MULTIPLE VULNERABILITIES IN THE C/C++ PROGRAMMING LANGUAGE

:^)

spotted the LARPer

Kill yourself

Attached: mark mmmmmmmmmmmmmmmmmmmmmmmm.webm (1280x720, 1.92M)

cvedetails.com/vulnerability-list/vendor_id-72/product_id-767/GNU-Glibc.html

OP is so gay that he bought whole pallet of pic related.

Attached: Screenshot at 2019-02-04 17-08-12.png (217x293, 60.58K)

anti saged

Attached: not an argument.jpg (500x534, 39.03K)

yikes

Attached: yikes.gif (380x285, 1.97M)

You don't understand what sage is for, faggot

sage = downboat
anti sage = upboat

cvedetails.com/cve/CVE-2018-17182/
epic

...

whataboutism is the true mark of the weenie

Attached: Screenshot at 2019-02-04 17-25-56.png (472x287, 14.93K)

thanks for spreading the word that C/C++ is harmful

Call me back when your project gets 20+ years of real world use.

You mean 20+ years worth of buffer overflows, right?
XD

...

Attached: Screenshot at 2019-02-04 17-36-54.png (1645x323, 64.17K)

cvedetails.com/vulnerability-list/vendor_id-72/product_id-767/year-2018/opov-1/GNU-Glibc.html

nobody makes this argument though.
in a world of swordsmen, you're comparing a single knight order (the knights of "let's be really disciplined and not make mistakes in the first place") with some nunchuck advocates who argue that a non-edged weapon can completely prevent accidental cuts.

LARPers on Zig Forums make this argument everytime this topic comes up. see

no, literally nobody on Zig Forums has ever said that programmers
are
perfect or that C++
prevents
buffer overflows. People argue all the time that pursuing perfect gets you there faster than pursuing a tool.

Yes they have. If you weren't a newfag you would know this.

Keep shilling your meme language. Even COBOL has more users than Rust in 2019.

nah you're just stupid. Next time you encounter what you think is "programmers are perfect", ask it if pajeets are prefect, too. Or if Rust should have a zero buffer overflow record because Rust programmers are also perfect.

newfag
I did. The LARPers replied that pajeets aren't real programmers.

But that's accurate friendo.

sage negated

The whole point of a language is to be tool to make something, if you fuck up that's on you.
C/C++ are like a screwdriver, if you stick it into a electric outlet no shit you are gonna get burned, Rust is like a screwdriver that snaps in half no matter what you do. Having the language itself make your programs unsafe while claiming to do the opposite is completely unacceptable.

thanks for not saging btw.

Exactly, and that's after contorting your algorithm to comply with Rust's strict type checking. All that effort, for nothing.

pajeet

If you can't design your software to not have buffer overflows, you're a fucking pajeet, full stop. Learn how a fucking computer works so you can write good code that is designed to run on a computer. You Rustfags are going to turn programming into a sandbox where only (((they))) have access to instructions you're not even aware exists because they're (((undocumented))). Oh wait, we already have this shit because so many of you fags just couldn't code to save your lives so you need (((safety))) (gatekeeping) language features.

see

hello friend. Do you agree that programmers are perfect?
Do you think that C++ prevents buffer overflows?

Of course, fellow cnile!

Why is the concept of loop invariants so hard for pajeets to understand?

spotted the LARPer

???
What's so hard to understand about terminating a loop over a fixed-size buffer?

Sorry, I'm not a perfect programmer. Please explain it to me, oh all-knowing cnile.

It's not a trick question. How do you terminate a loop over a fixed-size buffer? Let me make this easier for you:
char buf[50];for (int i = 0; ... ; ++i){ // Copy to buf[i]...}
What goes into the middle field of the for loop statement to ensure that a buffer overflow does not happen?
Many pajeets fail at this point of the interview. Will you be one of them?

You're not even a decent one, as you don't know what a loop invariant is.

this is a troll thread

...

char buf[50];for (int i = 0; i

The average numale programmer, everybody.

LARPing is a form of braindamage

Then sage you nigger

Attached: 4ead23589b5d741a91fdc0114859437959006cbcf8c5d8334fe061479615ab84.jpg (640x451, 45.03K)

The cnile guy is the LARP spammer. It's like pottery.

Check yourself before you wreck yourself.

OP finds out again that everything in IT is vulnerable

If you want to be safe, just don't use any computer at all

...

You sound like a very high level C programmer. What work do you do?

...

No, Rust's type checking is bad.

explain

>>1027213char buf[50];int main () { for (int i = 0; i

This phrase is sufficient. It illustrates that the two involved parties understand very different things under "safety".
Hence the backing for rust/nu-fox/whatever tranny crusade.

