It's really easy to criticize. Why don't you rewrite curl yourself? Instead of talking do something. In language that is memory safe + supports all the platforms that curl support (good luck with that) and same time is as efficient.
Yes, that's the point of this discussion. We are not criticising some code for having one bug a decade that requires 24 steps to reproduce, we are criticising code for having numerous bugs that are easily preventable with existing technology. Its way easier than it should be.
I have no personal need for rewriting curl. Instead I am using libraries written in safer language. You are misaddressing my criticism. I am not criticising curl author for using C - just some of his arguments for doing so the way he does. They are not valid in my opinion. There might be reasons for distributing code as C source, there is no reason for networking library to be written in C directly.
> In language that is memory safe + supports all the platforms that curl support
There are languages safer than C that compile to C, supporting all platform C does. No luck is needed.
> There are languages safer than C that compile to C, supporting all platform C does. No luck is needed.
I think you are living in theory world, but you don't have any practice. Show me 10 examples of C code (>10KLOC) that was generated by those "safe languages" that compile to C which is safe, as time and space efficient as equivalent hand written, highly optimized C code.