RE: opinion, ACM Queue: Buffer Overrun Madness

["Peter Amey" <peter.amey () praxis-cs co uk>]

der Mouse (Maus surely?) wrote
[snip]
> Well, actually, but for the world's addiction to sloppy coding.
>
> It's entirely possible to avoid buffer overflows in C; it 
> just requires
> a little care in coding.  C's major failing in this regard - and I
> don't actually consider it all that major - is that it doesn't provide
> any tools to help.  It assumes that you the programmer know 
> what you're
> doing, and the mismatch between that and the common reality is where
> the problem actually comes from.


I dislike this commonly-used argument that essentially says "you should only employ above average people who don't make 
mistakes".  It is flawed on lots of levels.

1.  On average ability over our industry is average!
2.  Even brilliant, infallible programmers like me make mishtukes shummtimes.
3.  Even if above average, non-sloppy programmers can avoid mistakes, the effort they spend doing so is a distraction 
from their real job of solving the problem the program is intended for.
4.  The levels of mental abstraction needed to solve an application domain problem and to worry about operator 
precedence and buffer overflow are completely different; there is good evidence that humans don't work well at more 
than one abstraction level at a time.

> All that a "better" language will bring you in this regard is that it
> will (a) push the sloppiness into places the compiler can't check and
> (b) change the ways things break when confronted with input beyond the
> design underlying their code.

This sounds like the Syrius Cybernetics defence (from the Hitch Hiker's Guide to the Galaxy);  essentially you seem to 
be saying it is OK if all the deep and complex flaws in a product are completely obscured by all the shallow and 
obvious ones.  You can't assume that the sloppy programmer in C /only/ introduces shallow errors.

In practice, well designed languages can do much more than you claim.  They can completely eliminate whole classes of 
error that currently exercise our attention, make sloppiness very hard to conceal and make it much easier to find any 
subtle errors that remain.

Peter


**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.  The IT Department at Praxis Critical Systems can be contacted at [EMAIL PROTECTED]
This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.
www.mimesweeper.com
**********************************************************************


________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The
service is powered by MessageLabs. For more information on a proactive
anti-virus service working around the clock, around the globe, visit:
http://www.star.net.uk
________________________________________________________________________