Python is memory safe? Can’t you access/address memory with C bindings?

  • @[email protected]
    link
    fedilink
    English
    568 months ago

    Mr Stroustrup can spin it however he likes, but 70% of CVEs are caused by memory errors in unsafe languages like C and C++. That isn’t happening because the majority of their devs are idiots. The language is the problem.

    Talking about “but there are tools” and “hold on a minute, there a ways to write safe C++” is missing. It’s way too easy to write memory unsafe code in C++. The opposite is true of other languages and that’s why they are being recommended (dare I say pushed) over C++. To write memory unsafe Rust for example, you really, really have to want to.

    C++ is his baby, Of course he won’t acknowledge it and it was entirely predictable he would blame the programmers. The language will be the equivalent of COBOL in a decade or two.

    CC BY-NC-SA 4.0

    • @[email protected]
      link
      fedilink
      368 months ago

      If “just don’t be an idiot” worked in the real world we wouldn’t have any need for laws or safety regulations or certifications. It’s not and never has been a compelling argument.

      Writing C++ is like walking around a construction site without a hard hat and going “ah I don’t need it, I’ll just make sure nothing falls on my head.” Yeah sure, buddy, we’ll make sure that’s written on your tombstone.

    • @zik
      link
      -8
      edit-2
      8 months ago

      deleted by creator

      • Black616Angel
        link
        fedilink
        218 months ago

        Yes, right. We could completely erase one third of exploitable vulnerabilities (by your numbers) only by switching to modern languages.

        There is no good argument against that. Why wait for C or C++ to try and implement get another weird “solution” for those problems? (That no one uses then anyway)

        • @zik
          link
          -78 months ago

          deleted by creator