The proof is in the performance. Follow Bugtraq for a month and count the
number of buffer overflows discovered. Many of these are in stable releases
of mature programs. Now, why?
It is possible to write C code free of bugs. It is even possible to manage a large
C projects with many programmers and have it free from memory bugs, but it
is not easy. It becomes particularly hard as application complexity grows, with
many dynamically sized data elements getting passed around.
Now, there are languages out there that can guarantee that you won't overflow
a buffer. Java is such, although insufficient for kernel work. But Java is really
a rather new player in this arena. Languages such as Eiffel and Ada have given
us safe abstractions for many years. Even C++, if used with a good class library,
will help you avoid many of the stupid buffer problems that plague C.
Sure, a skilled C programmer can invest enough effort to avoid these problems.
However, with better tools he need invest much less effort, and in some cases
the compiler can guarantee safety.
-- Jeffrey Straszheim
[ Parent ]