aja,
@aja@mathstodon.xyz avatar

I really should be doing my own research, but why is the consensus that #C and are too prone to subtle—particularly security-critical—errors to be acceptable for production use? I’ve been coding C since K&R was the only standard, but nearly always for research or instruction. I get the basic arguments about input validation and memory management, but seems to just be ‘humans are sloppy and error prone’, which we’ve been developing ways of dealing with since we came down from the trees ../2

aja,
@aja@mathstodon.xyz avatar

../2 I’m not necessarily denying the thesis—I’m dutifully learning right now—but is anyone aware of good non-anecdotal evidence for why we should be avoiding C/C++? (For vales of ‘evidence’ including large-scale data-driven studies, metastudies, peer-review, replication, …).

dekkzz76,
@dekkzz76@emacs.ch avatar

@aja

google analysed their bug data which showed upto 70% of bugs in C++ came back to memory management.

https://www.zdnet.com/article/chrome-70-of-all-security-bugs-are-memory-safety-issues/

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • uselessserver093
  • Food
  • aaaaaaacccccccce
  • test
  • CafeMeta
  • testmag
  • MUD
  • RhythmGameZone
  • RSS
  • dabs
  • KamenRider
  • Ask_kbincafe
  • TheResearchGuardian
  • KbinCafe
  • Socialism
  • oklahoma
  • SuperSentai
  • feritale
  • All magazines
    •