• 0 Posts
  • 4 Comments
Joined 1 年前
Cake day: 2023年6月1日
  • Backslash@feddit.detoProgrammer Humor@lemmy.mlC++ Moment
    35·
    4 个月前

    C++ iirc is used mostly for microprocessor code

    lol no, it’s used almost everywhere where performance is important and people want(ed) OOP, from tiny projects to web browsers (Chrome, Firefox) to game engines (Unreal, CryEngine). Many of these are hugely complex and do encounter segfaults on a somewhat frequent basis.

    Saying C++ is mostly used for embedded applications is like saying C# is mostly used for scripting games, i.e. it doesn’t nearly cover all the use cases.

    higher-level languages also exist

    This depends on your definition of “higher-level”, but many people would argue that C++ is on a similar level to Java or C# in terms of abstraction. The latter two do, however, have a garbage collector, which vastly simplifies memory management for the programmer(generally anyway).

  • Backslash@feddit.detoLinux@lemmy.mlSeverity HIGH security problem to be announced with curl 8.4.0 on Oct 11 (CVE-2023-38545) · curl/curl · Discussion #12026
    45·
    9 个月前

    Reading the blog post, it’s a lot more nuanced than that: someone reported a CVE, which was related to a possible int overflow in client code handling the timeout between requests. NVD chose to grade this as a 9.8/10 on their severity scale (for context, CVE-2014-0160, also known as Heartbleed, got a 7.5/10), which is ludicrous for a bug which could at most change the retry timeout of your request from your intended years to a few seconds. Daniel says that this is not a security vulnerability at all and has no business being listed on the CVE database, whereas NVD argues that it’s a bug, it’s been reported to them and because overflows are undefined behavior, anything can happen and so it’s a security vulnerability.

    In the end, they agreed to at least adjust the severity down to a 3.3, but I can understand that Daniel is still somewhat miffed about it. Personally I also agree that it’s not really a security issue and that even a 3.3 is too high in terms of severity.

  • Backslash@feddit.detoProgrammer Humor@lemmy.ml*Permanently Deleted*
    2·
    9 个月前

    Many debuggers (at least in the Java world, which is what I’m working with for a living) support more advanced features like only triggering the breakpoint if a certain condition is reached or only every X hits of the breakpoint.

    Also, if you try and debug using print in the main game loop, wouldn’t that write so much to console/log that it’s effectively unreadable?