[Cryptography] bounded pointers in C

Nemo nemo at self-evident.org
Sat Apr 19 01:21:47 EDT 2014


Bear <bear at sonic.net> writes:
>
> C++11 and later mandate the existence of a type "intptr_t" which is
> defined as an integer large enough to hold the value of any pointer.
> You get access to it if you include the stdint library.

(1) C++11 intptr_t is adopted from C99 (<cstdint> and <stdint.h>
headers, respectively)

(2) It is not mandatory; it is optional, both in C99 and C++11. But if
the typedef exists at all, it must have the semantics you describe.

...

Re: http://gcc.gnu.org/bugzilla/show_bug.cgi?id=30475

A C compiler is a compiler for the C language. The C language is, by
definition, the language described by the C specification. You should
expect compiler authors to do everything allowed by that specification
to generate faster code. If you cannot handle the semantics of the C
language, perhaps C is the wrong language for your task, or for you. Do
not blame the compiler writers if you don't know the language.

At any rate, this is the attitude of the GCC developers. It is also the
attitude of the Clang developers:

http://goo.gl/FwiO2e

...

Re: bounds checking

In C++, it is trivial to create "SafeInt" and "SafeArray" classes that
overload addition and dereference, respectively, so that expressions
like "x+y" check for overflow and expressions like "a[n]" check for
out-of-bounds access. That so many programmers write security-sensitive
code without using such simple idioms is hardly the fault of the
language.

 - Nemo
   https://self-evident.org/


More information about the cryptography mailing list