this post was submitted on 03 Jul 2024

43 points (79.5% liked)

Programmer Humor

18927 readers

1093 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

Keep content in english
No advertisements
Posts must be related to programming or programmer topics

founded 1 year ago

MODERATORS

Feyter@programming.dev

Vacant@programming.dev

anzo@programming.dev

BurningTurtle@programming.dev

43

"No way to prevent this" say users of only language where this regularly happens - 07/01/2024 (xeiaso.net)

submitted 1 month ago by onlinepersona@programming.dev to c/programmer_humor@programming.dev

21 comments fedilink hide all child comments

A shitpost about languages that generate CVEs

you are viewing a single comment's thread
view the rest of the comments

[–] verstra@programming.dev 9 points 1 month ago* (last edited 1 month ago) (1 children)

This is an overstatement, definitely. C is one of the few (mainstream) languages where memory safety vulnerabilities are even possible. So if you batch C and C++ together, they probably cover more than 90% of all the memory unsafe cove written in last 50 years, which is a strong implication that they will contribute to 90% of memory vulnerabilities.

All that said, memory vulnerabilities are about 65% of all high implact vulnerabilities on Chromium project^1 and about 70% of vulnerabilities at Microsoft ^2.

[–] calcopiritus@lemmy.world 2 points 1 month ago

So we'd only fix 70% of vulnerabilities by switching to rust? Not enough! Better keep writing C/C++!