this post was submitted on 17 Sep 2024
34 points (94.7% liked)

C++

1718 readers
47 users here now

The center for all discussion and news regarding C++.

Rules

founded 1 year ago
MODERATORS
farados@vlemmy.net
Nihili0@programming.dev
lysdexic@programming.dev
34
The empire of C++ strikes back with Safe C++ blueprint (www.theregister.com)
submitted 2 days ago* (last edited 2 days ago) by cmeerw@programming.dev to c/cpp@programming.dev
33 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] lysdexic@programming.dev 1 points 2 days ago* (last edited 2 days ago) (21 children)

From the article.

Josh Aas, co-founder and executive director of the Internet Security Research Group (ISRG), which oversees a memory safety initiative called Prossimo, last year told The Register that while it's theoretically possible to write memory-safe C++, that's not happening in real-world scenarios because C++ was not designed from the ground up for memory safety.

That baseless claim doesn't pass the smell check. Just because a feature was not rolled out in the mid-90s would that mean that it's not available today? Utter nonsense.

If your paycheck is highly dependent on pushing a specific tool, of course you have a vested interest in diving head-first in a denial pool.

But cargo cult mentality is here to stay.

[–] hunger@programming.dev 10 points 2 days ago (4 children)

If you could reliably write memory safe code in C++, why do devs put memory safety issues intontheir code bases then?

Even highly paid (and probably skilled) devs in the IT industry manage to mess that up pretty regularly. Even if it was: devs using memory safe languages make much fewer mistakes wrt. managing memory... so that tooling does seem to help them at least more than the C++ tooling helps the C++ devs.

[–] lysdexic@programming.dev -4 points 2 days ago (1 children)

If you could reliably write memory safe code in C++, why do devs put memory safety issues intontheir code bases then?

That's a question you can ask to the guys promoting the adoption of languages marketed based on memory safety arguments. I mean, even Rust has a fair share of CVEs whose root cause is unsafe memory management.

[–] FizzyOrange@programming.dev 2 points 2 days ago (1 children)

No it doesn't, that's bullshit.

[–] sukhmel@programming.dev 2 points 2 days ago (1 children)

Well, there is cve-rs, just sayin'

[–] robinm@programming.dev 2 points 15 hours ago

The fact that rustc has bugs (which is what cve-rs exploit) doesn't invalidate that rust the language is memory safe.

load more comments (2 replies)
load more comments (18 replies)