...

Can you read? These are vulnerabilities with programmers implementations. Not the C language.

It was posted by a Rust brainlet, of course they can't read

Attached: typicalRustEvangelist.png (1242x1290, 299.56K)

Being wrong "on purpose" is still being wrong, retard.

C answer: easily put bugs in your software, and then habitually use tools to notice them and dig them back out.
Modern language (and also Ada) answer: make it harder to put bugs in your software.
In C++ you can use a range template that involves a trillion lines of library code and takes three centuries to compile or something. Ada:with Ada.Text_IO; use Ada.Text_IO;procedure Bounds is Buffer : String (1 .. 50);begin for J in Buffer'Range loop Buffer (J) := Character'Val (J); end loop; Put_Line (Buffer);end Bounds;as used:$ ./bounds|od -c0000000 001 002 003 004 005 006 \a \b \t \n \v \f \r 016 017 0200000020 021 022 023 024 025 026 027 030 031 032 033 034 035 036 037 0000040 ! " # $ % & ' ( ) * + , - . / 00000060 1 2 \n0000063Types have lots of attributes and one of the attributes of array types is all of the valid indexes over the type. This is true regardless of the actual indexes of the type: it could be 1 thru 50 as in this example; it could be 0 thru 49; it could be Monday thru Sunday.

That programming language looks niggerlicious.

it scores a solid 15/10 for readability. Nothing else comes close. And you can avoid formatting idiosyncrasies with pretty-printed code ala gofmt.
You probably just wallow in stupid shit like using the comma operator to not have to put an assignment on its own line.

Congratulations, you are a pajeet who cannot manage to pass an interview.

see

everytime
based

to be fair, everything has vulnerabilities
Java: insecure deserialization
PHP: file upload, file inclusion, PHP injection, PHP 5 still in use despite no security updates
C++: easy to write code vulnerable to buffer overflow attacks, pointer issues, etc.
Python: 2.7 no longer gets security updates for things like urllib
JavaScript: frameworks come and go in 6 months, and XSS is super common
HTML5: browser lockers abuse HTML features (along with JS)
XML: XXE attacks (XML External Entities)
show me a programming language or piece of software and I will show you a CVE for it

you must be REALLY new to tech if you think something having a vulnerability means it's an outlier

You're joking? It looks like shit. Like all old languages using the being/end, it's verbose/hard to see blocks and those apostrophes look very out of place.
Look at TCL/Rebol if you want reabable.

Begin/end is verbose more than readable

Because C is a very modern language amirite.

en.wikipedia.org/wiki/C18_(C_standard_revision)

Spark or a lisp dialect? I'm just curious.

No. Use Ada for a bit and it's impossible to notice how much more readable it is.
like Ruby? You get a 'begin' with a function, procedure, or declare; mostly you have 'end'. loop ... end loop, for example. end is three letters and the one-byte alternative gets a whole line to its own anyway.
When Ada was introduced in the 80s, it was remarkably verbose compared to other languages. It's not remarkably verbose now. The C++ range template shit is a whole lot more verbose than a 'Range attribute
because of the prevalence shitty languages that use ' for string literals, any kind of default syntax highlighting won't be kind to Ada.
That's not what you'll be looking at normally, dude.
now this ain't serious.

It is. Stop shilling your shit in a C/C++ thread. Make an Ada thread.

this is actually a Rust thread.
Which is why it's an Ada thread.

sage negated

checked and kek'd

How does being a brainlet feels like? Because if you think that the difference between begin/end and braces is the number of chars, you must know.
1) This was about the syntax.
2) Bloatmasters who think that "one PL to rule them all" is better than a high level and low level combination with easy interfacing are just niggers.

based and anti saged

and now it's anchored.

because it's vertical space that matters? I feel like someone other than you just finished making that point...
yeah whatever. Ada's amazingly readable and 'end' doesn't contribute to its verbosity at all, and 'begin' is frequently occupying what would be an empty line anyway in another language. Ada as a whole is pretty tolerable; begin/end is just something obvious and easy for you to focus on, since you don't know anything and can't just compare your own code that you've written in one language vs. another.

My point is that it's easy to separate actual content from syntax noise when you don't use words for both. That's why sane syntaxes use punctuation for that.

Is varg a Rustfag????

What is the "C/C++" language? I've never heard of it.

Please, be bait.

Nope. That is pure C/C++ retardation.

i fixed your picture for you 100 percent original

Attached: pepe_onion.jpg (249x189, 21.64K)

Secure coding is in the back of the book.

I cruise this site for new RCE exploits. exploit-db.com/

pic not related

Attached: chainsawhonkmasacre.jpg (1280x720, 464.86K)