[Cryptography] Ada vs Rust vs safer C

Hanno Böck hanno at hboeck.de
Sat Sep 17 03:47:39 EDT 2016


On Fri, 16 Sep 2016 16:31:04 -0400
Arnold Reinhold <agr at me.com> wrote:

> For comparison what would it take to make a safer C?

People have tried to make safer C. The problem is, if you want memory
safety you'll have a big overhead.
E.g. let's simply say you define that all invalid memory reads and
writes (buffer overflow, use after free, ...) lead to a termination of
the application. That would prevent exploiting any of them, although at
the cost of potential DoS.

There is Softbound+CETS, which implements a strong concept of memory
safety. It has more than 100% overhead and it never got really
completed, so you can't run real world code with it.

The closest thing to a safer C that works with real code is Address
Sanitizer, which has a weaker concept of memory safety and is not
designed for production. In its current form it'll fight some security
issues and introduce new ones. But that could potentially be fixed.
You still have a runtime overhead of 50% and probably more
significant a huge memory overhead.

Hanno Böck

mail/jabber: hanno at hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160917/888a68f1/attachment.sig>

More information about the cryptography mailing list