this post was submitted on 17 Sep 2024
36 points (95.0% liked)

C++

1777 readers
1 users here now

The center for all discussion and news regarding C++.

Rules

founded 1 year ago
MODERATORS
36
submitted 2 months ago* (last edited 2 months ago) by cmeerw to c/cpp
you are viewing a single comment's thread
view the rest of the comments
[–] lysdexic 1 points 2 months ago* (last edited 2 months ago) (25 children)

From the article.

Josh Aas, co-founder and executive director of the Internet Security Research Group (ISRG), which oversees a memory safety initiative called Prossimo, last year told The Register that while it's theoretically possible to write memory-safe C++, that's not happening in real-world scenarios because C++ was not designed from the ground up for memory safety.

That baseless claim doesn't pass the smell check. Just because a feature was not rolled out in the mid-90s would that mean that it's not available today? Utter nonsense.

If your paycheck is highly dependent on pushing a specific tool, of course you have a vested interest in diving head-first in a denial pool.

But cargo cult mentality is here to stay.

[–] hunger 9 points 2 months ago (1 children)

If you could reliably write memory safe code in C++, why do devs put memory safety issues intontheir code bases then?

Even highly paid (and probably skilled) devs in the IT industry manage to mess that up pretty regularly. Even if it was: devs using memory safe languages make much fewer mistakes wrt. managing memory... so that tooling does seem to help them at least more than the C++ tooling helps the C++ devs.

[–] lysdexic -3 points 2 months ago (1 children)

If you could reliably write memory safe code in C++, why do devs put memory safety issues intontheir code bases then?

That's a question you can ask to the guys promoting the adoption of languages marketed based on memory safety arguments. I mean, even Rust has a fair share of CVEs whose root cause is unsafe memory management.

[–] FizzyOrange 2 points 2 months ago (1 children)

No it doesn't, that's bullshit.

[–] sukhmel 3 points 2 months ago (1 children)
[–] robinm 3 points 2 months ago

The fact that rustc has bugs (which is what cve-rs exploit) doesn't invalidate that rust the language is memory safe.

load more comments (23 replies)