On 7/26/2011 9:12 PM, Walter Bright wrote:
D relies more on memory safety guarantees of the language rather than after-the-fact damage control. A well written D program will have very little unsafe code in it, whereas it's pretty much impossible to do that in C or C++, as they rely so heavily on pointer arithmetic.
I should clarify that. If you write C style code in D, yes, your code is not verifiably safe and hence your programs could be susceptible to malicious attacks based on buffer overflow exploits.
But, if you write in D style, using arrays, ranges, and other safe data structures, the risk of your program being vulnerable to such exploits is reduced enormously.
