Chemical Safety Incidents
Microsoft Brings Checked C to Open Source
Monday, June 20, 2016 @ 07:06 PM gHale
Microsoft brought Checked C, an extension to the C programming language that brings new features to address a series of security-related issues, into the open source arena.
Checking will help developers detect common programming errors such as buffer overruns, out-of-bounds memory accesses, and incorrect type casts. These programming errors have been at the heart of high-profile vulnerabilities like Shellshock, Heartbleed, or Sandworm.
Checked C plans to address these issues by modifying how it handles pointers. Programmers use pointers to define memory addresses where their code will operate.
Handling pointers can get hectic as their number increases. The bigger the project, the harder it is to keep track of them. Projects like Chromium, Firefox, Office, OpenSSL or other bulky codebases have a big problem with this kind of issues. You only have to take a short look at these projects’ changelogs.
“Checked C allows programmers to better describe how they intend to use pointers and the range of memory occupied by data that a pointer points to,” Microsoft said in a blog post. “This information is then used to add checking at runtime to detect mistakes where the wrong data is accessed, instead of the error occurring silently and without detection.”
Checked C will also allow developers to detect these errors as they type them, something that C cannot. In programming theory, the feature is called “bounds checking,” because it constantly checks if a variable/pointer is assigned inside his bounds.
C# and Rust already have this feature, and much more. The problem is they are not as widely adopted as C and C++. Microsoft hopes the minimal code changes that Checked C will require to existing C/C++ applications, along with the tangible benefits to security, will convince most developers to start adopting Checked C.