cargo, which can download the dependencies and align the code formatting with its own code documentation tool with an expansive standard library and many frameworks.

In a certain way, the Rust programming language chases various modern approaches to improve the programming experience in general. Many people already have heard about Rust - it became a significant movement in the industry that includes creating new operating system kernels, attempts to rewrite important opensource projects - from popular unix tools to frameworks established in the industry, introducing modules written in this language to the fundamental components of popular Linux distributions. Various factors drive this movement: partially, it relies on human inspiration and personal vision, but also its force comes from the sponsorship of industry giants. In 2018, Mozilla revealed its sponsorship of the rust-libav to build a Minimal Viable Product as a part of the Secure Open Source initiative; a complete list of the sponsors for Rust can be found on the Rust Foundation website.

Curiously, the contribution rate to FFmpeg seems to be higher than that of rust-libav, so seven years have passed, and it hasn’t become a complete replacement. However, interested companies are now able to rely on this approach and have more confidence in this dependency.

We are observing a real-time experiment with this new programming language as one player with notable influence.

Rust in GStreamer

Many people and companies who play a role in the world of open source were inspired by this new programming language and became a part of this movement. The GStreamer community reached the point in which many important maintainers with the greatest merit in this project started to put effort into making Rust a part of GStreamer, strongly recommend using it, and write new plugins in this language.

Following the latest GStreamer conferences, the community declared its vector quite clear—they explicitly proposed to choose Rust. Starting from nearly 2023, it became a fact that the newest muxers, networking elements, and other plugins are written in Rust. Also, there are attempts to rewrite certain important elements, such as the RTSP source element.

One interesting and handy plugin written in Rust is a thread share plugin. This plugin resolves the bottleneck in the framework that did not allow scaling its usage for high amounts of network streams because of its threading model. The thread share plugin switches the concept of streaming a thread to a streaming task in a thread pool.

Other plugins provide support for new, established signaling standards over WebRTC. Even though webrtcbin is written in C, webrtcsink and webrtcsrc elements written in Rust extend the implementation to established signaling protocols.

Opensource relies on natural meritocracy. The fact that some very experienced GStreamer maintainers started preferring this language creates a simple effect: more and more new plugins written by them are now in Rust. Apart from the reimplementations of the plugins written in C, there are also others that provide support for newer standards, such as CMAF muxer. A complete list of plugins implemented in Rust can be found in its repos README.md.

Rust API for GStreamer also provides a fresh perspective on this framework’s API development, allowing it to be seen as improved at specific points.

GStreamer training in Rust

Recently, we received a request to prepare GStreamer training that would also target using Rust, and we were eager to accept it.

The training materials we prepare in Fluendo target a deep understanding of how GStreamer works. Complete knowledge of this framework is hard, so our approach was always to provide fundamental knowledge so that the student could read or patch the code of any plugin and resolve questions independently.

At the same time, since it’s an online training, we are trying to provide as much as possible an ability to ask and resolve some concrete questions students might already have. Metaphorically speaking, we are trying to give both a fish and a spinning.

So, we extended all the examples to have similar implementations in Rust - would it be an application or a plugin? We also used the API references from the GStreamer Rust crates in the materials. By the end of the training, we extended the examples even more to handle our students’ questions, such as the dynamic rebuild of the pipeline. We have also explained the paradigm in which one would use GStreamer from the Rust programming language.

Ending with a fresh look over the Rust bindings, they allow reducing the amount of code that needs to be written, which is definitely a good thing. Happily closing this project, we would like to thank the community that gave its support and the students who came with good questions and a great will to study the GStreamer framework!

Ready to take your GStreamer expertise to the next level? Whether you’re exploring the Rust programming language or diving deeper into multimedia frameworks, we’re here to help. Contact us today to learn more about our customized GStreamer training and how we can support your journey.