Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Okay, I appreciate that Ritchie was a genius and that C was revolutionary and is foundational to modern computing.

But seriously, C arrays not having bounds checks has probably caused more security disasters than anything else in the history of computing, with the possible exception of end-users. Was there a good reason for this, and if so, what was it?



C was introduced in 1972, that's a year before I was born (and it had been in development for a couple years prior).

The first computer I programmed on ran at 1 mhz and had 64 kilobytes of RAM.

Is it really so hard to see why C didn't historically have bounds checking? Bounds checking was pretty controversial in languages even as late as the early 2000s because of the runtime cost.


C was targeted at the PDP-11 etc not microcomputers though.


But FORTRAN had bounds checking, didn't it? Or is that just a modern thing?


C was to be used by people who knew what they were doing. Unwittingly, it opened the door for people who didn't.


I'm going to guess performance. Sure it's tiny today, but what about back then?


C is to sytems computing what democracy is to governance.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: