At 10:36 PM +0100 6/10/04, David Crocker wrote: >I agree that converting legacy code to use one of the techniques I suggest isn't >always going to be easy and inexpensive. My posting was aimed at those saying >that something better than C/C++ should be used for new security-critical >applications (which I agree is preferable), and I was pointing out that there >are ways of using C++ so as to avoid its troublesome "array=pointer" feature.
And there are ways of using Assembly Language to avoid pitfalls that it provides. There are ways of using horse-drawn carriages to avoid the major reason (think street cleaning) why the automobile was embraced in urban areas during the early part of the 20th century. What there are _not_ are reasons for new development to cling to languages which make flawed constructs easy for the individual programmer to misuse. (Of course rewriting existing applications from one language to another should only be undertaken when there are strong reasons for rewriting in general, since the defects introduced, regardless of language, will be many.)
