this post was submitted on 02 Mar 2025
36 points (97.4% liked)

C++

1920 readers
2 users here now

The center for all discussion and news regarding C++.

Rules

founded 2 years ago
MODERATORS
[email protected]
[email protected]
[email protected]
36
C++ creator calls for action to address 'serious attacks' (www.theregister.com)
submitted 2 weeks ago by [email protected] to c/[email protected]
13 comments fedilink hide all child comments
 

Bjarne Stroustrup, creator of C++, has issued a call for the C++ community to defend the programming language, which has been shunned by cybersecurity agencies and technical experts in recent years for its memory safety shortcomings.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] [email protected] 13 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

C++ [relies] on manual memory management

not exactly. i can't remember the last time i new'd or deleted anything at work. not only do we have smart pointers for over a decade now, but also, most of the time, you don't even want to be allocating stuff on the heap anyway, so raii will take care of managing your resources. memory management in c++ is explicit, but it's mostly automatic

yeah it's not as safe as rust, but idiomatic c++ isn't supposed to be littered with new and delete statements. that's indication of java-like c++ code, which has been the true villain in c++ codebases for decades, imo. most shitty c++ code is java-like c++ code written by people who would rather be coding in java (or java++ aka c#)

[โ€“] [email protected] 0 points 2 weeks ago

Exactly... I've never gotten the whole "C++ is so unsafe" thing. If you're having trouble with manual memory management in modern C++, it's likely because you're doing something wrong.

There are use-cases for it, but if you're working with something so performance critical that you can't afford an std::array or unique_ptr, you're probably better off just writing straight C instead (except then you don't even have references).

Modern C++ has a shitload of guardrails if you care to use them, but also lets you say "fuck it, this void* points to a double, trust me" if you want to.