Date: Wed, 19 Feb 2020 22:34:37 +0100
Just quickly...
Bcc misra closed mailing list.
Sent from Peter Sommerlad's iPad
+41 79 432 23 32
> On 19 Feb 2020, at 20:33, Ryan McDougall <mcdougall.ryan_at_[hidden]> wrote:
>
> - Knowing about vulnerabilities and having MISRA is helpful, but ultimately we want to have facilities (ie. via type safety) such that we *avoid* vulnerabilities entirely.
I think that is well aligned what MISRA C++ is aiming at. At least several members of misra c++ are targeting that. See for example my p2070.
There is one inherent vulnerability that can not be solved by the C++ type system: dangling.
And there are several vulnerabilities, where the standard library lacks support and where misra suffers, because we can not provide libraries to use due to liability reasons and other reasons. For example, like the core guidelines support library providing span<T> before it made into the standard.
Regards
Peter
Bcc misra closed mailing list.
Sent from Peter Sommerlad's iPad
+41 79 432 23 32
> On 19 Feb 2020, at 20:33, Ryan McDougall <mcdougall.ryan_at_[hidden]> wrote:
>
> - Knowing about vulnerabilities and having MISRA is helpful, but ultimately we want to have facilities (ie. via type safety) such that we *avoid* vulnerabilities entirely.
I think that is well aligned what MISRA C++ is aiming at. At least several members of misra c++ are targeting that. See for example my p2070.
There is one inherent vulnerability that can not be solved by the C++ type system: dangling.
And there are several vulnerabilities, where the standard library lacks support and where misra suffers, because we can not provide libraries to use due to liability reasons and other reasons. For example, like the core guidelines support library providing span<T> before it made into the standard.
Regards
Peter
Received on 2020-02-19 15:45:54