This is the mail archive of the gcc@gcc.gnu.org mailing list for the GCC project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Request for comments on language extension: Safe arrays and pointers for C, September draft.


Here's the September 2012 draft of my "Safe arrays and pointers for C"
proposal:

http://www.animats.com/papers/languages/safearraysforc43.pdf

This incorporates most of the substantive issues raised in
previous discussions.

Brief summary:

- Optional "strict mode" via pragma which prohibits some unsafe
  pointer usages.
- Prevents buffer overflows in strict mode.
- Bring C++ references into C, so programmers can talk about arrays.
- Expressions allowed in array dimensions (like VLA params, but
  in a few more contexts.)
- Strict code can call non-strict code, and vice versa.
- Libraries and APIs with array params can be given strict
  declarations, and can be called from strict code (safely) and
  non-strict code (unsafely), allowing gradual conversion.

The goal is to eliminate buffer overflows in strict mode code,
providing a substantial improvement in security and reliability
for security-critical C programs.

I'm proposing this as an enhancement to GCC, in two phases.

Phase 1: Add language mode flag for this feature set.
         Support new language features.  No bounds checking
         in this phase.

Phase 2: Add optional bounds checking.

I'd appreciate comments on how difficult phase 1 would be.

			John Nagle


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]