Programmer Humor

18971 readers

1343 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

Keep content in english
No advertisements
Posts must be related to programming or programmer topics

founded 1 year ago

MODERATORS

[email protected]

"No way to prevent this" say users of only language where this regularly happens - 07/01/2024 (xeiaso.net)

submitted 1 month ago by [email protected] to c/[email protected]

21 comments fedilink hide all child comments

A shitpost about languages that generate CVEs

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 2 points 1 month ago (2 children)

... the only language where 90% of the world's memory safety vulnerabilities have occurred in the last 50 years

Yeah... That's a shit post alright.

I'm not a C developer myself, but that's just a low blow. Also, uncited ;).

[–] [email protected] 9 points 1 month ago* (last edited 1 month ago) (1 children)

This is an overstatement, definitely. C is one of the few (mainstream) languages where memory safety vulnerabilities are even possible. So if you batch C and C++ together, they probably cover more than 90% of all the memory unsafe cove written in last 50 years, which is a strong implication that they will contribute to 90% of memory vulnerabilities.

All that said, memory vulnerabilities are about 65% of all high implact vulnerabilities on Chromium project^1 and about 70% of vulnerabilities at Microsoft ^2.

[–] [email protected] 2 points 1 month ago

So we'd only fix 70% of vulnerabilities by switching to rust? Not enough! Better keep writing C/C++!

[–] [email protected] 6 points 1 month ago

Yeah the only way it would be that high is if it lumps C and C++ together. But at that point it may be an underestimate.