> For array bounds checking, if you want it, just a write a structure with buffe... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		WalterBright on Aug 27, 2022 \| parent \| context \| favorite \| on: Why aren't there C conferences? (2018) > For array bounds checking, if you want it, just a write a structure with buffer length and a getter setter and it is done. It's so easy, yet buffer overflows remain the #1 problem in shipped C code. > For all small strings that just locally it serves its purpose nicely. Not really. Whenever I review other peoples' C code, I look at their use of strlen/strncpy/strxxx functions. They're a rich source of bugs, and I'll usually find one in it (usually an off-by-one error). They don't have to be large strings, either, to be slow.

up2isomorphism on Aug 28, 2022 [–]

It just means not that many people give a damn about buffer overflows anyway. And put that situation to language’s fault just doesn’t make sense.

You are saying C string is slow, I am telling you short local strings are not slow, please tell me why it is slow in that case?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact