[Info-vax] VAX Macro to C conversion
Arne Vajhøj
arne at vajhoej.dk
Wed Jul 10 14:05:01 EDT 2019
On 7/10/2019 10:52 AM, Bill Gunshannon wrote:
> On 7/10/19 10:50 AM, Bill Gunshannon wrote:
>> On 7/10/19 10:06 AM, Scott Dorsey wrote:
>>> Bill Gunshannon <bill.gunshannon at gmail.com> wrote:
>>>>
>>>>> * no string type
>>>>
>>>> So what? What's so great about a string type? Fortran
>>>> didn't have it until 77. Pascal didn't have it until UCSD.
>>>
>>> Some of Arne's complaints about C are kind of silly, but this is a
>>> really
>>> huge one.
>>>
>>> If you look at CERT advisories regarding security vulnerabilities in the
>>> past few decades, you will see that the vast majority of them are the
>>> direct
>>> consequence of poor management of null-terminated strings.
>>>
>>> I know, the null-terminated string thing seemed like a good idea, and
>>> easy
>>> to graft onto C, but in the end it has been a terrible, terrible plan
>>> and
>>> has cost us greatly.
>>
>> 1. Null Terminated Strings are not unique to C.
>> 2. The competent programmer knows all of this in the first place
>> and should write his programs accordingly. Just because the
>> language doesn't range check automatically (COBOL doesn't
>> either, probably for the same reason) doesn't mean the
>> programmer can't or shouldn't.
>>
>> Read my lips. It's not the language.
>
> I should also have mentioned that while Pascal did have range
> checking UCSD Pascal added the ability to turn it off. And I
> have worked on programs where this was required to get the job
> done.
Lots of languages have abilities to turn off various
safety checks.
C# and Rust have a pretty cool way of doing that in limited scope.
That rarely causes problems if used selectively. Because if it is
only turned off at a specific place in the code for specific
reason, then that get a lot of attention.
Arne
More information about the Info-vax
mailing list