A shitpost about languages that generate CVEs

  • lad@programming.dev
    link
    fedilink
    English
    arrow-up
    14
    ·
    5 months ago

    Also, I like how this problem had a really simple solution all along

    There really isn’t anything we can do to prevent memory safety vulnerabilities from happening if the programmer doesn’t want to write their code in a robust manner.

    Yeah, totally, it’s all those faulty programmers fault. They should’ve written good programmes instead of the bad ones, but they just refuse to listen

    • onlinepersona@programming.devOP
      link
      fedilink
      English
      arrow-up
      11
      ·
      edit-2
      5 months ago

      Right, those devs with 20+ years C experience don’t know shit about the language and are just lazy. They don’t want to catch up with the times and write safe C. It’s me, the dude with 5 years of university experience who will set it straight. Look at my hello world program, not a single line of vulnerable code.

      Anti Commercial-AI license

        • onlinepersona@programming.devOP
          link
          fedilink
          English
          arrow-up
          4
          ·
          edit-2
          4 months ago

          Yeah, for sure. Human error is involved in C and inertia too. New coding practices and libraries aren’t used, tests aren’t written, code quality sucks (variable names in C are notoriously cryptic), there’s little documentation, many things are rewritten (seems like everybody has rewritten memory allocation at least once), one’s casual void * is another’s absolute nono, and so on.

          C just makes it really easy to make mistakes.

          Anti Commercial-AI license

      • Corbin@programming.dev
        link
        fedilink
        English
        arrow-up
        2
        ·
        4 months ago

        It has nothing to do with knowing the language and everything to do with what’s outside of the language. C hasn’t resembled CPUs for decades and can’t be reasonably retrofitted for safety.