Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Are you saying that every project written in C has suffered from a memory leak issue at some point? Most C/C++ code I've personally written doesn't even use the heap.

I work on avionics and we use C/C++ now and then. We have a ton of rules regarding memory management (pretty much everything stays on the stack) and I can't recall anything I've ever been involved with suffering from a memory leak.



If basically everything stays on the stack, you’ll have a much lower chance of seeing a memory leak, by definition.


Exactly. Using C/C++ doesn't have to mean using the heap.


Using the heap has nothing to do with the code being safe or unsafe.


All I'm saying is that it's a trivial oversimplification to say you can learn to miss every time.


Don't need a leak for C code to be vulnerable, in fact not using the heap helps - just one missing bounds check on user input and you can write to the stack. OTOH, W^X should catch those.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: