der Mouse (Maus surely?) wrote [snip] > > Well, actually, but for the world's addiction to sloppy coding. > > It's entirely possible to avoid buffer overflows in C; it > just requires > a little care in coding. C's major failing in this regard - and I > don't actually consider it all that major - is that it doesn't provide > any tools to help. It assumes that you the programmer know > what you're > doing, and the mismatch between that and the common reality is where > the problem actually comes from.
I dislike this commonly-used argument that essentially says "you should only employ above average people who don't make mistakes". It is flawed on lots of levels. 1. On average ability over our industry is average! 2. Even brilliant, infallible programmers like me make mishtukes shummtimes. 3. Even if above average, non-sloppy programmers can avoid mistakes, the effort they spend doing so is a distraction from their real job of solving the problem the program is intended for. 4. The levels of mental abstraction needed to solve an application domain problem and to worry about operator precedence and buffer overflow are completely different; there is good evidence that humans don't work well at more than one abstraction level at a time. > > All that a "better" language will bring you in this regard is that it > will (a) push the sloppiness into places the compiler can't check and > (b) change the ways things break when confronted with input beyond the > design underlying their code. > This sounds like the Syrius Cybernetics defence (from the Hitch Hiker's Guide to the Galaxy); essentially you seem to be saying it is OK if all the deep and complex flaws in a product are completely obscured by all the shallow and obvious ones. You can't assume that the sloppy programmer in C /only/ introduces shallow errors. In practice, well designed languages can do much more than you claim. They can completely eliminate whole classes of error that currently exercise our attention, make sloppiness very hard to conceal and make it much easier to find any subtle errors that remain. Peter ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. The IT Department at Praxis Critical Systems can be contacted at [EMAIL PROTECTED] This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ********************************************************************** ________________________________________________________________________ This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs. For more information on a proactive anti-virus service working around the clock, around the globe, visit: http://www.star.net.uk ________________________________________________________________________
