Hacker News new | past | comments | ask | show | jobs | submit login

> C code and the mental model you need to understand it is much simpler than the higher level languages.

Only if you manage simple buffers and do shallow processing with them

String management, network connections, data structures, this is simpler literally everywhere else

> It's also fun to write data-structures yourself instead

True, but it's more fun in C++, warts and all. And not when time is money




I think people use the word "simple" to mean different things. You mean "easy to do," while other people mean "easy to understand what's happening." C lovers love the second definition of simple.


“C lovers” love the appearance of understanding what happens. At the end of the day they still feed their programs to awe inspiring optimizing compilers. Sure, they can probably explain what any snippet of code in their program does, but they can’t tell what, if anything, from that snippet is executed by the machine.


Only if they happen to know by heart the 200 use cases of UB documented in the ISO C standard.


You only need to know, by heart, _a_ list (even a subset) of the documented behaviour of C, you can simply refer to the standard whenever you happen upon something not in your list of known good (or known undefined) behaviour. It's entirely possible to, assuming you can keep this up honestly, write perfectly well defined C without hitting undefined behaviour. It is equivalent to writing brainfuck in a language which is a strict superset of brainfuck. As long as you pick a turing complete subset of C to know the semantics of off by heart, you can write perfectly safe C (the only obstacle being human fallibility). The idea that you need to learn all the documented undefined behaviours in C is a myth and is, in fact, fundamentally wrong on the basis that the documented undefined behaviours in the C standard are only an infinitesimal subset of the set of undefined behaviours in C given that anything not explicitly defined by the C standard is automatically undefined.


There is the theory, and then there is the practice when we do security assessments and pentesting.


Your response makes no sense.

There is no theory.

It's really simple, actually:

If you have a mine-field with an uncountable number of mines, knowing the locations of 200 mines won't help you cross the mine-field safely. If, instead, you learn how to spot areas which are known to be safe, you can, assuming you don't make a mistake, at least attempt to cross it safely (and if you fail to cross it, you can go back and learn how to spot other areas which are known to be safe).

That is the difference between your claim that you need to know all the documented instances of UB and my claim that you just need to know enough defined behaviour to write your program.

It has nothing to do with security assessments or pentests.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: