Are programs/OSes written in D more secure than programs written in C/C++?
J.Varghese
unnecessary at unknown.com
Thu Jun 7 02:44:34 PDT 2012
> D has a few language features that help to minimize exploits:
>
> - slices
> - bounds checking
> - more restrict type checking
> - GC
> - reference parameters
> - proper strings
> - security layers among modules (system, trusted, safe)
>
> Most C and C++ security exploits are due to:
>
> - pointer arithmetic
> - null terminated strings
> - lack of bounds checking on array access
> - usage of pointers to change input arguments
>
> Sure enough, static analysis tools can help, but not everyone
> makes
> use of them. Note that C++ library can help, but requires that
> the developers
> play by the rules.
>
> But no language is 100% full proof. You still need to take care
> data
> is properly handled (SQL, passwords, etc) and if the OS does
> not provide
> the proper security mechanisms, you can still tweak the
> assembly code.
>
> --
> Paulo
So if the causes of most C and C++ security exploits have been
addressed in D and D makes it difficult to write insecure code,
what exploits are still possible in D? Have the most serious and
numerous bugs been made unlikely in D? Does anybody know if D
makes new classes of bugs possible?
If I was comparing a C/C++ OS versus an identical OS written in
D, do you have estimates for many fewer bugs the D OS will have?
20% fewer minor bugs? 50% fewer critical bugs? Is that even the
right question to ask?
More information about the Digitalmars-d
mailing list