Secure Coding mailing list archives
Why Shouldn't I use C++?
From: bencorneau at adelphia.net (Ben Corneau)
Date: Tue, 31 Oct 2006 21:08:11 -0500
From time to time on this list, the recommendation is made to never user C++
when given a choice (most recently by Crispin Cowan in the "re-writing college books" thread). This is a recommendation I do not understand. Now, I'm not an expert C++ programmer or Java or C# programmer and as you may have guessed based on the question, I'm not an expert on secure coding either. I'm also not disagreeing with the recommendation; I would just like a better understanding. I understand that C++ allows unsafe operations, like buffer overflows. However, if you are a halfway decent C++ programmer buffer overflows can easily be avoided, true? If you use the STL containers and follow basic good programming practices of C++ instead of using C-Arrays and pointer arithmetic then the unsafe C features are no longer an issue? C and C++ are very different. Using C++ like C is arguable unsafe, but when it's used as it was intended can't C++ too be considered for secure programming? Ben Corneau
Current thread:
- Why Shouldn't I use C++? Ben Corneau (Oct 31)
- Why Shouldn't I use C++? Robert C. Seacord (Nov 01)
- Why Shouldn't I use C++? ljknews (Nov 01)
- Why Shouldn't I use C++? Leichter, Jerry (Nov 01)
- Why Shouldn't I use C++? Crispin Cowan (Nov 02)
- <Possible follow-ups>
- Why Shouldn't I use C++? Peter Amey (Nov 01)
- Why Shouldn't I use C++? Gary McGraw (Nov 01)