Bakul Shah:
Unfortunately strcpy & other buffer overflow friendly
functions are still present in the C standard (I am looking at
n2434.pdf, draft of Sept 25, 2019). Is C really not fixable?
====
If you mean `can C be made proof against careless programmers,'
no. You could try but the result wouldn't be C. And Flon's
Dictum applies anyway, as always.
It's perfectly possible to program in C without overflowing
fixed buffers, just as it's perfectly possible to program in
C without dereferencing a NULL or garbage pointer. I don't
claim to be perfect, but before the rtm worm rubbed my nose
in such problems, I was often sloppy about them, and afterward
I was very much aware of them and paid attention.
That's all I ask: we need to pay attention. It's not about
tools, it's about brains and craftmanship and caring more
about quality than about feature count or shiny surfaces
or pushing the product out the door.
Which is a good bit of what was attractive about UNIX in
the first place--that both its ideas and its implementation
were straightforward and comprehensible and made with some
care. (Never mind that it wasn't perfect either.)
Too bad software in general and UNIX descendants in particular
seem to have left all that behind.
Norman Wilson
Toronto ON
PS: if you find this depressing, cheer yourself up by watching
the LCM video showing off UNICS on the PDP-7. I just did, and
it did.