Heartbleed and static analysis
Walter Bright
newshound2 at digitalmars.com
Sun Apr 13 10:31:18 PDT 2014
On 4/13/2014 9:26 AM, Dicebot wrote:
> C++ fault is that it makes very easy even for experienced programmer to write
> faulty code and consequences of a mistake can be rather dire. C has similar
> issues but C is much smaller and simpler language which allows to keep all
> possible danger points in mind. I have yet to meet a single C++ programmer who
> can remember about all corner cases at the same time. I am not sure even Bjorne
> himself can.
>
> D makes situation much better by refining base semantics to adhere "safe by
> default, fast when explicitly asked" principle (array bounds checks, default
> initialization of locals). It is still not 100% consistent but greatly reduces
> stress of the context comparing to C++.
>
> I'd still prefer C++ over C for most projects but only if using very small
> well-defined subset of C++ verified by static analysis tool continuously.
Interestingly, I've been seeing that what makes D code much more robust is a
consequence of 'unittest' coupled with -cov.
More information about the Digitalmars-d
mailing list