User: Password:
|
|
Subscribe / Log in / New account

C and C++ could have non_nullable pointers, easily

C and C++ could have non_nullable pointers, easily

Posted Aug 21, 2009 18:50 UTC (Fri) by bronson (subscriber, #4806)
In reply to: C and C++ could have non_nullable pointers, easily by nix
Parent article: Null pointers, one month later

> All it does is automates away the null checks everyone should already be doing anyway

More like it mandates the null checks that everybody is supposed to do but even the most skilled programmers can't get 100% correct. It should raise the quality of all C programs.

> at best it'd give you something like a dump of program state at the
time of the unintended NULL dereference

Yes, that's better than dereferencing and getting rooted isn't it?


(Log in to post comments)

C and C++ could have non_nullable pointers, easily

Posted Aug 21, 2009 19:06 UTC (Fri) by nix (subscriber, #2304) [Link]

True indeed. However, for nearly all programs (i.e., everything other than
kernels and those very rare userspace programs that dereference things at
address zero or have structures whose sizeof() is in the multimegabyte
range), dereferencing null pointers doesn't lead to a root hole, but to a
crash. DoSes are bad enough, and it's still a bug...

So, yes, it's an improvement, but I'm not sure it's a large one. (I also
fear it would turn out like 'const' too often does: the semiclued majority
would just use nullable pointers everywhere because non-nullable ones
are 'too annoying'. But security-important software and software written
by clued people which can't use real languages like ocaml ;) would of
course benefit. And perhaps that's all we can hope for.)

C and C++ could have non_nullable pointers, easily

Posted Aug 27, 2009 19:30 UTC (Thu) by hummassa (subscriber, #307) [Link]

That's why, in my example, I stated that (sorry):

YOU CANNOT DEREFERENCE A NULLABLE POINTER

if you want to use the star, check if it is nullable. People will start to use non-nullable pointers everywhere in their interfaces because they don't want to be checking for null all the time. :-D Cunning, eh?

C and C++ could have non_nullable pointers, easily

Posted Aug 27, 2009 19:31 UTC (Thu) by hummassa (subscriber, #307) [Link]

Forgot to explain: dereferencing a nullable pointer should be a syntax error. Uh, and no static_cast between nullable and non-nullable pointers, either... no cheating :-D


Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds