This is the mail archive of the
mailing list for the GCC project.
Re: Request for comments on language extension: Safe arrays and pointers for C, September draft.
- From: John Nagle <nagle at animats dot com>
- To: gcc at gcc dot gnu dot org
- Date: Fri, 12 Oct 2012 11:58:07 -0700
- Subject: Re: Request for comments on language extension: Safe arrays and pointers for C, September draft.
- Reply-to: nagle at animats dot com
Here's the September 2012 draft of my "Safe arrays and pointers for C"
This incorporates most of the substantive issues raised in
- Optional "strict mode" via pragma which prohibits some unsafe
- Prevents buffer overflows in strict mode.
- Bring C++ references into C, so programmers can talk about arrays.
- Expressions allowed in array dimensions (like VLA params, but
in a few more contexts.)
- Strict code can call non-strict code, and vice versa.
- Libraries and APIs with array params can be given strict
declarations, and can be called from strict code (safely) and
non-strict code (unsafely), allowing gradual conversion.
The goal is to eliminate buffer overflows in strict mode code,
providing a substantial improvement in security and reliability
for security-critical C programs.
I'm proposing this as an enhancement to GCC, in two phases.
Phase 1: Add language mode flag for this feature set.
Support new language features. No bounds checking
in this phase.
Phase 2: Add optional bounds checking.
I'd appreciate comments on how difficult phase 1 would be.