this post was submitted on 03 Jul 2024
46 points (80.3% liked)

Programmer Humor

19557 readers
1029 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 1 year ago
MODERATORS
 

A shitpost about languages that generate CVEs

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 9 points 4 months ago* (last edited 4 months ago) (1 children)

This is an overstatement, definitely. C is one of the few (mainstream) languages where memory safety vulnerabilities are even possible. So if you batch C and C++ together, they probably cover more than 90% of all the memory unsafe cove written in last 50 years, which is a strong implication that they will contribute to 90% of memory vulnerabilities.

All that said, memory vulnerabilities are about 65% of all high implact vulnerabilities on Chromium project^1 and about 70% of vulnerabilities at Microsoft ^2.

[โ€“] [email protected] 2 points 4 months ago

So we'd only fix 70% of vulnerabilities by switching to rust? Not enough! Better keep writing C/C++!