[Cryptography] Ada vs Rust vs safer C
Alfie John
alfie at alfie.wtf
Fri Sep 16 18:46:57 EDT 2016
On Fri, Sep 16, 2016 at 04:31:04PM -0400, Arnold Reinhold wrote:
> To begin with, many of the problems with unsafe code generation have
> to do with the large number of undefined behaviors in C. Since the
> dogma is that undefined means the compiler can do anything its
> developers want, what would it take to develop a supplemental
> specification that defines the most concerning undefined behaviors? What
> would it then take to develop compiler that meets those specifications?
What you're advocating is making a restricted safe-C, which would *not*
be backwards compatible with unsafe-C. But then:
> But there is a vast mount of code already written in C. Converting
> all of it or even a large fraction seems hopeless. For comparison what
> would it take to make a safer C?
>
> Building a safer C seems more doable than converting massive amounts
> of C code, and programers, to new languages.
Having made safe-C, you're still going to have that same mammoth effort
to upgrade to unsafe-C, as it's essentially a new language. So if you're
going to move to a new language, why duplicate effort?
Rust... It comes without footguns.
Alfie
--
Alfie John
https://www.alfie.wtf
More information about the cryptography
mailing list