The Most Expensive One-Byte Mistake
Poul-Henning Kamp on Unix’s original sin: NUL-termination.
Understand integer conversion rules
I’ve found understanding integer promotion crucial for writing safe and effective systems code. Many bugs result from unexpected implicit type casts, and many people will just tweak integers’ types until the compiler warnings go away.
glibc – realloc(p, 0) violates C99
glibc refuses to use safe implementations for malloc(0) and
realloc(p, 0). This decision enables an entire class of
vulnerabilities.
Security bugs in embedded interpreters
An engaging introduction to the dangers associated with embedded interpreters. As static and dynamic analysis becomes more common but JIT compilers and other interpreters do too, the embedded interpreters will account for a greater number of vulnerabilities.
B.Y.O.C. (1,342 Times and Counting)
Poul-Henning Kamp on the need for more comprehensive C standard libraries.
Daniel J. Bernstein on the need for a boring C compiler – one without non-obvious optimization.
Similar to boringcc. An initial proposal for a dialect of C that adds definitions for dangerous and useless forms of undefined behavior.
A powerful idea for preventing control flow hijacking of C and C++ programs. After more than ten years, this feature has finally been added to Clang and GCC and will soon be enabled in Chromium builds.