Categories
Announcement C++ Secure Coding

CppCast Episode

Episode 339 of CppCast is live! Hear me talk with Rob Irving @robwirving and Jason Turner @lefticus about secure coding and integers! Listen Now! https://cppcast.com/secure-coding-integers/…

Categories
C Secure Coding WG14

Clarifying integer terms

I was recently horrified to learn that there is no real consensus about what the terms “overflow” and “wraparound” mean in the C Standard, in particular, if unsigned integers were capable of overflow. I wrote the attached paper to clarify the use of these terms. Please let me know if you have any comments, as I need to submit this paper soon.

Categories
C Secure Coding WG14

Volatile C++ Compatibility

I’m looking for feedback for the following proposal to the C Standards committee to maintain compatibility with C++ with respect to the deprecation of certain uses of volatile. Leave your comments/questions in the comments or email me. Thanks!

Categories
Announcement C Secure Coding WG14

Adding a Defer Mechanism to C

I’ve been collaborating with several members of the C Standards Committee and other experts to propose a defer mechanism for C2x. Our initial proposal (which can be downloaded below) presents five design questions that will influence the final proposal. Let me know if you have any opinions below or on Twitter (follow me @RCS).

Categories
Optimization Secure Coding Video

Video Killed the Radio Star

I’ve made a few videos over the years. Here are the ones where I kept my clothes on:

REcon 2016 – Dangerous Optimizations and the Loss of Causality
The Secure Developer – Ep. #35, Secure Coding in C/C++
Professional C Programming: Integer Types

And here is what I looked like back in the 1980s talking about the Serpent User Interface Management System (UIMS) developed at Carnegie Mellon University’s Software Engineering Institute and programmed in K&R C.

An Introduction to Serpent: A User Interface Management System (1989)