checkedc
checkedc copied to clipboard
microsoft
Checked C is an extension to C that lets programmers write C code that is guaranteed by the compiler to be type-safe. The goal is to let people easily make their existing C code type-safe and elimina...
Linux's isSpace function does a `**` (double-pointer dereference) into the middle of an array, which we can't make a bounds-safe interface for. We know bounds for the inner array type...
@nmeum has reported that the `nt_array_ptr` design where only a 0 can be written at the upper bound doesn't interact well with function calls that do initialization, such as `memset`....
Given an interop type, the compiler will now infer a bounds expression if the type is an nt_array_ptr or an array. The spec needs to be updated to describe this....
Currently, it is possible to declare bounds for a fixed-size checked array, Consider the following example of declaring a global array with bounds: ``` int len; float g50 checked[10] :...
The specification doesn't discuss bounds cast operations for nt_array_ptrs. We need to extend the specification to cover this.
We can define a variable with a bounds declaration in an unchecked scope and use it in a checked scopes. This raises several questions because of the "by reference" use...
@parjong has provided feedback that the 'any' bounds could be confusing to developers. The 'any' bounds is the bounds used for null pointers. It means that the expression could have...
We have a test of an assignment to a variable with a bounds-safe interface. We should add tests for other kinds of assignments involving lvalue expressions with bounds-safe interfaces work....
Currently, when an `nt_array_ptr` is converted to `const array_ptr`, the bounds remain unchanged. We could allow the bounds to be widened by 1, which would avoid some off-by-one problems involving...
I have code like this: ``` struct mystr { _Array_ptr buf : count(len); unsigned int len; }; int getlen(_Ptr p_str) { return p_str->len; } _Nt_array_ptr getbuf(_Ptr p_str) { return p_str->buf;...
