Comment by IshKebab
Yes you have to validate untrusted input at runtime. Seems a bit odd to call that a fundamental limitation of static types.
Yes you have to validate untrusted input at runtime. Seems a bit odd to call that a fundamental limitation of static types.
Another way to put it is that in some programs, there's relatively little for static analysis to do because the program isn't doing much internal calculation, but there are a lot of potential I/O errors that it won't be able to catch. Programming embedded devices is often like that.