this post was submitted on 14 Jun 2024
672 points (93.0% liked)

Programmer Humor

19503 readers
1268 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 1 year ago
MODERATORS
 

Stop comparing programming languages

  • Python is versatile
  • JavaScript is powerful
  • Ruby is elegant
  • C is essential
  • C++
  • Java is robust
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 2 points 4 months ago (1 children)

How? They go where they point, or to NULL, and can be moved by arithmetic. If you move them where they shouldn't go, bad things happen. If you deference NULL, bad things happen. That's it.

what part of that is explicit to how scanf works?

[–] [email protected] 2 points 4 months ago (1 children)

I suppose if you treat scanf as a blackbox, then yeah, that would be confusing. If you know that it's copying information into the buffer you gave it, obviously you cant fit more data into it than it's sized for, and so the pointer must be wandering out of range.

Maybe C would be better without stdlib, in that sense. Like, obviously it would be harder to use, but you couldn't possibly be surprised by a library function's lack of safeness if there were none.

[–] [email protected] 1 points 4 months ago* (last edited 4 months ago) (1 children)

yeah i mean if you grok the underlying workings of scanf then there's no problem

i'd just argue that the problem is understanding what you need to understand is the problem with straight c, and with any language like c++ where you're liable to shoot thineself in thy foot

[–] [email protected] 1 points 4 months ago

I'm wondering now how much you could add without introducing any footguns. I'd guess quite a bit, but I can't really prove it. Smart pointers, at least, seem like the kind of thing that inevitably will have a catch, but you could read in and process text from a file more safely than that, just by implementing some kind of error handling.