
Guide to avoiding vulnerabilities in programming languages [pdf] - ingve
http://www.open-std.org/jtc1/sc22/wg23/docs/ISO-IECJTC1-SC22-WG23_N0751-tr24772-1-after-pre-meeting-51-webex-20171016.pdf
======
runeks
Isn’t the issue that most programmers _know_ what to avoid, and yet they make
mistakes when writing code anyway. Mistakes they would quickly realize if
someone pointed it out to them.

Seems to me like safe languages is the real solution to this: make the
compiler memorize this document, and have it tell the programmer when he’s
made a mistake.

If you’re in the business of writing safety-critical code, relying on humans
not making mistakes seems naive at best.

~~~
catnaroek
> Isn’t the issue that most programmers _know_ what to avoid, and yet they
> make mistakes when writing code anyway.

There's some dose of truth to this, but the statement requires further
elaboration to illustrate the complete picture. Programmers understand
_informally_ and _intuitively_ what to avoid, yet we make serious mistakes
when writing code anyway, because we are all stuck at the prerigorous[0] stage
of understanding programming languages. Unfortunately, so long as our
languages don't have a formal semantics, there is no way to reach the rigorous
stage, let alone the postrigorous stage. (There is no path connecting the
prerigorous and postrigorous stages that doesn't pass through the rigorous
stage.)

[0] [https://terrytao.wordpress.com/career-
advice/there%E2%80%99s...](https://terrytao.wordpress.com/career-
advice/there%E2%80%99s-more-to-mathematics-than-rigour-and-proofs/) .

> Seems to me like safe languages is the real solution to this

Safe languages are one solution, perhaps the most useful one in the vast
majority of cases. However, legitimate use cases for unsafe languages do
exist, and we need workable solutions for those cases. That being said, I
don't think an informal English document could be such a solution.

------
BudVVeezer
The title is incorrect, it's WG23, not WG32.

~~~
colejohnson66
Is there an explanation for why that happens to even non-dyslexics?

~~~
astrobe_
There are tons of explanations. If you want a fancy one: depending on whether
you type 23 on the numeric row with your left hand or on the numeric keypad
with your right hand, the finger order is reversed.

~~~
chmike
Exactly. This happens to me frequently.

