[ / / / / / / / / / / / / / ] [ dir / abdl / animu / fur / mde / tingles / vg / vichan / vietnam ]

/tech/ - Technology

Winner of the 68rd Attention-Hungry Games
/d/ - Home of Headswap and Detachable Girl Threads

January 2019 - 8chan Transparency Report
Email
Comment *
File
Password (Randomized for file and post deletion; you may also set your own.)
* = required field[▶ Show post options & limits]
Confused? See the FAQ.
Flag
Oekaki
Show oekaki applet
(replaces files and can be used instead)
Options

Allowed file types:jpg, jpeg, gif, png, webm, mp4, pdf
Max filesize is 16 MB.
Max image dimensions are 15000 x 15000.
You may upload 3 per post.


File: 48b0afc106822e1⋯.jpg (17.05 KB, 248x189, 248:189, 7a4b230d24ae4092d9e74d3b90….jpg)

 No.1027067

>C takes safety and places it into the programmer's hands.

>If there's a problem with a program, it's because the programmer fucked up in one instance.

OH NoNOnoNONo.... OHOHH NOOOONOONONO.... BAHAHAHAHAHHAHAHAHAHAHAHAHAHAHAHAHAHAAHA

https://www.cvedetails.com/vulnerability-search.php?f=1&vendor=&product=&cveid=&msid=&bidno=&cweid=&cvssscoremin=&cvssscoremax=&psy=&psm=&pey=&pem=&usy=&usm=&uey=&uem=&opmemc=1&opov=1

 No.1027070

itt. assblasted rustfags


 No.1027071

Imagine being Rustfag who gets THIS asshurt when someone says bad things about his language


 No.1027072

>>1027070

>>1027071

>damage control

sage negated btw :^^^)


 No.1027074

>>1027067

> a bunch of obscure libraries that no one uses have vulnerabilities

Literally so what? Shit thread tbh.


 No.1027076

File: db31b58d954bfcc⋯.jpeg (50.56 KB, 474x562, 237:281, report.jpeg)


 No.1027077


 No.1027078

>>1027076

>cnile LARPer

sage negated btw


 No.1027080

>op "negates" sages by bumping his own thread

What a fucking nigger


 No.1027081

>>1027077

So only game devs are affected? Coolio, dudeman.


 No.1027083

>>1027080

:^)

>>1027081

>only game devs use compression or images

spotted the LARPer


 No.1027084

>title implies C has vulns

>post links to vulns in libraries written in C

Kill yourself


 No.1027085

File: 1e2b2c34bf74e4c⋯.webm (1.92 MB, 1280x720, 16:9, mark mmmmmmmmmmmmmmmmmmmm….webm)


 No.1027086


 No.1027089

File: 51d25482232dcd0⋯.png (60.58 KB, 217x293, 217:293, Screenshot at 2019-02-04 1….png)

OP is so gay that he bought whole pallet of pic related.


 No.1027090

File: b9f1435e8c34999⋯.jpg (39.03 KB, 500x534, 250:267, not an argument.jpg)

>>1027089

anti saged


 No.1027097

>this whole thread

yikes


 No.1027098

File: 6e180018581030c⋯.gif (1.97 MB, 380x285, 4:3, yikes.gif)

>>1027097

>yikes


 No.1027101

>>1027090

You don't understand what sage is for, faggot


 No.1027104

>>1027101

sage = downboat

anti sage = upboat


 No.1027106

https://www.cvedetails.com/cve/CVE-2018-17182/

>An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.

epic


 No.1027113


 No.1027120

whataboutism is the true mark of the weenie


 No.1027122

File: 5b68b2248fbe264⋯.png (14.93 KB, 472x287, 472:287, Screenshot at 2019-02-04 1….png)

>>1027106

>thinking rewriting it in rust would solve anything


 No.1027123

>>1027122

thanks for spreading the word that C/C++ is harmful


 No.1027125

>>1027123

Call me back when your project gets 20+ years of real world use.


 No.1027126

>>1027125

You mean 20+ years worth of buffer overflows, right?

