[tptacek]

I know a total of zero working security researchers who think C is just as safe as Scala.

The obvious flaw in your example: you can exec a program unsafely in both C and in Scala, but only in C can you do it accidentally simply by idiomatically copying a string from one place to another.

[yk]

My claim is not that C is just as safe as Scala, my claim is that the comparison is only valid if you do not think too hard about it. If you implicitly assume some web app, not too experienced programmers and a typical budget, then Scala is less likely to contain remote code execution bugs. But if you worry about timing attacks, then it looks a lot better for C.

[thegeomaster]

FWIW, idiomatically copying a string in C is done using strncpy, and that doesn't introduce any RCE bugs. I would not in my right mind defend the premise that C is just as safe as Scala, but the truth is that sloppy programming can do harm in every language imaginable. It just becomes about damage control.

[wglb]

Sorry, if you get the third argument of strncpy wrong, you are right back in the area of trouble.

[pbsd]

Even when you don't get it wrong (i.e., no out-of-bounds writes), you can still get out-of-bounds reads because strncpy does not always null-terminate strings. C strings suck.

[dezgeg]

To be fair, the real issue here is 'strncpy', whose destination argument does _not_ operate on C strings, despite that it's name starts with 'str'.

[tptacek]

We can repeat this subthread with examples of UAF bugs, which are equally common, if anyone really wants to get the full flavor of how wrong it is to suggest that C is comparably as safe as Haskell.

[dezgeg]

My post wasn't meant as disagreement on the issue of whether some languages are safer than others. I apologize if this is is how the message was received. I was trying to point out that w.r.t. C strings, using strncpy is almost always the wrong thing to do.