A recurring error in C (and to a lesser extent C++) is the lack of bounds checking in arrays. One famous instance of this error was the Heartbleed incident (which could also be blamed on messy code).
I propose a GCC extension of a bounded array type. A bounded array is an array type that has a variable instead of a constant as its size parameter. For example, a function that writes to a buffer `buf` of size `sz` might have a prototype like this: buf *foo(char *buf, size_t sz); This is error-prone because even though a size parameter is given, the code in the function has no requirement to enforce it. With a bounded array type, the prototype looks like this: buf *foo(char buf[sz], size_t sz); The compiler now knows how large `buf` is, and it can put bounds checks into the code (which may be disabled with -O3). -James
