Back around 1980, when Ada was new, it was common for compiler manufacturers to 
claim it is best to disable bound checking for performance reasons.  Getting 
your program to run slightly faster trumped knowing that any of your buffers 
was overflowing. Code that silently trashes memory can be expected to produce 
some truly creative results.   My practice is to code defensively, to ensure my 
program is operating according to policies that I set for it.  I want to know 
when it is misbehaving.  Should there be a performance hit, I instrument the 
program to find the hot spots and optimize those and only those.
Secure Coding mailing list (SC-L)
List information, subscriptions, etc -
List charter available at -
SC-L is hosted and moderated by KRvW Associates, LLC (
as a free, non-commercial service to the software security community.

Reply via email to