Making it harder to do wrong
#curl is written in C. We try to write better C to reduce the risk of future vulnerabilities.
daniel.haxx.se/blog/2023/12/13…
Making it harder to do wrong
#curl is written in C. We try to write better C to reduce the risk of future vulnerabilities.
daniel.haxx.se/blog/2023/12/13…
Kevin Karhan
in reply to daniel:// stenberg:// • • •same reason for #Linux I guess and same reason why I do all the #OS1337 code in #bash with only .config makefiles where needed:
Readable and thus easy to #audit code allows for #transparency, which is vital for #maintainability and #security...
After all, mistakes do happen and I'd rather have it easy find and fix than optimize every bit at the cost of unmaintainable code.
launchdaemon
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to daniel:// stenberg:// • • •Lee Griffiths
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to Lee Griffiths • • •Ted Mielczarek
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to Ted Mielczarek • • •Ted Mielczarek
in reply to daniel:// stenberg:// • • •César Pose
in reply to daniel:// stenberg:// • • •JB Lièvremont
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to JB Lièvremont • • •daniel:// stenberg://
in reply to daniel:// stenberg:// • • •JB Lièvremont
in reply to daniel:// stenberg:// • • •thanks!
As far as I can tell (I'm in the SonarLint team, not SonarCloud), providing feedback on each PR is one of the core principles of the "clean as you code" approach pushed by Sonar. And I can understand that in some cases, it can generate some unwanted noise 😅.
If you have the time, I believe our PMs love constructive feedback: most probably, if the curl project has a need for some pull requests not to be analyzed, chances are this need is also shared by other projects.
daniel:// stenberg://
in reply to JB Lièvremont • • •JB Lièvremont
in reply to daniel:// stenberg:// • • •Ikey Doherty 🐍
in reply to daniel:// stenberg:// • • •I get that you're not into Rust - but this statement is just opening you up to flaming:
"Rust is cool, but the language, its ecosystem and its users are rookies and newbies for system library level use."
I certainly wouldn't be described as a rookie by anyone.
daniel:// stenberg://
in reply to Ikey Doherty 🐍 • • •Ikey Doherty 🐍
in reply to daniel:// stenberg:// • • •It smacks of C elitism - I'm sure you didn't intend that (context: I'm a longterm C dev that left for greener pastures).
Do you mean the ABI of Rust itself? One could argue that its OK to whack an `extern C` wrapper onto the Rust lib and use symbol version scripts.
FWIW - I'm not in the "you should RIIR" crowd, I'm more in the upgrade-component-by-component crowd ^^
daniel:// stenberg://
in reply to Ikey Doherty 🐍 • • •Ikey Doherty 🐍
in reply to daniel:// stenberg:// • • •you're conflating standard library with the language. There are various no-panic style decorator crates, the option to rebuild libstd, use no_std, or codepaths that don't panic.
The same argument is true in C libraries when `abort()` is called instead of returning an error.
daniel:// stenberg://
in reply to Ikey Doherty 🐍 • • •daniel:// stenberg://
in reply to daniel:// stenberg:// • • •Ikey Doherty 🐍
in reply to daniel:// stenberg:// • • •a sensible person would write the stubbed C FFI skeleton and invoke the Rust code via std::panic::catch_unwind so that any remaining panics were UB cases. I'm pretty sure curl avoids glib2 for similar reasons
I've said my piece - you apply different logic to C vs Rust because you favour C, and I got some PTO to take tbh. :)
daniel:// stenberg://
in reply to Ikey Doherty 🐍 • • •Ikey Doherty 🐍
in reply to daniel:// stenberg:// • • •Its not hiding - its clearly displayed on my profile. And I've only recently switched to Rust after avoiding it for years, using C/C++/D/etc.
You demonstrate an unwillingness to be reasonable outside of C, and tbh I find the "we have less CVEs than the other guys" argument extremely brittle.
I've tried my utmost to be cordial here but its like talking to a brick wall. See ya.
daniel:// stenberg://
in reply to Ikey Doherty 🐍 • • •hramrach
in reply to daniel:// stenberg:// • • •@ikey I guess that about sums up the 'rust crowd'. They tell you you are dumb for not using rust, and they won't listen when you are telling them about the reasons you are not using it.
A language that is defined by a compiler accepting the code, with biyearly update to said compiler, your code randomly failing to build with said update, for system libraries?
Eww. No, thanks. 😑
rain 🌦️
in reply to hramrach • • •daniel:// stenberg://
in reply to rain 🌦️ • • •Paul Stephen Borile
in reply to daniel:// stenberg:// • • •Danny Goossen
in reply to daniel:// stenberg:// • • •Edmundo Ruiz Ghanem
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to Edmundo Ruiz Ghanem • • •Karl Gutwin
in reply to daniel:// stenberg:// • • •daniel:// stenberg://
in reply to Karl Gutwin • • •Spoofer3
in reply to daniel:// stenberg:// • • •CompCert - The CompCert C compiler
compcert.org