XD


 No.1027130

>>1027120

>can't respond to an argument

>call it a bad name

>not a weenie


 No.1027135

File: 4c22531c73898bb⋯.png (64.17 KB, 1645x323, 1645:323, Screenshot at 2019-02-04 1….png)

>>1027126

>rust

>2 buffer overflows in 2018 in standard library

>barley anyone uses it

>supposedly prevents buffer overflows by use of safety magic


 No.1027138

>>1027135

>2 buffer overflows in 2018

https://www.cvedetails.com/vulnerability-list/vendor_id-72/product_id-767/year-2018/opov-1/GNU-Glibc.html

>C/C++

>7 buffer overflows in 2018 in standard library

>everybody uses it

>supposedly prevents buffer overflows because programmer are perfect


 No.1027139

>>1027138

>language prevents buffer overflows

>programmer are perfect

nobody makes this argument though.

in a world of swordsmen, you're comparing a single knight order (the knights of "let's be really disciplined and not make mistakes in the first place") with some nunchuck advocates who argue that a non-edged weapon can completely prevent accidental cuts.


 No.1027140

>>1027139

>nobody makes this argument though.

LARPers on /tech/ make this argument everytime this topic comes up. see >>1026759


 No.1027141

>>1027140

no, literally nobody on /tech/ has ever said that programmers

are

perfect or that C++

prevents

buffer overflows. People argue all the time that pursuing perfect gets you there faster than pursuing a tool.


 No.1027142

>>1027141

>no, literally nobody on /tech/ has ever said that programmers are perfect

Yes they have. If you weren't a newfag you would know this.


 No.1027144

>>1027138

>C 13.337% market share

>C++ 8.158% market share

>21.5% total, 7 overflows in std lib - OVF/% = 0.326

>rust 0.360%, 2 overflows in std lib - OVF/% = 5.556

Keep shilling your meme language. Even COBOL has more users than Rust in 2019.


 No.1027145

>>1027142

nah you're just stupid. Next time you encounter what you think is "programmers are perfect", ask it if pajeets are prefect, too. Or if Rust should have a zero buffer overflow record because Rust programmers are also perfect.


 No.1027146

>>1027145

>nah you're just stupid

newfag

>Next time you encounter what you think is "programmers are perfect", ask it if pajeets are prefect, too.

I did. The LARPers replied that pajeets aren't real programmers.


 No.1027159

>>1027083

But that's accurate friendo.


 No.1027160

>>1027159

sage negated


 No.1027163

>>1027067

The whole point of a language is to be tool to make something, if you fuck up that's on you.

C/C++ are like a screwdriver, if you stick it into a electric outlet no shit you are gonna get burned, Rust is like a screwdriver that snaps in half no matter what you do. Having the language itself make your programs unsafe while claiming to do the opposite is completely unacceptable.


 No.1027167

>>1027163

>this is what cniles actually believe

thanks for not saging btw.


 No.1027168

>>1027163

> while claiming to do the opposite

Exactly, and that's after contorting your algorithm to comply with Rust's strict type checking. All that effort, for nothing.


 No.1027170

>>1027168

>type checking is bad

pajeet


 No.1027172

>Rust shillfags shilling their slave mentality language ITT

If you can't design your software to not have buffer overflows, you're a fucking pajeet, full stop. Learn how a fucking computer works so you can write good code that is designed to run on a computer. You Rustfags are going to turn programming into a sandbox where only (((they))) have access to instructions you're not even aware exists because they're (((undocumented))). Oh wait, we already have this shit because so many of you fags just couldn't code to save your lives so you need (((safety))) (gatekeeping) language features.


 No.1027176


 No.1027185

>>1027172

hello friend. Do you agree that programmers are perfect?

Do you think that C++ prevents buffer overflows?


 No.1027187

>>1027185

Of course, fellow cnile!


 No.1027188

>>1027185

>thinking you have to be perfect to not write programs with glaring holes like buffer overflows

Why is the concept of loop invariants so hard for pajeets to understand?


 No.1027190

>>1027188

spotted the LARPer


 No.1027192

>>1027190

???

What's so hard to understand about terminating a loop over a fixed-size buffer?


 No.1027194

>>1027192

Sorry, I'm not a perfect programmer. Please explain it to me, oh all-knowing cnile.


 No.1027199

>>1027194

It's not a trick question. How do you terminate a loop over a fixed-size buffer? Let me make this easier for you:

char buf[50];
for (int i = 0; ... ; ++i)
{
// Copy to buf[i]...
}

What goes into the middle field of the for loop statement to ensure that a buffer overflow does not happen?

