Typical security issues in C++: why the GC isn't your enemy
Tejas
notrealemail at gmail.com
Tue Dec 6 03:13:41 UTC 2022
On Monday, 5 December 2022 at 19:57:39 UTC, H. S. Teoh wrote:
> In the past, I've posted about my impressions of coding issues
> encountered in a large C codebase (approx 2M LOC), as found by
> Coverity. My impression was that there was a large predominance
> of bugs related to memory management and raw pointers.
> However, I didn't have actual data to back up my memory. So I
> decided to do a slightly more evidence-based analysis by doing
> a little informal analysis of the following list of CVE issues
> in the Chromium browser, a commonly-used browser, from the
> Debian/Linux security tracker page:
>
> [...]
People will resort have to resort to `@nogc` stuff when writing
performance critical code anyways, so the protection from `D`'s
GC will go away in those cases; and Chrome engineers aren't the
kind of folk who will find the Rust learning curve to be steep.
It will most likely be a competition between Rust and Carbon, as
far as Chrome's future is concerned, and that is even assuming
that they're interested in changing languages
More information about the Digitalmars-d
mailing list