Sick of Buffer Overflows...
Jerry Feldman
gaf at blu.org
Thu Aug 8 16:34:11 EDT 2002
As a long time C programmer (22 years) and assembler programmer, my initial
response to the message was negative... BUT as a former COBOL and FORTRAN
programmer and having worked with many people in this industry from bit
fiddlers to programmers who have difficulty with "Hello, world!" you are
probably right.
I think Gossling got it right with Java to some extent. Many C programmers,
even experienced ones, don't use malloc efficiently, and don't understand
that in most cases free(3) does not return memory back to the host OS.
It is more important to get the application doing the right thing. And,
many experienced C++ programmers tend to misunderstand the semantics behind
the new and delete operators. There are few applications that really need
to use pointers. Most good optimizing compilers today can generate better
code if the programmer uses subscripts rather than pointers.
But, I don't think mid-level languages like C and C++ need to be disposed
of. There is always the need to dynamic memory allocation, but through the
use of libraries and templates the need for the lower level implementations
are not needed, except in cases of operating system code, drivers, and some
systems level code.
On 8 Aug 2002 at 15:46, bscott at ntisys.com wrote:
> In all honesty, I think that would be a very good idea. For that matter,
> I think the time has come to dispose of mid-level languages that deal
> directly with memory (like C and C++) for the bulk of application programs.
> I think computers have become powerful enough that the overhead would be
> significantly lower than the overhead of all these bugs and security
> problems.
--
Jerry Feldman <gaf at blu.org>
Associate Director
Boston Linux and Unix user group
http://www.blu.org PGP key id:C5061EA9
PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
More information about the gnhlug-discuss
mailing list