|
|
|
|
|
|
by MaulingMonkey
1463 days ago
|
|
|
This indeed. Small local console app running on trusted data? Maybe an hour to track down some memory corruption if you're particularly unlucky, in which case shuger's kind of got a point: who cares? Large network-exposed app? Individual memory corruption heisenbugs have taken me weeks to track down (and weeks before that for QA to create a reliable repro for) - a needle in a huge haystack. They often predate my employment - having lurked semi-silently for who knows how long causing who knows how many unreported crashes. When release dates slip because of bug backlogs filled with memory safety related crash bugs, when ~70% of many vendor CVE reports are down to memory safety issues [1][2][3], and when you personally have to deal with the fallout of all that: shuger's point completely and utterly evaporates. [1] https://msrc-blog.microsoft.com/2019/07/18/we-need-a-safer-s... [2] https://www.chromium.org/Home/chromium-security/memory-safet... [3] https://langui.sh/2019/07/23/apple-memory-safety/ |
|
|