Return to the
comp.compilers page.
Search the
comp.compilers archives again.
| From: | conway@cs.mu.OZ.AU (Thomas Charles CONWAY) |
| Newsgroups: | comp.compilers |
| Date: | 16 Aug 1998 22:49:55 -0400 |
| Organization: | Computer Science, The University of Melbourne |
| References: | 98-07-242 98-07-246 98-08-014 98-08-029 98-08-081 |
| Keywords: | C, practice, comment |
eodell@pobox.com (Eric O'Dell) writes:
[that overflowing buffers are the fault of the programmer
not the language]
Well, the same kind of argument can be used to say that assembly is
just as secure as a high level language, since errors such as getting
two registers mixed up (or whatever) is the fault of the programmer,
not the language, yet the vast majority of people agree that high
level languages *are* more secure than assembly.
I guess the bottom line is that if the design of the language can help
me avoid errors in the first place, then this is a good thing. Of
course, in some sense, the more errors it prevents, the less
expressive it is, however we hope that careful language design results
in a language that lets you conveniently express all the
good/useful/interesting programs in some domain, but prevents you from
writing the buggy/insecure/wrong ones, such as all those that contain
possible buffer overruns. :-)
Another example of how language design can avoid a class of errors is
that in Mercury, the compiler checks the `modes' in the program. One
view of this checking is that by doing it the compiler disallows
programs that contain unintitialized variable bugs. In C, this kind of
static proof is impossible.
Thomas
--
Thomas Conway <conway@cs.mu.oz.au>
[Please, let's try not to drift away from compiler topics. We all know
that Fortran programmers can write Fortran programs in any language,
that's not news. -John]
--
Return to the
comp.compilers page.
Search the
comp.compilers archives again.