A serious security bug... caused by no bounds checking.

Paulo Pinto pjmlp at progtools.org
Tue Apr 8 12:26:02 PDT 2014


Am 08.04.2014 20:28, schrieb Walter Bright:
> On 4/8/2014 10:44 AM, Paulo Pinto wrote:
>> C designers explicitly decided against it, with the thought that
>> developers
>> would use lint alongside C, which even today very few do.
>
> The trouble is that C cannot be retrofitted with bounds checking because
> of the array decay problem.
>

Fully agree with you.

That is why when I used to code in C at the university and my first job, 
I made use of warnings as errors, asserts and did a lot of defensive coding.

Having read Code Complete made me realize how I could make C more 
Pascal/Modula-2 like in terms of safety.

But you are right.

--
Paulo



More information about the Digitalmars-d mailing list