Fixing programmers

Posted Mar 15, 2019 15:51 UTC (Fri) by rweikusat2 (subscriber, #117920)
In reply to: Fixing programmers by anselm
Parent article: Cook: security things in Linux v5.0

Linux makes heavy use of gcc extensions already, so, their would be little, additional damage done here. Further, my opinion on this is that C would benefit more from proper multiway conditional than from other, invasive additions like threading support, IOW, if someone would implement support for something like this in a compiler I could use, I'd certainly be using it and expect that the standardized language would eventually catch up.

BTW, I've come to dislike if (a = b) warnings as well: Mistyping == as = is another, extremely rare error and some things will always have to be found and fixed via code rewiev and/ or testing. Algorithmic errors are far more common than any kind of syntax misuse.

Fixing programmers

Posted Mar 15, 2019 17:52 UTC (Fri) by anselm (subscriber, #2796) [Link]

Mistyping == as = is another, extremely rare error and some things will always have to be found and fixed via code rewiev and/ or testing.

You want code review and testing, but you also want reasonable compiler warnings. If a developer is made aware of a “==” vs. “=” typo by a compiler warning while they're writing the code in the first place, the issue doesn't even come up in code review or testing (where it would be more expensive, in terms of developer time, to detect and fix). This is what in security circles we call “defense in depth”.

Algorithmic errors are far more common than any kind of syntax misuse.

Yes, but the syntax problems still exist and are often easier to detect and fix. This is like saying garbage in the street is not important because there are millions of children starving in Africa.