Many pajeets fail at this point of the interview. Will you be one of them?


 No.1027201

>>1027194

>Sorry, I'm not a perfect programmer.

You're not even a decent one, as you don't know what a loop invariant is.


 No.1027205

this is a troll thread


 No.1027207

>>1027205

>I was just pretending to be retarded


 No.1027213

>>1027199

char buf[50];
for (int i = 0; i <= 50; ++i)
{
// Copy to buf[i]...
}

Thanks C/C++ for not bounds checking.


 No.1027221

>>1027213

>he can't write a simple for loop

The average numale programmer, everybody.


 No.1027222

>>1027221

>cnile is unable realize he is being mocked

LARPing is a form of braindamage


 No.1027224

File: 4ead23589b5d741⋯.jpg (45.03 KB, 640x451, 640:451, 4ead23589b5d741a91fdc01148….jpg)

>>1027205

Then sage you nigger


 No.1027226

>>1027222

The cnile guy is the LARP spammer. It's like pottery.


 No.1027228

>>1027213

Check yourself before you wreck yourself.


 No.1027229

OP finds out again that everything in IT is vulnerable

If you want to be safe, just don't use any computer at all


 No.1027231

>>1027226

>the absolute retard thinks this is a big revelation


 No.1027240

>>1027172

You sound like a very high level C programmer. What work do you do?


 No.1027244

>>1027240

>he thinks the LARPer knows how to program


 No.1027256

>>1027170

No, Rust's type checking is bad.


 No.1027258

>>1027256

explain


 No.1027262

>>1027213

char buf[50];

int main () {

for (int i = 0; i <= 50; i++) {
buf[i] = 0xFE;
}

return 0;
}
$ cppcheck test.c 
Checking test.c ...
[test.c:9]: (error) Array 'buf[50]' accessed at index 50, which is out of bounds.

>not using cppcheck

>not using -fsanitize=address for dynamic memory


 No.1027276

>>1027067

>>C takes safety and places it into the programmer's hands.

This phrase is sufficient. It illustrates that the two involved parties understand very different things under "safety".

Hence the backing for rust/nu-fox/whatever tranny crusade.


 No.1027278

>>1027144

>1337 marketshare


 No.1027284

>>1027067

Can you read? These are vulnerabilities with programmers implementations. Not the C language.


 No.1027285

File: fb2a117ef79cdbb⋯.png (299.56 KB, 1242x1290, 207:215, typicalRustEvangelist.png)

>>1027284

It was posted by a Rust brainlet, of course they can't read


 No.1027310

>>1027222

>hur hur I was pretending

Being wrong "on purpose" is still being wrong, retard.


 No.1027315

>>1027262

C answer: easily put bugs in your software, and then habitually use tools to notice them and dig them back out.

Modern language (and also Ada) answer: make it harder to put bugs in your software.

In C++ you can use a range template that involves a trillion lines of library code and takes three centuries to compile or something. Ada:

with Ada.Text_IO; use Ada.Text_IO;

procedure Bounds is
Buffer : String (1 .. 50);
begin
for J in Buffer'Range loop
Buffer (J) := Character'Val (J);
end loop;
Put_Line (Buffer);
end Bounds;
as used:
$ ./bounds|od -c
0000000 001 002 003 004 005 006 \a \b \t \n \v \f \r 016 017 020
0000020 021 022 023 024 025 026 027 030 031 032 033 034 035 036 037
0000040 ! " # $ % & ' ( ) * + , - . / 0
0000060 1 2 \n
0000063
Types have lots of attributes and one of the attributes of array types is all of the valid indexes over the type. This is true regardless of the actual indexes of the type: it could be 1 thru 50 as in this example; it could be 0 thru 49; it could be Monday thru Sunday.


 No.1027318

>>1027315

That programming language looks niggerlicious.


 No.1027320

>>1027318

it scores a solid 15/10 for readability. Nothing else comes close. And you can avoid formatting idiosyncrasies with pretty-printed code ala gofmt.

You probably just wallow in stupid shit like using the comma operator to not have to put an assignment on its own line.


