The C23 edition of Modern C

(gustedt.wordpress.com)

515 points bwidlar | 2 comments | 15 Oct 24 16:06 UTC | HN request time: 0.452s | source

Show context

ralphc ◴[15 Oct 24 18:30 UTC] No.41851601[source]▶

>>41850017 (OP) #

How does "Modern" C compare safety-wise to Rust or Zig?

replies(4): >>41852048 #>>41852113 #>>41852498 #>>41856856 #

WalterBright ◴[15 Oct 24 19:18 UTC] No.41852113[source]▶

>>41851601 #

Modern C still promptly decays an array to a pointer, so no array bounds checking is possible.

D does not decay arrays, so D has array bounds checking.

Note that array overflow bugs are consistently the #1 problem with shipped C code, by a wide margin.

replies(2): >>41852316 #>>41857792 #

1. sdk77 ◴[16 Oct 24 11:15 UTC] No.41857792[source]▶

>>41852113 #

The thing is though that even with array bounds checking built into the language, out of bounds access due to programming error can still be attempted. Only this time it's safer because an attacker can't use the bug (which still exists) to access memory outside of bounds. In any case, the program still doesn't work as intended (has bugs) because the programmer has attempted, or allowed the attempt, to access out of bounds memory.

Writing safe code is better than depending on safety features. Writing safe code is possible in any programming language, the only things required are good design principles and discipline (i.e. solid engineering).

replies(1): >>41862256 #

2. WalterBright ◴[16 Oct 24 18:36 UTC] No.41862256[source]▶

>>41857792 (TP) #

In practice in C, that does not work because array overflow bugs are still the #1 bug in shipped C code, by a wide margin.

↑