[Cryptography] Questions of taste on UDF presentation
jamesd at echeque.com
jamesd at echeque.com
Thu Feb 21 03:34:55 EST 2019
On 2019-02-18 02:22, Phillip Hallam-Baker wrote:
> Stop using C/C++, use Java, C# or any modern language that has array
> bounds checking built in and 99% of the current attack vectors are shut
> immediately.
Modern C++ has optional array bounds checking and automatic memory
management, though the traditional collection of broken glass and razor
blades is still present for backwards compatibility, and arrays with
known size decay into bare pointers if you use the old idioms for
accessing data.
If you do all your pointer arithmetic using modern idioms and spans, you
can get array bounds checking with no runtime cost or insignificant
runtime cost.
More information about the cryptography
mailing list