Hacker News new | ask | show | jobs
by MaxBarraclough 2016 days ago
Chromium, OpenSSL, the Linux kernel, the Windows NT kernel, have all suffered from security vulnerabilities due to undefined behaviour. We can bet they will continue to suffer from such issues. It's not something you can avoid simply by being competent and careful.

edit: As lmm says, it's likely you have UB issues in your code you aren't aware of. That's not quite the same thing as having issues in your code due to not being a good enough language-lawyer. I've resolved some very subtle issues that found their ways into a 'serious' C++ codebase, and I didn't spend that long in the C++ world. In most languages those issues simply couldn't have happened in the first place.
1 comments
rightbyte 2016 days ago
Sure but is it not mainly a case of that the more bugchecked and field tested the code is, the more obscure any bug that surface is?

GCC compiles to alot of architectures. I have a hard time imagining any modern language compiling to all those platforms without quirks in practice.

link
MaxBarraclough 2016 days ago
> the more bugchecked and field tested the code is, the more obscure any bug that surface is?

Right. A battle-tested codebase only has subtle errors, as the obvious ones will all have been fixed. An immature codebase has subtle errors and more obvious ones.

> GCC compiles to alot of architectures. I have a hard time imagining any modern language compiling to all those platforms without quirks in practice.

Compiler bugs are a separate issue from undefined behaviour and surprising language subtleties. With mature compilers they're pretty rare, but they do happen.

JavaScript is a good example. There's no undefined behaviour in JavaScript. That's vitally important given that JavaScript engines have to be able to run untrusted code. If JavaScript code is able to cause undefined behaviour, that's a serious security issue in the engine. Such bugs do happen, of course, but they aren't all that common. Generally, JavaScript runs fine regardless of whether you're running on x86, AMD64, or AArch64. Same goes for Java.

(I admit I'm ignoring the possibility of a constrained/contained kind of undefined behaviour where the JavaScript context might see things go haywire but the process containing the JavaScript environment is unaffected.)

link