[OffTopic]: Safer usage of C++ in Chrome

Paulo Pinto pjmlp at progtools.org
Thu Sep 9 13:21:38 UTC 2021


On Thursday, 9 September 2021 at 11:46:20 UTC, Steven 
Schveighoffer wrote:
> On 9/9/21 3:28 AM, Paulo Pinto wrote:
>> Nothing new to those of us that are aware of the issues that 
>> plague C and C++ codebases in terms of security, still kind of 
>> interesting to see how much effort is being thrown at trying 
>> to fix Chrome's security exploits.
>> 
>> https://docs.google.com/document/d/e/2PACX-1vRZr-HJcYmf2Y76DhewaiJOhRNpjGHCxliAQTBhFxzv1QTae9o8mhBmDl32CRIuaWZLt5kVeH9e9jXv/pub
>> 
>> 
>> Naturally what many usually forget, is that all those 
>> development hours and bug fixes translate into salaries and 
>> contracting rates that need to be paid.
>> 
>> Unfortunely the marketing of how much development costs one 
>> saves by using languages like D, still don't reach most 
>> finance departments.
>
> Surely, porting Chrome to D would cost more...
>
> Where it might cost less is if you used a memory-safe-oriented 
> language like D or Rust at the start.
>
> -Steve

Yes, my monetary point was about what languages get chosen when 
starting new projects.

This document outcome is that porting is not an option given the 
amount of existing code.

Even on Android, they are doing baby steps, only replacing the 
bluetooth stack.

However this kind of tradeoffs is why C# is finally becoming more 
D like in low level capabilities, since version 7.


More information about the Digitalmars-d mailing list