David Crocker wrote:
Apart from the obvious solution of choosing another language, there are at least
two ways to avoid these problems in C++:
1. Ban arrays (to quote Marshall Cline's C++ FAQ Lite, arrays are evil!). Use
...
2. If you really must have naked arrays, ban the use of indexing and
ljknews wrote:
And there are ways of using Assembly Language to avoid pitfalls that it
provides. There are ways of using horse-drawn carriages to avoid the
major reason (think street cleaning) why the automobile was embraced in
urban areas during the early part of the 20th century.
What there
On Wed, Jun 09, 2004 at 03:34:52PM +0100, David Crocker wrote:
Apart from the obvious solution of choosing another language, there are at least
two ways to avoid these problems in C++:
1. Ban arrays (to quote Marshall Cline's C++ FAQ Lite, arrays are evil!). Use
classes from the STL, or
der Mouse (Maus surely?) wrote
[snip]
Well, actually, but for the world's addiction to sloppy coding.
It's entirely possible to avoid buffer overflows in C; it
just requires
a little care in coding. C's major failing in this regard - and I
don't actually consider it all that major - is
At 9:11 AM -0400 6/9/04, Gary McGraw wrote:
Language makes a huge difference, eapecially in the realm of bugs. So not using C
and C++ is smart. Use Java or C# instead.
Or Ada, or PL/I, or Pascal, or Eiffel, etc.
There are _lots_ of choices out there.
Sloppy coding can be done in any language, but C and C++ have 3 features that
aggravate the problem:
1. The array=pointer idiom. Given a parameter which is an array, you can't ask
at run-time how big the array is - you have to do extra work and pass the size
in an additional parameter (whereas
[EMAIL PROTECTED] wrote on Wednesday, June 09, 2004 7:58
AM:
Although I am in favor of languages that help prevent such nasties as
input buffer overruns, this is an excellent point. A sloppy
programmer will write sloppy code. Reminds me of an old saying that I
heard years
ago while
At 1:10 PM -0400 6/8/04, Jose Nazario wrote:
thought some of you may find this editorial from the May 04 ACM Queue
worth a read. ACM Queue is an interesting magazine and has a website at
acmqueue.org.
Buffer Overrun Madness
ACM Queue vol. 2, no. 3 - May 2004
by Rodney Bates, Wichita State