The impracticality of c & projects - Programming On Unix
Users browsing this thread: 7 Guest(s)
|
|||
(02-09-2015, 10:23 AM)vypr Wrote: the programmer needs to pick up a book on making secure applications in C. This is not as simple as that. C is a language that doesn't even try to fix runtime errors. Out-of-boundaries arrays, random memory reads, unterminated strings, ... Some languages actually provide checks for these, and thus prevent leaks and exploits based on this (remember heartbleed?). Sure, this would have been prevented if the devs didn't make such an error in the first place. But hey, if people didn't make any error, we wouldn't even be discussing this. Everyone makes errors, this was true in the past, this will be true in the future. And C will always let you make such errors, while other languages don't. If you think your application is a bit "risky", and your codebase starts to be hard to review, then C might not be the best language. |
|||