A shitpost about languages that generate CVEs

  • BatmanAoD
    link
    fedilink
    arrow-up
    28
    ·
    5 months ago

    The trope will be “old” once the mainstream view is no longer that C-style memory management is “good enough”.

    That said, this particular vulnerability was primarily due to how signals work, which I understand to be kind of unavoidably terrible in any language.

    • 5C5C5C
      link
      fedilink
      arrow-up
      6
      arrow-down
      1
      ·
      5 months ago

      A better language wouldn’t have any need to use POSIX signals in this way.

      • BatmanAoD
        link
        fedilink
        arrow-up
        9
        ·
        5 months ago

        I’m not totally clear on why signals are used here in the first place. Arguably most C code doesn’t “need” to use signals in complex ways, either.