Recent

Author Topic: Does Pascal make buffer overflows less likely or impossible?  (Read 2938 times)

vfclists

  • Hero Member
  • *****
  • Posts: 825
    • HowTos Considered Harmful?
On my readings on the web I have come across a few comments that makes out Pascal less likey to cause memory corruption bugs than languages like C and C++.

What are the features of Pascal that lead to such statements? Are there some ways this in which this benefit may be nullified, either as a result of poor practices or a desire for better performance?
Windows - Lazarus 1.0.8/FPC 2.6.0
Linux - Lazarus 1.4.4 /FPC 2.6.4

marcov

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 7584
Re: Does Pascal make buffer overflows less likely or impossible?
« Reply #1 on: May 09, 2013, 03:10:40 pm »
On my readings on the web I have come across a few comments that makes out Pascal less likey to cause memory corruption bugs than languages like C and C++.

For standard pascal (the classic argument): bounding of arrays and runtime checks. Note though that a runtime check still causes a program abort, and the language lacks many low level features (like taking the address of symbols or expressions). This is a bit like the "safe" aspect of Java and C#.

For Pascal versions with a string type: just having a stringtype removes the need for pointers for certain very common operations. However that also applies to C++.

Quote
Are there some ways this in which this benefit may be nullified, either as a result of poor practices or a desire for better performance?

1. Turning off runtime checks :-)  The codegeneration for these checks is runtime so come with a slight penalty.
2. Modern Pascal have many lowlevel operations, and map mostly 1:1 to C/C++.  Safety now is more rooted in culture than enforced by the language
« Last Edit: May 09, 2013, 03:12:45 pm by marcov »

Leledumbo

  • Hero Member
  • *****
  • Posts: 8114
  • Programming + Glam Metal + Tae Kwon Do = Me
Re: Does Pascal make buffer overflows less likely or impossible?
« Reply #2 on: May 09, 2013, 03:27:12 pm »
Quote
What are the features of Pascal that lead to such statements?
Bounds checking (both compile and runtime, which is only inserted if compile time check is impossible), including overflow check (some bugs I've found in C programs I'm maintaining at office is due to overflow calculation that leads to a buffer getting allocated wrongly).