Microsoft Open-Sources 'Checked C,' A Safer C Version

An anonymous reader writes from a report via Softpedia: Microsoft has open-sourced Checked C, an extension to the C programming language that brings new features to address a series of security-related issues. As its name hints, Checked C will add checking to C, and more specifically pointer bounds checking. The company hopes to curb the high-number of security bugs such as buffer overruns, out-of-bounds memory accesses, and incorrect type casts, all which would be easier to catch in Checked C. Despite tangible benefits to security, the problem of porting code to Checked C still exists, just like it did when C# or Rust came out, both C alternatives.

Re:What a Waste of Time

strcpy_s is part of the C11 standard, and it was a library addition, not a language change.

C? C++? C#? Checked C?

[Yvan256]

That's it, I've had enough. I'm going back to Turbo Pascal.

Re:Microsoft Checked C

[wierd_w]

no no no.

MS wouldnt put telemetry as a header. You can choose not to include, or worse, edit, header files.

no no. The CC will hard link "telemetry.o" to every project at compile time, and wont have any switches to disable that behavior. Don't worry, they use digital signature checking to be sure that telemetry.o is the object file it expects it to be. Cant have untrusted objects in the linking phase now.