Document Type

Article

Publication Title

ACM SIGPLAN Notices - OOPSLA '13

Volume

48

Publication Date

10-2013

Abstract

The C++ programming language remains widely used, de- spite inheriting many unsafe features from C—features that often lead to failures of type or memory safety that manifest as buffer overflows, use-after-free vulnerabilities, or abstrac- tion violations. Malicious attackers can exploit such viola- tions to compromise application and system security.

This paper introduces Ironclad C++, an approach to bringing the benefits of type and memory safety to C++. Ironclad C++ is, in essence, a library-augmented, type-safe subset of C++. All Ironclad C++ programs are valid C++ programs that can be compiled using standard, off-the-shelf C++ compilers. However, not all valid C++ programs are valid Ironclad C++ programs: a syntactic source-code val- idator statically prevents the use of unsafe C++ features. To enforce safety properties that are difficult to check statically, Ironclad C++ applies dynamic checks via templated “smart pointer” classes.

Using a semi-automatic refactoring tool, we have ported nearly 50K lines of code to Ironclad C++. These benchmarks incur a performance overhead of 12% on average, compared to the original unsafe C++ code.

DOI

http://doi.acm.org/10.1145/2544173.2509550

Share

COinS