Checked C Targets More Secure, Reliable C Language Coding

Microsoft Research is open sourcing the project to help extend the C language, while also aiming to make it more secure and reliable.

A new project, dubbed Checked C, has emerged from Microsoft Research that aims to increase the the security and reliability of C code, which is the bedrock code base for the bulk of systems software that runs today's infrastructure.

"The Checked C research project is investigating how to extend the C programming language so that programmers can write more secure and reliable C programs," Microsoft Research says on its Web site. "The project is developing an extension to C called Checked C that adds checking to C to detect or prevent common programming errors such as buffer overruns, out-of-bounds memory accesses, and incorrect type casts. The extension is designed to be used for existing system software written in C."

The project is in the research stage, but it's already being put to use in real-world projects such as LLVM/clang. LLVM provides a set of modular and reusable compiler and toolchain technologies, according to its site, which describes Clang as "an "LLVM native" C/C++/Objective-C compiler, which aims to deliver amazingly fast compiles."

Reducing errors such as buffer overruns, bad type casts and mistakes with pointers -- which "point" to certain memory locations where specific data is supposed to reside rather than to the actual data itself -- can help with program reliability and security, Microsoft said. That's because pointers and array indices aren't bounds checked in C and C++, which borrows much from its older cousin.

"Between 2010 and 2015, buffer overflows accounted for between 10-16 percent of publicly reported security vulnerabilities in the U.S. National Vulnerability Database each year," Microsoft Research said in the latest version of the Checked C specification (PDF download), just published on last week. "The vulnerabilities have affected software implemented in C and C++ that is widely used, including the Windows and Linux operating systems, the Internet Explorer, Chrome, and Safari Web browsers, the Apache Web server, the OpenSSL security library, scripting language implementations for Bash, Ruby, and PHP, and media playback software such as QuickTime."

While many more modern programming languages such as Java and C# include bounds checking by automatically adding it to data structures, that functionality isn't available to developers writing systems software.

"This is a problem for system software, where the programmer needs precise control over what a program is doing," Microsoft Research said. "In Checked C, the programmer controls the placement of information needed for bounds-checking and how the information flows through the program, so the programmer retains precise control over what a program is doing."

The Checked C extension provides new kinds of pointer types and array types, programmer-inserted dynamic checks, bounds declarations and many more mechanisms to address the aforementioned problems for developers writing new systems code or modifying legacy code.

"The Checked C extension will let programmers add checking to their programs to detect these kinds of errors when a program runs or while it is being written," the company said. "Existing system software can be modified incrementally in a backwards-compatible fashion to have this checking."

Microsoft Research said the Checked C project is an open and collaborative research project, undertaken with the cooperation of researchers at the University of Maryland and incorporating feedback from other researchers at Samsung and Cornell.

About the Author

David Ramel is an editor and writer for Converge360.


  • Bright Tunnel

    Visual Studio 16.4 Preview 2 Boosted by Extension Tech

    Microsoft today shipped Visual Studio 2019 v16.4 Preview 2, boosted with new features that come from formerly separate extensions.

  • Nebula

    .NET Core 3.1 Preview 1 Focuses on Blazor, Desktop

    The first preview of .NET Core 3.1 focuses on two of the big features highlighting the Sept. 23 release of .NET Core 3.0: Blazor (for C# Web development instead of JavaScript) and desktop development (Windows Forms and Windows Presentation Foundation).

  • Stone Steps Graphic

    Microsoft Research's SandDance Data Visualization Tool Goes Open Source

    A data visualization tool some four years in the making from Microsoft Research has been open sourced, available for use as an extension for Visual Studio Code or Azure Data Studio.

.NET Insight

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.

Upcoming Events