We Make Software Work For You and Help You Achive Your Ambitious Goals

Where we are

Level 1 / 71 Balmain Street
Cremorne VIC 3121
(green street entrance)

Contact Us

1800 folio1 (365461)
+61 3 9428 9227


Our existing customers should use our Support Portal

8 Jul

Checked C: C with a Safety Belt

C and its extension C++ are two of the most popular languages of all time for low-level systems programming. They''re extremely efficient and allow direct manipulation of memory. Their strength is, unfortunately, also their vulnerability. If the programmer makes a mistake that allows writing the wrong location in memory, only the hardware will stop it. Many security holes in operating systems, browsers, and popular libraries are the result of the lack of pointer checking in these languages.

Other languages that perform bounds checking are available, but safety from bad pointers costs processing cycles and makes it difficult to perform arbitrary memory manipulation. Microsoft has proposed a new variant, called Checked C, which lets the programmer write code that will be bounds-checked both at compilation time and run time. It''s a superset of C, so writing unsafe code is still possible, but it gives developers the ability to make it safe.

Bounds checking in Checked C isn''t like the protection in languages like Java and C#, which strongly tie memory access to object allocation. The programmer has a lot of leeway about how to set bounds, so it''s possible to mangle memory even using the checked features.

Checked C aims for the same goals as Rust, but it retains full compatibility with C. This allows developers to convert existing code to Checked C incrementally, starting with the most critical parts. Both languages allow programmers to violate safety constraints when they''re sure they know what they''re doing, but Rust does checking by default and requires explicit declaration of unsafe code. With Checked C, code can bypass the constraints without any indication that it''s unsafe.

The serious bugs that have arisen from unchecked pointers have created a demand for a language that''s suitable for low-level code, while preventing those errors without a significant cost in efficiency. It remains to be seen whether the future lies with C-compatible languages or new ones.

Please contact Folio1 if you would like to learn more about the digital strategies and solutions we offer.

Thinking of hiring us?

Start Here