|
|
|
|
|
|
by wuch
3236 days ago
|
|
|
In C++, you can for example: 1. Manage resources with RAII (though, in C you could use non-portable attribute cleanup in similar manner). 2. Use type safe wrappers around builtin types like in [0] and [1]. 3. Use containers with more extensive bounds checking and iteration validity checks [1]. This could help detect some of those bugs at runtime, or even possibly prevent them from being written in the first place.
Use of uninitialized value could be prevented with types that require explicit initialization or have default one (Bug 1).
Left shifting a negative value could have been caught at runtime (Bug 2).
Bounds check could prevent uninitialized memory read (Bug 3)
Type safe wrappers could prevent an accidental promotion from being written in the first place (Bug 5). Though, you need to go out of your way to actually do all those things, not to mention that your code would integrate poorly with existing library ecosystem.
IMHO choosing C++ alone doesn't improve safety of your programs compared to ones written in C all that much. [0] https://github.com/foonathan/type_safe [1] https://github.com/duneroadrunner/SaferCPlusPlus |
|
|