Re: at the risk of another flamefest..

[scoile () patriot net (Steve \)]

On Tue, 16 Jul 1996, David Stagner wrote:
[...]
> Case in point: programmers shouldn't HAVE to explicitly bounds-check
> every array operation in order to avoid security problems.  The language
> should be able to handle overflow on its own.  Explicitly checking every
> operation introduces potential bugs, and is a clear violation of KISS.

Depends on your perspective.  Adding bounds checking to C makes the
language must *less* simple than it already is.

C was designed (as I understand it) to be little more than structured
assembly.  An initial design goal was to keep the language simple
(small instruction set, very little done behind the scenes except for
optimization), flexible (weak typing), and *FAST*.  Bounds checking
slows things down, and is thus contradictory to the original design goals.

On the one hand, I agree that bounds-checking would be helpful, since it
would reduce the burden on the programmer.  On the other hand, unless
there's a way to disable it on a variable-by-variable or even on an
operation-by-operation basis (or if the optimizer is capable enough to
disable it when unnecessary), you lose some of the speed benefits of
using C.

-Steve Coile
 Systems Engineer, Patriot Computer Group