Here's the September 2012 draft of my "Safe arrays and pointers for C" proposal:
http://www.animats.com/papers/languages/safearraysforc43.pdf This incorporates most of the substantive issues raised in previous discussions. Brief summary: - Optional "strict mode" via pragma which prohibits some unsafe pointer usages. - Prevents buffer overflows in strict mode. - Bring C++ references into C, so programmers can talk about arrays. - Expressions allowed in array dimensions (like VLA params, but in a few more contexts.) - Strict code can call non-strict code, and vice versa. - Libraries and APIs with array params can be given strict declarations, and can be called from strict code (safely) and non-strict code (unsafely), allowing gradual conversion. The goal is to eliminate buffer overflows in strict mode code, providing a substantial improvement in security and reliability for security-critical C programs. I'm proposing this as an enhancement to GCC, in two phases. Phase 1: Add language mode flag for this feature set. Support new language features. No bounds checking in this phase. Phase 2: Add optional bounds checking. I'd appreciate comments on how difficult phase 1 would be. John Nagle
