Originally posted by mdedetrich
View Post
Originally posted by mdedetrich
View Post
Originally posted by mdedetrich
View Post
By not counting the fault the compiler catches is being fair. Yes the C language was not modified to prevent particular problems instead the compiler was the result is different.
There is a difference between in theory better and real world provable better. Counting the flaws that you could do by theory using the C language specification does mean a person can still use them.
Originally posted by mdedetrich
View Post
Smart pointers go wrong because they are based on C pointers. Lot of modern C++ so called fixes to C CVE when you look closer they are not a generic fix just like Smart pointers there is now a harder to see corner case.
Modern C++ does not have a mathematical proof to prove it safe. So its like using rust constantly in unsafe mode in fact C++ way more dangerous in a lot of ways due to how many hidden operations are defined into Modern C++ like the smart pointer one free when X counter gets to zero so now is freeing memory at a point programmer many not be expecting.
mdedetrich the reality when you look at code that will build on modern day compilers C++ is no safer than C in fact C++ can be less safe than C due to how hard to see the faults are due to hidden operations.
The hard reality is modern C++ stuff has not really fixed the problems. Just like AddressSanitizer does not find all the C memory errors. The problem here is modern C++ adds it own set of issues that result in for every C issue modern C++ fixes that would not be detected by compilers the modern c++ creates at least 1 more fault to replace it.
I would love for the C++ standard to admit that smart pointers are screwed and move to something that could in fact work in all cases or at least works in safe code always. Yes this could be mandating tooling on compilers by making particular usages of smart pointers illegal by standard. Yes it perfectly legal to C++ standard to double safe pointer the same C pointer so creating use after free by C++ standard and compilers have not chosen to forbid it at this stage. There are issues with modern C++ standard threading and other things that also create hard to see CVE issues in code.
C++ like it or not is not a solution in it current form. Claiming C++ is better than C when looking at real world usage does not hold up. By accepting the false fact that C++ is safer than C means there is no pressure back on the C++ standard to fix the standard to truly be better than C.
Comment