lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: lcamtuf at ghettot.org (Michal Zalewski)
Subject: Re: C initialization of static objects (was:
 ALERT ALERT ALERT! google under attack ALERT ALERT ALERT!)

On Sun, 15 Sep 2002 silvio@....net.au wrote:

> 	if i see a declaration, without an initialization, then
> 	i assume it is not required and will be initialized at some
> 	later point through calculation or input.

Yes, this is the logical solution, but C isn't this way most of the time.
It is logical, but it's a side effect of being very close to the machine
level. Hardcore C programmers often say that C is a structural assembler
with macros. It's silly, but people code in it because they can type "int
foo;" (heh, some cases they can just type "foo;" and have it defaulted to
int), and it's initialized to zero, thus saving them from typing two to
six extra characters. And I adore it, C is my language of choice because
it is possible to code hundred lines of code really fast.

> implicit initialization does _not_ simplify code.  it makes it shorter
> by a few characters.  That does not imply the code is more
> understandable and therefore simpler.

I'm not saying it's easier to understand this way. Au contrare. But C is
NOT a language that was/is supposed to be readable, clean, neat, nice,
make the code fault-proof, eradicate common programming mistakes, etc,
etc. And this fact is the only reason why C is so popular. It's ugly and
fast. It's not nice, it is not cheap to maintain the code, it is not
simple to make it bug-free. There are languages that make it possible, yet
they are not popular.

Pascal definitely was a neat, clean language with decent typing, simple
and clean syntax, high readability and many other virtues. Yet most people
who started with Pascal moved to C as a next step, because C was shorter
and less picky. Offspring of FORTRAN and Pascal is still alive, but used
in rather specialized applications or, more and more seldom, for teaching.

>> Ok, it's not ellegant, but this is exactly what makes C so popular and
> bah.  C _is_ elegant in many respects..

In what aspect is C more elegant than many other languages? IOCCC is, of
course, neat, but I do not mean that. Almost every complex task is getting
complex and unreadable in C, unless you put some significant effort in
keeping the code clean. In many other languages, the code is clean unless
you put a significant effort in making it unreadable (see Ada). The only
problem: such languages take more time to learn and master, and even then,
coding is much slower.

> the language allows for many things.. but most of them should be anally
> explicity programmed, to leave as little room for error IMHO.

Once again, this is not the way C works. To leave little space for error,
it should have elaborate types, strong typing, range checking, less
implicit conversions, cleaner arithmetics - it's not immediately obvious
that foo/5 does not have to be equal to foo/5.0, and so many more things.
All this unless you explictly say you don't want this feature at this
particular line. But it's hopeless - you can create "C-Safe", and it will
be destined to fail.

> almost every language can be abused, but strict programming and
> following decent practices, you can definately avoid more problems than
> not by following such guides.

C is not designed for clean programming. You can write nice code in C, but
it's hard. It's much harder than writing bad code. There are languages
that are more difficult to write in than to read, and that force the
programmer to write in a nice way. C encourages to write fast.

> well C is elegant.. its portable..

No, it isn't, beyond printf("Hello world!\n"). It's only portable because
it has a compiler on every decent platforms, but compilers differ; APIs
differ even more; plus, you have to remember about endians... there are
portable languages that do not have #ifdefs and other precompiler
constructions at all. In C, portability and #ifdefs are pretty much
synonymous ;-) C is too close to the machine to be portable.

> readability is interesting.. i think well written C is very readable.

Makes what, 1%? Wonder how many people dream of procmail sources when they
have nightmares...

-- 
_____________________________________________________
Michal Zalewski [lcamtuf@....bindview.com] [security]
[http://lcamtuf.coredump.cx] <=-=> bash$ :(){ :|:&};:
=-=> Did you know that clones never use mirrors? <=-=
          http://lcamtuf.coredump.cx/photo/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