
Ask HN: What is the best way to construct safe and secure C code - wean_irdeh
Despite the resurgence of safe language that prevent common pitfalls in C language like Rust and Ada, things like Linux and NetBSD are still written in C. What is the best way to construct safe and secure C code for contribution to Linux or NetBSD? Preferably free solution
======
mmphosis
What is the problem? Even extremely type safe pure functional languages have
problems that C doesn't have. It depends on the problem, the context.

I can't think of much related to C code specifically. C code has it's pitfalls
for sure, but with discipline (a lot of discipline) most can be avoided. There
are tools. Find out about them. Try them. Learn about what they can do for
you. Use them as part of your builds.

Don't rely on tools because even with these tools, the best way is finding out
the other things the tools can't catch -- and these are not at all obvious. I
was just thinking of some of Daniel J. Bernstein's code and even the few flaws
found in it. _It also shows how hard it is to be sure of the correctness of
any length of program without trying to run it._

Read.

What is it that is not working?

What do you need?

Ask: What needs to be done?

Keep It Simple Smart (KISS)

Learn what not to do.

 _There are no ready answers._

