Conversation
Notices
-
d (deprecated_ii@poa.st)'s status on Monday, 03-Feb-2025 23:20:59 JST 
d
sql is an unsafe language because we might just insert whatever the user gives directly into the query, sql has no way to check this - :gura_sus: 1e+6 litres :flag_china: likes this.
-
T man :sex: :puffgiga: :puffpowerroll: (epic music enjoyer) (theorytoe@ak.kyaruc.moe)'s status on Monday, 03-Feb-2025 23:21:45 JST 
T man :sex: :puffgiga: :puffpowerroll: (epic music enjoyer)
@deprecated_ii
c is an unsafe language because we might just free whatever memory the user uses, c has no way to check this memory is unused -
greenshoots (greenshoots@poa.st)'s status on Monday, 03-Feb-2025 23:29:58 JST 
greenshoots
@deprecated_ii There should be a way to sanitize the user input, but the avaluation structure (say a switch case structure inside a try catch block) would need to be constantly updated and expanded, because the users would always find some new way to type in an unsafe input.
Very frustrating :sadhug: -
d (deprecated_ii@poa.st)'s status on Monday, 03-Feb-2025 23:29:58 JST
d
@greenshoots parameterized inputs are the answer, they're very easy to use but many programmers do not use them anyway
the logic in the OP is the logic people use to criticize C as "dangerous". but it's not the language's job to be safe, it's the programmer's job to use the language safely
nobody is forcing anyone to use a raw array with no bounds checking, for example:gura_sus: 1e+6 litres :flag_china: likes this.
All 076萌SNS content and data are available under the