• refalo@programming.dev
    link
    fedilink
    arrow-up
    15
    arrow-down
    14
    ·
    6 months ago

    Hard disagree. Safe C++ code can be written quite easily these days. And better tools are coming out all the time.

    • twei
      link
      fedilink
      arrow-up
      15
      arrow-down
      3
      ·
      6 months ago

      Yes, but there’s a difference between “you can write safe code” and “the compiler will come for your family the next time you make a mistake”

      • refalo@programming.dev
        link
        fedilink
        arrow-up
        9
        arrow-down
        4
        ·
        6 months ago

        rust isn’t a magic bullet either, it still doesn’t protect against a whole host of problems, like stack overflows, out of memory/bitflips, logic errors, memory leaks, unrecoverable errors/panics etc., and many projects are full of unsafe context rust code anyways.

        • twei
          link
          fedilink
          arrow-up
          9
          arrow-down
          2
          ·
          6 months ago

          That cannot be true, i used #![forbid(unsafe_code)]

          Jokes aside: yes, Rust (and Go) wont magically resolve SQL Injections, but if we remember that about 70% of bugs are related to memory safety, using Rust (or Go) will make your code at least somewhat safer

          • Kajika@lemmy.ml
            link
            fedilink
            arrow-up
            2
            ·
            6 months ago

            And C++, just checked the wiki and the 2 example of openssh’s heartbleed and sudo, both in C. Not C++. As expected.

            • twei
              link
              fedilink
              arrow-up
              2
              ·
              6 months ago

              By that logic scratch would be the safest language out there (or can you tell me the last time a program written/built in scratch had a bug that affected millions of ppl around the world)