Linked by Thom Holwerda on Thu 23rd May 2013 23:22 UTC
X11, Window Managers "Ilja van Sprundel, a security researcher with IOActive, has discovered a large number of issues in the way various X client libraries handle the responses they receive from servers, and has worked with X.Org's security team to analyze, confirm, and fix these issues."
Thread beginning with comment 562599
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[5]: Overflowing
by moondevil on Fri 24th May 2013 11:31 UTC in reply to "RE[4]: Overflowing"
moondevil
Member since:
2005-07-08

But it can still be controlled, while in C and C++ given the implicit decay of arrays into pointers and how many developers micro-optimize by using pointer arithmetic that is very hard to validate.

Even in compilers that have extensions for bounds checking.

Reply Parent Score: 2

RE[6]: Overflowing
by kwan_e on Fri 24th May 2013 11:31 in reply to "RE[5]: Overflowing"
kwan_e Member since:
2007-02-18

std::array

But the point of my earlier comment was that it's a useful thing to know for those not familiar with Ada so people don't get caught out.

Edited 2013-05-24 11:34 UTC

Reply Parent Score: 2

RE[7]: Overflowing
by moondevil on Fri 24th May 2013 11:53 in reply to "RE[6]: Overflowing"
moondevil Member since:
2005-07-08

std::array


Sure. I only place C++ in the same league as C due to its C foundation and it being unsafe by default.

Truth is, that C++ standard library offers ways to do safe programming and modern C++ is quite good, but there are still many companies out there that forbid modern C++ practices. ;)

I only touched C one year long back in 1993/4, then jumped straight into C++, only using C when required to do so in university assignments and a project back in 2000.

I felt more at home in C++ as a Object Pascal refugee than with C.

Reply Parent Score: 2