Re: Coding Practice [was Re: Serious OpenSSL vulnerability]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 04/09/14 11:35, Jonathan Ryshpan wrote:
<<>>


It's an interesting question why Net infrastructure code

> continues to be written in C, a language that provides no
> automatic checks for buffer overflow, which (if I understand
> right) is the opening for this security breach, along with so
> many others.  And why is the code run on hardware that provides
> no such checks?  There have been languages and system that check
> for overflow available for 40 years.

from early times, c, c++ and the various "enhancements", were
used because it was a universal language that code/source, could
be written under 1 cpu and transferred to another and still run
because code/source was run thru a cpu specific compiler.

something that could be done with basic, fortran, python, and
other 'high  level' languages. but, with the most efficient
language, assembler, such could not be.

c and c++ are not interchangeable in there code. nor is c++ an
enhancement or super set of c. they are each in their own world.

because of all the routines that where built up for c/c++, it
soon became a sudo standard in programming. yet it falls short
in ability of specific uses and will never replace fortran,
python and other high levels.

c/c++ is a very inefficient language, yet it has been accepted
as 'the language to learn and use'. a very bad misconception.

compactors have been written for c/c++, but even after many hours
to days, and longer of running compactors, c/c++ still fail to be
reduced to what can be done with high level languages, and will
never come any where near the compactness of assembler.

the worst fault of c/c++ is buffer overflow, yet know one seems to
really care. mainly an attitude of 'if it overflows, we will worry
about it then'. not the best way to think.

if one were to run an analysis of programs that are hacked and of
security that has been broken, one would find that what is written
with c/c++ is the easiest to hack and break. a nature of the beast.


Why doesn't anyone use them?


because they are easy to understand, learn and use.


--

peace out.

in a world with out fences, who needs gates.

tc.hago.

g
.

--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
Have a question? Ask away: http://ask.fedoraproject.org
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [EPEL Devel]     [Fedora Magazine]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Desktop]     [Fedora Fonts]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Fedora Sparc]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux