[Cryptography] bounded pointers in C

Viktor Dukhovni cryptography at dukhovni.org
Fri Apr 18 13:51:06 EDT 2014


On Fri, Apr 18, 2014 at 01:53:02PM +0100, Peter Fairbrother wrote:

> Now if C had proper bounded pointers for strings and arrays, then using
> malloc and memcpy would throw out a big flag - why on Earth are you using
> this dangerous stuff instead of the nice safe string/array commands? - but
> as C doesn't have nice safe string/array commands ...

Well written C software solves this with suitable string libraries,
which though they are not part of the base language, are used
consistently to handle variable length character data.

    - Perl, Tcl, Python, ... all have internal data types that
      are strings with a length.

    - Postfix has "vstring" and "vstream".

A major step forward would be to simply extend the standard library
with a suitably safe set of new interfaces.  Basically safe strings
and a safe stdio library that works with these.  We don't have to
make incompatible changes to the language.

-- 
	Viktor.


More information about the cryptography mailing list