Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> On the other hand safe rust is so much easier than correct C that I don't particularly mind the tradeoff.

D isn't Rust, but my personal style has gravitated towards the borrow checker rules anyway. It wouldn't be hard at all to do it in C, either.

C's biggest security failing, however, is the lack of array bounds checking. It's always the #1 cause of security bugs in the field, by a wide margin. None of the workarounds in Standard C are attractive. I do not understand why the C committee adds all these bits and pieces of new features, and does not fix that problem. It's not like it's hard:

https://www.digitalmars.com/articles/C-biggest-mistake.html

The solution has been out there for 15 years now.



The standards people won't even add a standard buffer or slice to the language.

I kinda cry every time I see a new api with foo(void *src, int sz) signatures.


The standard people won't even add proper string support, besides their weak support for null-terminated buffers. Unicode strings have very special rules for searching, comparison and upper/lowercasing. And they are usually UTF-8 encoded.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: