from Hacker News

C: A Technological Landmine

by jonshea on 7/31/09, 5:26 PM with 57 comments

by plinkplonk on 7/31/09, 5:57 PM
Ugh, this is close to being a troll post. Yes C has its weaknesses and domains appropriate to it's use. But sentences like
"Lacking a strong and expressive type system, C not only permits but encourages its programmers to sacrifice correctness, safety, robustness, testability, and maintainability in favor of some highly underdeveloped and ill-measured ideas about “performance”. Much of the infrastructure of the Internet is built out of this garbage."
and especially words like "garbage" only exposes the author as someone who doesn't know what he is writing about. (ok i could have used the shorter word "fool" here, but ..).
The "infrastructure of the internet" (including the underlying operating systems) is one of the domains in which C shines.
There is good reason that even today, large chunks of "infrastructure" code is written in C/C++.
"anybody who considers C for high-level application development at this point in history, is in a grievous state of sin"
With "high level" being conveniently undefined and without any examples, that statement means next to nothing.
What a terrible, ill thought out article.
by hemancuso on 7/31/09, 6:41 PM
For a long time people built huge buildings with very very thin measures in place for worker safety. Buildings cost a lot less and went up a lot faster - but it came at the cost of workers lives.
OSHA's rules make it much more expensive and tedious for American cities to grow - but the growth isn't coming on the backs of construction workers. It's a trade off we've decided to make because we value safety and we value not getting our pants sued off for negligence.
You can write some well designed quick-and-dirty C code that does what you want, and does it fast. But once in a while you'll make a mistake that you probably won't notice and might cost you your company.
by psyklic on 7/31/09, 6:05 PM
Ironically, the article referenced by the author does not blame the C language for this problem. Instead, it blames the CA for issuing the certificates in the first place:
"Marlinspike said since there is no legitimate reason for a null character to be in a domain name, it’s a mystery why Certificate Authorities accept them in a name."
by TallGuyShort on 7/31/09, 6:10 PM
The reason I like C is that every action is so specific. Yes, that means it's not suited for "high level" applications, like web apps, and situation in which development time needs to be cut. But that specificity and control over every action is exactly why it's good for network and hardware programming. I haven't seen C used outside of those realms in a long time.
edit: Furthermore, it's low-levelness makes it very versatile. It centers around the universal abstractions used in Unix - the ability to open, read, write, and close files. That, combined with structs, unions, and it's basic data types allow you to use it for virtually ANY protocol.
by sophacles on 7/31/09, 6:00 PM
One thing this guy doesn't mention, that I would think relevant to the discussion: Every language currently used by more than 4 people has a notion of FFI via C. This is nice as it allows for the old "profile it and write the slow bits in C" type programming. I particularly like that style of programming, because in the end, you only need to do C style intensity for a small bit of code. Over time, the number of these small, but useful bits accumulates, and the result is a decent, bottom up style library, without the pain of having started in C. (It also helps avoid the cruft...).
by slackerIII on 7/31/09, 6:51 PM
This article in particular crystallized a thought I've had about this site, and sites like this in general. I would love to see a wiki-editable block attached to each submission that tries to describe, in as few words as possible, what information the article contributes.
Think of it as compression, where a basic knowledge of computing is assumed. More interesting articles would have a lower compression ratio, which might be a fun thing to filter on. This article might go down to, "C is generally unsafe, and you probably aren't skilled enough to make it safe, so don't use it". Or maybe, "I needed to write something for my company blog, so I found a recent security hole and added some vaguely related platitudes".
by dryicerx on 7/31/09, 5:55 PM
C is used for low level libraries for it's lean and mean performance. It sacrifices checks and safety features for this, and allows the programmer full control. Do you see professional race cars with ABS and Automatic Stabilization? No, you give the Driver FULL and TOTAL control, same with C and other low level languages. C has only a few data types that are as basic as you can get, I mean what do you expect use something like STL strings?
If you start having type checking and various other easy-to-code and child-safety features, you are bloating and giving up performance in the low level libraries, if this happens imagine what the performance on the higher up application level would be.
by jwhitlark on 7/31/09, 7:12 PM
Use the right tool for the job. C is the right tool for some jobs; if you jam it into a place where it doesn't belong, you probably don't have a deep enough understanding of it to use it safely.
There are two groups you find misusing something. Those that really know what they are doing, have weighed the risks/rewards, and have decided that misusing the tool to get the job done is worth the associated risk. Then you have people who don't know what they are doing. They are going to have problems, but don't blame the tool.
by tarkin2 on 7/31/09, 6:48 PM
Anyone care to guess at what he means by a strong and expressive type system?
by zandorg on 7/31/09, 10:16 PM
I wrote my own sprintf handler which checks string length and truncates if necessary.
unsigned long lsprintf(unsigned long max_length,char [asterisk]dest,char [asterisk]fmt, ...)
char buffer[1024];
lsprintf(1024,buffer,format);
Slightly overkill.