Secure Coding mailing list archives
Programming language comparison?
From: ljknews at mac.com (ljknews)
Date: Mon, 4 Feb 2008 20:51:36 -0500
At 4:41 PM -0500 2/4/08, Steven M. Christey wrote:
On Mon, 4 Feb 2008, Robert A. Martin wrote:You still need to add to that issues that apply to all languages versus these lists of language specific weaknesses and C and C++ have significant overlap given their relationship.There is an important point to keep in mind when using the (current) CWE views. Some weaknesses have been marked with an "All Languages" tag, even though they might be more prevalent in certain languages. For example, format string problems can happen in any language that uses format strings ("%99999999s" to fill up disk or memory, anybody?), so it's marked with "All" and it's not in the C-specific view, even though there's a heavy concentration of format strings in C/C++.
It is marked as "All" ? What is the construct in Ada that has such a risk ? -- Larry Kilgallen
Current thread:
- Programming language comparison? Vincent Verhagen (Feb 04)
- Programming language comparison? Robert A. Martin (Feb 04)
- Programming language comparison? Steven M. Christey (Feb 04)
- Programming language comparison? ljknews (Feb 04)
- Programming language comparison? Steven M. Christey (Feb 05)
- Programming language comparison? Robert C. Seacord (Feb 05)
- Programming language comparison? ljknews (Feb 05)
- Programming language comparison? Pete Shanahan (Feb 06)
- Programming language comparison? Shea, Brian A (Feb 06)
- Programming language comparison? Steven M. Christey (Feb 04)
- Programming language comparison? Robert A. Martin (Feb 04)