 No.1027419

>>1027284

>>1027285

see >>1027138

>>1027315

>>1027320

>ada shill LARPing his irrelevant language in a C/C++ thread

everytime

>You probably just wallow in stupid shit like using the comma operator

based


 No.1027423

to be fair, everything has vulnerabilities

Java: insecure deserialization

PHP: file upload, file inclusion, PHP injection, PHP 5 still in use despite no security updates

C++: easy to write code vulnerable to buffer overflow attacks, pointer issues, etc.

Python: 2.7 no longer gets security updates for things like urllib

JavaScript: frameworks come and go in 6 months, and XSS is super common

HTML5: browser lockers abuse HTML features (along with JS)

XML: XXE attacks (XML External Entities)

show me a programming language or piece of software and I will show you a CVE for it

you must be REALLY new to tech if you think something having a vulnerability means it's an outlier


 No.1027486

>>1027320

>readability

You're joking? It looks like shit. Like all old languages using the being/end, it's verbose/hard to see blocks and those apostrophes look very out of place.

Look at TCL/Rebol if you want reabable.


 No.1027492

>>1027320

Begin/end is verbose more than readable


 No.1027493

>>1027486

Because C is a very modern language amirite.


 No.1027497


 No.1027506

>>1027423

Spark or a lisp dialect? I'm just curious.


 No.1027536

>>1027486

>joking

No. Use Ada for a bit and it's impossible to notice how much more readable it is.

>languages using the being/end

like Ruby? You get a 'begin' with a function, procedure, or declare; mostly you have 'end'. loop ... end loop, for example. end is three letters and the one-byte alternative gets a whole line to its own anyway.

When Ada was introduced in the 80s, it was remarkably verbose compared to other languages. It's not remarkably verbose now. The C++ range template shit is a whole lot more verbose than a 'Range attribute

>apostrophes look very out of place

because of the prevalence shitty languages that use ' for string literals, any kind of default syntax highlighting won't be kind to Ada.

That's not what you'll be looking at normally, dude.

>TCL/Rebol

now this ain't serious.


 No.1027539

>>1027536

>It's not remarkably verbose now.

It is. Stop shilling your shit in a C/C++ thread. Make an Ada thread.


 No.1027541

>>1027539

this is actually a Rust thread.

Which is why it's an Ada thread.


 No.1027542

>>1027541

sage negated


 No.1027554

>>1027144

checked and kek'd


 No.1027559

>>1027536

>like Ruby? You get a 'begin' with a function, procedure, or declare; mostly you have 'end'. loop ... end loop, for example. end is three letters and the one-byte alternative gets a whole line to its own anyway.

How does being a brainlet feels like? Because if you think that the difference between begin/end and braces is the number of chars, you must know.

>>TCL/Rebol

>now this ain't serious.

1) This was about the syntax.

2) Bloatmasters who think that "one PL to rule them all" is better than a high level and low level combination with easy interfacing are just niggers.


 No.1027565

>>1027559

based and anti saged


 No.1027570

>>1027565

and now it's anchored.

>>1027559

>this thing is more verbose than that thing

>but it's not because it's literally longer or anything

>bytes don't matter to the length of a string

because it's vertical space that matters? I feel like someone other than you just finished making that point...

yeah whatever. Ada's amazingly readable and 'end' doesn't contribute to its verbosity at all, and 'begin' is frequently occupying what would be an empty line anyway in another language. Ada as a whole is pretty tolerable; begin/end is just something obvious and easy for you to focus on, since you don't know anything and can't just compare your own code that you've written in one language vs. another.


 No.1027575

>>409188

My point is that it's easy to separate actual content from syntax noise when you don't use words for both. That's why sane syntaxes use punctuation for that.


 No.1027579

>C/C++ thread gets bumplocked

>Rust thread doesn't

Is varg a Rustfag????


 No.1028016

>>1027067

What is the "C/C++" language? I've never heard of it.


 No.1029824

>>1027213

Please, be bait.


 No.1029888

>>1029824

Nope. That is pure C/C++ retardation.




[Return][Go to top][Catalog][Nerve Center][Cancer][Post a Reply]
Delete Post [ ]
[]
[ / / / / / / / / / / / / / ] [ dir / abdl / animu / fur / mde / tingles / vg / vichan / vietnam ]