Hacking C code vs D code

rempas rempas at tutanota.com
Mon Aug 8 06:04:18 UTC 2022 

On Thursday, 4 August 2022 at 23:11:36 UTC, pascal111 wrote:
> One of problems faced me in C programming is hacking data with 
> C code that some hackers do with C code which make me needs 
> more tools to protect my C code, but I don't have good 
> resources in my current time, while I noticed that D code is 
> more secure than C code by mean it will be more useful to do my 
> codes in my current time.
>
> My question is, to which extent D code is secure and helping in 
> protect data?

One of the reasons that C is considered an "unsafe" language is 
because
of `libc`. And this is due to three reasons (at least in my view):

1. `libc` is a low level library and as every low level library, 
it allows you
     to have a lot of control but you must know what you're doing. 
But even
     when you do, humans do make mistakes and we forget things....
2. `libc` doesn't have the best design so programmers can really 
mess up
     and not even know it....
3. `libc` is a limited library (at least after the basic needs) 
so people have to
     write their own code. Compared to having a standard library 
who's open-source
     and anyone can use, a library that has been written by a 
developer only for
     the needs of the current program means that it will always 
reflect the quality
     of the developer himself/herself. At the other point, the 
standard library will
     be developed by a team of very experienced programmers 
(expect when n00bs
     like me design programming languages and libraries...). This 
is important because
     these people will do less mistakes and even when they do, the 
community will
     try to improve things here and there. Proper testing is 
another thing software
     written by very experienced people have. While beginners tend 
to avoid them
     like plague...

The third one is probably the biggest reason. D has its own 
library that builds on
top of `libc` and it's called `phobos` (bonus for its amazing 
name!). For that reason,
D is mostly a safer language than C. Of course, D is as low level 
as C and you have the
ability to use low level features and not use `phobos` but only 
`libc` (check about 
[BetterC](https://dlang.org/spec/betterc.html)).
You can also, use pointers, allocate memory manually, do system 
calls (and write inline
assembly in general) and do pretty much whatever you can do in C. 
If you do it, then D
will be as unsafe as C. So it really comes down to the language 
features and the libraries
that are used. Hope that solved your mysteries ;)

More information about the Digitalmars-d-learn mailing list