Date: Thu, 28 Jan 2021 07:20:53 +0000
Forwarding this to the liaison list, because I would
also love to hear opinions about this from the C++ side.
Best,
Martin
-------- Weitergeleitete Nachricht --------
Von: "Uecker, Martin" <Martin.Uecker_at_[hidden]ingen.de>
An: sc22wg14_at_[hidden] <sc22wg14_at_[hidden]rg>
Betreff: (SC22WG14.18827) sudo buffer overlow
Datum: Wed, 27 Jan 2021 20:33:07 +0000
>
> And again we have a major security issue due to some
> sting handling buffer overflow. Shouldn't we make the
> addition of a safe string library a priority for C23?
>
>
> And beyond strings, a general solution for safe
> programming with arrays are dependent types.
>
> https://en.wikipedia.org/wiki/Dependent_type
>
> We already have these! These are just our
> variably modified types. I know there is
> some sentiment against them, but I think
> it is not justified.
>
> Using variably modified types, compilers
> can already add run-time bounds checking!
>
> $ cat x.c
> int main()
> {
> int n = 3;
> int x[n];
> x[n] = 1;
> }
> $ gcc -fsanitize=undefined x.c
> $ ./a.out
> x.c:6:3: runtime error: index 3 out of bounds for type 'int [*]'
> $ clang -fsanitize=undefined x.c
> $ ./a.out
> x.c:6:2: runtime error: index 3 out of bounds for type 'int [n]'
>
>
>
> So why not make them mandatory?
>
> And then add the remaining functionality that is
> still missing, i.e. the possibility to store
> pointers to VLAs in structs and unions.
>
>
> Best,
> Martin
>
>
>
>
>
>
Received on 2021-01-28 01:21:01