[Cryptography] Ada vs Rust vs safer C

Alfie John alfie at alfie.wtf
Fri Sep 16 18:46:57 EDT 2016


On Fri, Sep 16, 2016 at 04:31:04PM -0400, Arnold Reinhold wrote:
> To begin with, many of the problems with unsafe code generation have
> to do with the large number of undefined behaviors in C.  Since the
> dogma is that undefined means the compiler can do anything its
> developers want, what would it take to develop a supplemental
> specification that defines the most concerning undefined behaviors? What
> would it then take to develop  compiler that meets those specifications?

What you're advocating is making a restricted safe-C, which would *not*
be backwards compatible with unsafe-C. But then:

> But there is a vast mount of code already written in C. Converting
> all of it or even a large fraction seems hopeless. For comparison what
> would it take to make a safer C?
>
> Building a safer C seems more doable than converting massive amounts
> of C code, and programers, to new languages.

Having made safe-C, you're still going to have that same mammoth effort
to upgrade to unsafe-C, as it's essentially a new language. So if you're
going to move to a new language, why duplicate effort?

Rust... It comes without footguns.

Alfie

-- 
Alfie John
https://www.alfie.wtf


More information about the cryptography mailing list