[COFF] [TUHS] Re: Buffer overflow found/fixed in v4 tape ;)

[Larry McVoy via COFF]

On Mon, Jan 05, 2026 at 03:39:22PM -0500, Dan Cross via COFF wrote:
> If you think it's just a matter of discipline, well...good luck with
> that. History and available evidence disagree.

(Dan commenting on people saying that C can work).  

I tend to be in the camp that you can make C work, but it takes a lot of
discipline.  My kid is in the CS PhD program at USC and he asked me about
C.  My answer was: "C is like a sports car on a twisty mountain road where
the edge of the road is a cliff.  If you take your eyes off the road, it's
pretty much instant death.  So it doesn't work for the people who want to
text and drive.  On the other hand, if you are an expert driver, are 100%
focussed on the drive, it's fun.  C is like that.  It doesn't work well
for a lot of people, but it can be fun and work very well for a small
subset of programmers".

My existence proof is the company I ran for 18 years, we built a pretty
complex product and had very little in the way of overruns.  We did have
a test case that threw fuzz and the command line args and stdin that 
caught a lot in the early days, not so much as we became more disciplined.

If I were starting over, I'd probably still do C if I had a similar set
of programmers, it's really not a problem if you do things correctly.
But I'm sympathetic to the people that say they need the guard rails.
As an old school programmer, I'm baffled that you need them, I find it
sad.  As a realistic person, bring on the guard rails.  And I'm happy
I'm retired and don't have to fight these fights.