Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

There are an incredibly large number of analysis tools for C to check things like memory safety. It doesn't look like they are always used in important code, though.

A lot of memory safety CVEs come down to "we wrote a static analyzer and found a latent memory bug here."



Maybe a language with the checking by default in the compiler would be a good idea, like Ada or SPARK.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: