this post was submitted on 09 Sep 2024
259 points (97.4% liked)

196

16501 readers
2881 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 48 points 2 months ago* (last edited 2 months ago) (2 children)

It's mostly because C is notorious for not holding your hand and not telling you when you mess up. Write one past the array's length? Might do nothing, might crash, might mess up some other data, might crash later in somewhere completely different.

[–] [email protected] 14 points 2 months ago

Or in some cases might crash 8.5 million computers worldwide.

Yes the Crowdstrike crash was caused by going 1 past an array length, caused by a magic number index and a regex mistake, and wasn't caught because the tests didn't work.

The whole thing was a compound series of amateur mistakes, but with kernel access at boot time.

[–] [email protected] 14 points 2 months ago

I spent 30 minutes looking over my code because I forgot a semicolon after defining an integer :(