C++ has made great strides in recent years in matters of resource and memory safety [P2687]. C++ benefits from having a formal specification, a fully-specified memory model, and an active community of users and implementers. In contrast, some languages regarded as safe lack a formal specification, which introduces its own safety concerns (e.g., how to ensure a consistent semantic view of code). These important properties for safety are ignored because the C++ community doesn't have an organization devoted to advertising. C++ is time-tested and battle-tested in millions of lines of code, over nearly half a century, in essentially all application domains. Newer languages are not. Vulnerabilities are found with any programming language, but it takes time to discover them. One reason new languages and their implementations have fewer vulnerabilities is that they have not been through the test of time in as diverse application areas. Even Rust, despite its memory and concurrency safety, has experienced vulnerabilities (see, e.g., [Rust1], [Rust2], and [Rust3]) and no doubt more will be exposed in general use over time.
https://media.hachyderm.io/media_attachments/files/111/553/581/104/478/253/original/aa06b1b4bfbc96d7.png
rain 🌦️ :verified_trans:
All GNU social JP content and data are available under the 