Hacker News new | past | comments | ask | show | jobs | submit login

the obvious question: how does this compare to rust? it looks like rust and this aim to solve a very similar set of issues in more or less similar way ('static and dynamic checking'). i'd be very interested in a table that compares capabilities of both. of course there's a gigantic advantage of this being C, so in theory valid checked C would be valid C with all benefits of that.



Well, this isn't C: it's a different language that extends C. There's a big difference between that and just being C. In particular, valid checked C is not valid C, because checking requires using the language extensions.

Regarding the comparison to Rust, Rust prevents use-after-free, while this doesn't seem to from a skim of the paper. Use after free is one of the most, if not the most, common remote code execution security issues in C and C++ code nowadays.


> Use after free is one of the most, if not the most, common remote code execution security issues in C and C++ code nowadays.

I'd love to see a citation on this. My gut feeling tells me buffer overruns and integer overflows are seriously in the running.


It is certainly "one of the most", even if it is not "the most".


I'd love to see a citation on this, as I asked for previously. Repeating the comment I replied to isn't a citation.


That is somewhere around asking for a citation if the sky is sometimes cloudy.

https://web.nvd.nist.gov/view/vuln/search-results?query=use-...

Before getting too excited and claiming that it's only 1.3% of all CVEs or something, remember that it's 1.3% of all vulnerabilities. (Especially with the explosion of dynamic web languages, a lot of CVEs aren't really C/C++-related.) There's a power law to these things, so by the power law metric, it's not that far behind "buffer overflow" (6,500 entries), and ahead of the well-known "format string" (577), which is also certainly "one of" the most common C issues.


I'm looking specifically for remote code execution vulnerabilities, which is what the original comment was discussing, and which is a subset of what you posted.

And no, this is not like asking for citations for the sky sometimes being cloudy because the original comment didn't say "use-after-free sometimes leads to remote code exploit".

This is like asking for citations for a claim like "whenever the skies are cloudy it is due to acid rain more than any other reason". And a claim like that should be accompanied with some citations.

Let's have an honest discussion here, or don't bother, please.


Every single Pwn2Own vulnerability this year was UAF.


I don't believe pwn2own is representative of the security landscape in general.

Is that the only information you based your comment on?


> I don't believe pwn2own is representative of the security landscape in general.

It's representative of the state of the art in attacking large, mature, modern C++ codebases.

> Is that the only information you based your comment on?

No, it's due to watching lots of security bugs go by over the last several years. I work in this space, you know.


> It's representative of the state of the art in attacking large, mature, modern C++ codebases.

I would say it is representative of attacking client side desktop browser software and plugins. That seems quite a bit less representative of all C and C++ software, most notably excluding server-side software.

> I work in this space, you know.

That's why I was hoping for something more than "trust me" as a citation.


Rust's safety comes at a cost as it is not as fast as plain C. If Checked C's checks are run at compile-time it would be as fast as C.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: