[SystemSafety] C++ and Pointers
Peter Bernard Ladkin
ladkin at causalis.com
Wed Jun 5 21:28:46 CEST 2019
On 2019-06-05 21:04 , David Crocker wrote:
>>> That is, "memory location" is the only strong data type in C++.
> <<
>
> Not at all. Enumerations are strong types (use "enum class" to avoid default conversions to int),
Any data type which uses a programmer instruction to avoid conversions is not strong.
> so
> are all user-defined classes unless <you say not>
Any data type which allows a programmer instruction to allow conversions is not strong.
> The unwelcome
> implicit narrowing conversions between numeric types are easily avoided ......
If you employ programmers willing to easily avoid them.
This is no longer an aesthetic issue, as people have been suggesting for a couple of decades. The
majority of exploitations in CVE databases are some input string rendering a device non-functional.
Ways of avoiding "bad input" by relying on programmers and designers to "do the right thing" are
continuing not to work, into what is now the third decade of such cybersecurity problems.
PBL
Prof. Peter Bernard Ladkin, Bielefeld, Germany
MoreInCommon
Je suis Charlie
Tel+msg +49 (0)521 880 7319 www.rvs-bi.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.techfak.uni-bielefeld.de/mailman/private/systemsafety/attachments/20190605/d4386f82/attachment-0001.sig>
More information about the systemsafety
mailing list