Some would argue that the
most elusive type of problem in a
C program is the fact that it's written in
C.
Problems that are in some ways endemic to C programs:
- Memory leaks. This has to be, by far, the subtlest and hardest to fix. ``Easy enough'', you say, ``make sure you free everything you allocate.'' That works in the simple cases. In more complicated situations, it's just not possible. The problem is often in shared data structures---in a language without GC, it becomes important to have a good ownership protocol, and that's hard to do.
- Buffer overflows. I don't think I need to even go into this.
- Fixed-size buffers. This is a similar problem. So you found that buffer overflow, and replaced gets(buff) with fgets(buff, 80, stdin). The only problem is, now your program silently truncates lines longer than 79 characters. Lose, lose.
Problems that aren't C-specific:
Solutions? There's no
panacea.
GC will correct many, but not all,
memory leaks---and may introduce more if you forget to
break links. Using a
safer
string or
vector library will fix many buffer overflows (as well as
arbitrary buffer-size limits), but there are many cases where you need, for whatever reason, to muck around with
pointers or
C arrays. As for the non-C-specific problems, they can only be fixed through
brainwashing.
Programmers will always write bad programs, no matter what tools they are given.