Checked C is a C extension that features bounds checking

Jun 16, 2016 15:56 GMT  ·  By

Microsoft has open-sourced Checked C, an extension to the C programming language that brings new features to address a series of security-related issues. As its name hints, Checked C will add checking to C.

Checking will help developers detect common programming errors such as buffer overruns, out-of-bounds memory accesses, and incorrect type casts. These programming errors have been at the heart of many high-profile vulnerabilities like Shellshock, Heartbleed, or Sandworm.

Checked C plans to address these issues by modifying how it handles pointers. Programmers use pointers to define memory addresses where their code will operate.

Handling pointers can get hectic as their number increases. The bigger the project, the harder is to keep track of them. Projects like Chromium, Firefox, Office, OpenSSL or other bulky codebases have a big problem with this kind of issues. You only have to take a short look at these projects' changelogs.

"Checked C allows programmers to better describe how they intend to use pointers and the range of memory occupied by data that a pointer points to," Microsoft says. "This information is then used to add checking at runtime to detect mistakes where the wrong data is accessed, instead of the error occurring silently and without detection."

Checked C adds bounds checking to C

Checked C will also allow developers to detect these errors as they type them, something that C cannot. In programming theory, the feature is called "bounds checking," because it constantly checks if a variable/pointer is assigned inside his bounds.

C# and Rust already have this feature, and much more. Unfortunately, none is as widely adopted as C and C++. Microsoft hopes that the minimal code changes that Checked C will require to existing C/C++ applications, along with the tangible benefits to security, will convince most developers to start adopting Checked C.

The Checked C project is available on GitHub. This is not the first time when Microsoft has provided its own spin on a core programming language. Previously, the company's engineers created TypeScript, a strict superset of JavaScript, which has been widely adopted.