Proposed extension to C - array size declarations
Somewhat to my surprise, I may have found a politically acceptable way to extend C in a way that leads to the prevention of buffer overflows. Many people have struggled with this, but the previous attempts led to incompatibility, excessive overhead, or a new language.
It turns out that combining C fixed size arrays, C++ references, and C99 variable-length automatic arrays seems to lead to a workable solution. An example is declaring the UNIX read call in this way:
Present C form of declaration:
There's more, of course; see the draft paper: "Safe Arrays and Pointers for C" (PDF)
Now I need to find out if someone can find a flaw in this, so it needs to go before a qualified critical audience. So I'd like to see what the LtU crowd has to say about this. Thanks.
Active forum topics
New forum topics