From mboxrd@z Thu Jan 1 00:00:00 1970 To: 9fans@cse.psu.edu Subject: Re: [9fans] Awk or Limbo ? From: geoff.9fans@collyer.net MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Message-Id: <20010427023717.9765219A33@mail.cse.psu.edu> Date: Thu, 26 Apr 2001 22:37:10 -0400 Topicbox-Message-UUID: 92e10636-eac9-11e9-9e20-41e7f4b1d025 Limbo programs do seem to be more robust against buffer overflows, deliberate or accidental, but I believe that the fundamental problem is this: to be a good programmer, you have to be willing to cope with all the details inherent in programming, and apparently most of the population don't have the personality traits (patience, attention to detail, etc.) to do it (though that doesn't stop them trying). One of the advantages of writing substantial quantities of assembly-language code is that everything else seems so much easier, since there is so much less detail to deal with. Limbo removes still more fiddly details of memory allocation. I think some of the advantages of automatic string allocation can be had using Plan 9's libString, which has existed for years inside upas. But there's really no excuse for using gets() nor overrunning static buffers. If there's isn't a suitable routine around for the task at hand, you write one. It's amazing to me that as Sendmail, Inc. stamp out one buffer overrun, another pops up, and it's 18 years later. It's like a Conservation of Overruns. These problems could have been found and fixed in a pass over the code with a small string library (such as the one we used in C News). But the kids would rather write yet another sorely-needed Linux desktop manager than tackle real problems. Rotten kids... Barry Shein commented that `X was written by seventeen-year-olds who can't program sitting down' (I hope I haven't misquoted him) and it shows. There's a little known program in the Plan 9 distribution, Brenda Baker's dup(1), that one can run over the source of the latest whiz-bang program and get a sense for how much code was cut-and-pasted instead of converted into proper functions, presumably by the same sort of kids with bladders full of Jolt cola. Incidentally, the distributed /rc/bin/dup didn't work when I last looked; here's a fixed one: #!/bin/rc path=(/$cputype/bin/aux $path) pdup $* | dupstat See http://www.collyer.net/~geoff/cant.ps (when our DSL line is up) for a longer, somewhat dated rant.