STATE OF MEMORY SAFETY IN C++
ავტორი: René Pfeiffer
ორგანიზაცია: University of Applied Sciences Technikum Wien
კატეგორია:
საკვანძო სიტყვები: C++, memory safety, secure coding, C++ standards, information security, software development, data ownership, secure design
აბსტრაქტი. The C++ programming language shares its ancestry with C, but it is a language on its own. Memory safety has always been a challenge, but recently government bodies addressed defects in software applications and recommended a strategy for securing memory access. The C++ standard started to adopt a security stance beginning with C++11. Later C++ specifications improved the language further. Modern C++ includes all features to develop memory-safe software applications provided the language specification C++11 and later is used.
ბიბლიოგრაფია
Stroustrup, Bjarne et. al. 13 September 2015. “C++ Core Guidelines”. Updated 3 October 2024. https://github.com/isocpp/CppCoreGuidelines
Gregoire, Marc. 13 February 2021. “Professional C++”. John Wiley & Sons, Inc.
Holzmann, Gerard J. June 2006. “The Power of 10: Rules for Developing Safety-Critical Code”. NASA/JPL Laboratory for Reliable Software. IEEE Computer. 39 (6): 95–99. doi:10.1109/MC.2006.212.
Stroustrup, Bjarne. December 2022. “A call to action: Think seriously about “safety”; then do something sensible about it”. Doc. no. P2739R0. Columbia University.
Rice, H. G. (1953). "Classes of recursively enumerable sets and their decision problems", Transactions of the American Mathematical Society, 74 (2): 358–366, doi:10.1090/s0002-9947-1953-0053041-6, JSTOR 1990888
Borretti, Fernando. 2021. The Austral Programming Language. Updated 2023. https://austral-lang.org/.
Falcon, J., Cook, W.R. (2009). Gel: A Generic Extensible Language . In: Taha, W.M. (eds) Domain-Specific Languages. DSL 2009. Lecture Notes in Computer Science, vol 5658. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03034-5_4
Inko development team. 2018. “The Inko programming language”. Updated October 2024. https://inko-lang.org/
Racordon, Dimitri. 2023. “The Hylo Programming Language”. Updated October 2024. https://www.hylo-lang.org/
Ovadia, Evan. 2022. “The Vale Programming Language”. Updated October 2024. https://vale.dev/.
Ovadia, Evan. 22 June 2023. “Making C++ Memory-Safe Without Borrow Checking, Reference Counting, or Tracing Garbage Collection”. https://verdagon.dev/blog/vale-memory-safe-cpp
Ovadia, Evan. 22 June 2023. “Making C++ Memory-Safe Without Borrow Checking, Reference Counting, or Tracing Garbage Collection”. https://verdagon.dev/blog/vale-memory-safe-cpp
Arm Holding plc. “Arm memory tagging extension”. Updated 1 November 2024. https://source.android.com/docs/security/test/memory-safety/arm-mte
Serebryany, Konstantin. 2019. “ARM Memory Tagging Extension and How It Improves C/C++ Memory Safety”. ;login: Magazine Vol. 44 ,No. 2.
The Clang Team. 2007. “Hardware-assisted AddressSanitizer Design Documentation”. Updated 2024. https://clang.llvm.org/docs/HardwareAssistedAddressSanitizerDesign.html
Wei, Song, et. at. 2021. “A Comprehensive and Cross-Platform Test Suite for Memory Safety - Towards an Open Framework for Testing Processor Hardware Supported Security Extensions”. Computing Research Repository (CoRR). November 2021
Menu