Editing C (programming language) (section)

==Limitations==
{{Rquote|quote=the power of assembly language and the convenience of ... assembly language |author=Dennis Ritchie<ref>{{cite magazine |last1=Metz |first1=Cade |title=Dennis Ritchie: The Shoulders Steve Jobs Stood On |url=https://www.wired.com/2011/10/thedennisritchieeffect/ |magazine=Wired |access-date=April 19, 2022 |archive-date=April 12, 2022 |archive-url=https://web.archive.org/web/20220412005125/http://www.wired.com/2011/10/thedennisritchieeffect/ |url-status=live }}</ref>}}
While C has been popular, influential and hugely successful, it has drawbacks, including:
* The standard [[dynamic memory]] handling with <code>malloc</code> and <code>free</code> is error prone. Improper use can lead to [[memory leaks]] and [[dangling pointers]].<ref>{{cite web |author=Internet Security Research Group |title=What is memory safety and why does it matter? |url=https://www.memorysafety.org/docs/memory-safety/ |website=Prossimo |access-date=March 3, 2025}}</ref>
* The use of pointers and the direct manipulation of memory means corruption of memory is possible, perhaps due to programmer error, or insufficient checking of bad data.
* There is some [[type checking]], but it does not apply to areas like [[variadic functions]], and the type checking can be trivially or inadvertently circumvented.  It is [[Strong and weak typing|weakly typed]].
* Since the code generated by the compiler contains few checks itself, there is a burden on the programmer to consider all possible outcomes, to protect against buffer overruns, array bounds checking, [[stack overflow]]s, memory exhaustion, and consider [[Race condition#In software|race conditions]], thread isolation, etc.
* The use of pointers and the run-time manipulation of these means there may be two ways to access the same data (aliasing), which is not determinable at compile time.  This means that some optimisations that may be available to other languages are not possible in C.  FORTRAN is considered faster.
* Some of the standard library functions, e.g. <code>scanf</code> or {{code|strncat}}, can lead to [[C standard library#Buffer overflow vulnerabilities|buffer overruns]].
* There is limited standardisation in support for low-level variants in generated code, for example: different function [[calling conventions]] and [[Application binary interface|ABI]]; different [[Data structure alignment|structure packing]] conventions; different byte ordering within larger integers (including endianness).  In many language implementations, some of these options may be handled with the preprocessor directive <code>[[C preprocessor#Compiler-specific preprocessor features|#pragma]]</code>,<ref>{{Cite web |last=corob-msft |title=Pragma directives and the __pragma and _Pragma keywords |url=https://learn.microsoft.com/en-us/cpp/preprocessor/pragma-directives-and-the-pragma-keyword |access-date=September 24, 2022 |website=Microsoft Learn |date=March 31, 2022 |language=en-us |archive-date=September 24, 2022 |archive-url=https://web.archive.org/web/20220924075131/https://learn.microsoft.com/en-us/cpp/preprocessor/pragma-directives-and-the-pragma-keyword |url-status=live }}</ref><ref>{{Cite web |title=Pragmas (The C Preprocessor) |url=https://gcc.gnu.org/onlinedocs/cpp/Pragmas.html |access-date=September 24, 2022 |website=GCC, the GNU Compiler Collection |archive-date=June 17, 2002 |archive-url=https://web.archive.org/web/20020617041757/https://gcc.gnu.org/onlinedocs/cpp/Pragmas.html |url-status=live }}</ref> and some with additional keywords e.g. use <code>[[__cdecl]]</code> calling convention.  The directive and options are not consistently supported.<ref>{{cite web |title=Pragmas |url=https://www.intel.com/content/www/us/en/develop/documentation/cpp-compiler-developer-guide-and-reference/top/compiler-reference/pragmas.html |publisher=Intel |work=Intel C++ Compiler Classic Developer Guide and Reference |access-date=April 10, 2022 |language=en |archive-date=April 10, 2022 |archive-url=https://web.archive.org/web/20220410113529/https://www.intel.com/content/www/us/en/develop/documentation/cpp-compiler-developer-guide-and-reference/top/compiler-reference/pragmas.html |url-status=live }}</ref>
* [[C string handling|String handling]] using the standard library is code-intensive, with explicit memory management required.
* The language does not directly support object orientation, [[type introspection|introspection]], run-time expression evaluation, generics, etc.
* There are few guards against inappropriate use of language features, which may lead to [[Software maintenance|unmaintainable]] code.  In particular, the [[C preprocessor]] can hide troubling effects such as double evaluation and worse.<ref>{{cite web |title=In praise of the C preprocessor |url=https://apenwarr.ca/log/20070813 |website=apenwarr |date=August 13, 2007 |access-date=July 9, 2023}}</ref>  This facility for tricky code has been celebrated with competitions such as the ''[[International Obfuscated C Code Contest]]'' and the ''[[Underhanded C Contest]]''.
* C lacks standard support for [[exception handling]] and only offers [[return code]]s for error checking. The [[Setjmp.h|<code>setjmp</code> and <code>longjmp</code>]] standard library functions have been used<ref>{{cite web|last1=Roberts |first1=Eric S. |title=Implementing Exceptions in C |date=March 21, 1989 |url=http://bitsavers.informatik.uni-stuttgart.de/pdf/dec/tech_reports/SRC-RR-40.pdf |archive-url=https://web.archive.org/web/20170115152453/http://bitsavers.informatik.uni-stuttgart.de/pdf/dec/tech_reports/SRC-RR-40.pdf |archive-date=January 15, 2017 |url-status=live |access-date=January 4, 2022 |publisher=[[DEC Systems Research Center]] |id=SRC-RR-40}}</ref> to implement a try-catch mechanism via macros.

For some purposes, restricted styles of C have been adopted, e.g. [[MISRA C]] or [[CERT C]], in an attempt to reduce the opportunity for bugs.  Databases such as [[Common Weakness Enumeration|CWE]] attempt to count the ways C etc. has vulnerabilities, along with recommendations for mitigation.

There are [[#Language tools|tools]] that can mitigate against some of the drawbacks.  Contemporary C compilers include checks which may generate warnings to help identify many potential bugs.