Object-oriented programming is the most used programming paradigm when dealing with large-scale, modular software. In this field, the two leading languages are Java and C++. The former has superior qualities in terms of safety and ease of programming, whereas the latter is often considered an “old” language, too complex and potentially unsafe. In this paper, we describe a new type system designed to analyze the security problems derived from pointer manipulation in C++. This type system tries to trap the most common errors through static analysis, i.e., at compile-time, and only when static analysis fails it generates and embeds code fragments that apply runtime checks on specific instructions. The aim of this new type system is to give C++ the same safety of Java in the most important memory-related operations, without adding much runtime overhead. An experimental implementation of the type system is also presented, embedded in a C++ analysis tool called GPCC.

A Type System for Static and Dynamic Checking of C++ Pointers

DELLA PENNA, GIUSEPPE
2005

Abstract

Object-oriented programming is the most used programming paradigm when dealing with large-scale, modular software. In this field, the two leading languages are Java and C++. The former has superior qualities in terms of safety and ease of programming, whereas the latter is often considered an “old” language, too complex and potentially unsafe. In this paper, we describe a new type system designed to analyze the security problems derived from pointer manipulation in C++. This type system tries to trap the most common errors through static analysis, i.e., at compile-time, and only when static analysis fails it generates and embeds code fragments that apply runtime checks on specific instructions. The aim of this new type system is to give C++ the same safety of Java in the most important memory-related operations, without adding much runtime overhead. An experimental implementation of the type system is also presented, embedded in a C++ analysis tool called GPCC.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11697/5436
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 2
  • ???jsp.display-item.citation.isi??? 2
social impact