Hacker News new | past | comments | ask | show | jobs | submit login

> I can write a safe C++ app on my own >> But only if you don't use any external libraries

using an external library is not "on your own"




Can you use the STL? What boundary is considered trusted?


The point i was making is that such boundary doesn't exist - no one can write everything "on their own".

Therefore, language features to prevent a class of exploits should be a high priority when considering a project.


I can trust the compiler... I hope?



Not at all, check the Linux 5.0 bug introduced by a gcc "optimization" regarding UB.


Use CompCert! (And C instead of C++)


Don't most people link at least with basic libraries to help with I/O and other standard operating system interfaces?

Do many people really use the kernel syscall interface directly?




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: