Deprecated: The each() function is deprecated. This message will be suppressed on further calls in /home/zhenxiangba/zhenxiangba.com/public_html/phproxy-improved-master/index.php on line 456
It is well known that programs written in C are apt to suffer from nasty errors due to dangling pointers and/or buffer overflow. In particular, such errors in Internet servers are often exploited by malicious attackers to ``crack'' an entire system, which becomes even social problems nowadays. Nevertheless, it is yet unrealistic to throw away the C language at once because of legacy programs and legacy _programmers_. To alleviate this dilemma, many approaches to safe implementations of the C language---such as Safe C and CCured---have been proposed and implemented. To our knowledge, however, none of them support all the features of the ANSI C standard _and_ prevent all unsafe operations. (By unsafe operations, we mean any operation that leads to ``undefined behavior'', such as array boundary overrun and dereference of a pointer in a wrong type.) This paper describes a memory-safe implementation of the _full_ ANSI C language. Our implementation detects and disallows all unsafe operations, yet conforming to the full ANSI C standard (including casts and unions) and even supporting many ``dirty tricks'' common in programs beyond ANSI C. This is achieved using sophisticated representations of pointers (and integers) that contain dynamic type and size information. We also devise several techniques---both compile-time and runtime---to reduce the overhead of runtime checks.