Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I read programming pearls about halfway until I discovered that a several of the samples were using gets() and could be trivially exploited for buffer overflows.

Calling programs like that "pearls" just seemed too wrong to me to go on.



As to my understanding, Programming Pearls focused lies between the range of elegant code and algorithms/problem solving as opposed to secured coding practice in the C programming language.


Still, someone like Knuth will argue that correctness should not be sacrificed for elegance.


Feel free to crucify John Bentley.

I know I'll learn more out of the book if I don't care of the small nitpicks like "gets()".


IIRC the book actually has a section where the author explains why he uses gets(), short variable names, etc.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: