DOCSLIB.ORG

Annex SPARK – Final Draft Problematic, Mainly Owing to the Presence of Unspecified and Undefined Features in Programming Languages

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Annex SPARK – Final Draft Problematic, Mainly Owing to the Presence of Unspecified and Undefined Features in Programming Languages ADA Volume 31 USER Number 4 December 2010 JOURNAL Contents Page Editorial Policy for Ada User Journal 222 Editorial 223 Quarterly News Digest 225 Conference Calendar 250 Forthcoming Events 257 Student Programming Contest “The Ada Way” 260 Overview of the 14th International Real-Time Ada Workshop A. Burns, A. J. Wellings “Multiprocessor Systems Session Summary” 263 T. Vardanega, M. González-Harbour, L. M. Pinho “Session Summary: Language and Distribution Issues” 266 S. Michell, J. Real “Conclusions of the 14th International Real-Time Ada Workshop” 273 A. Burns “Progress Report from the 14th International Real-Time Ada Workshop – IRTAW14” 275 Special Contribution A. Burns, J. L. Tokar (Eds.) “Ada and the Software Vulnerabilities Project: the SPARK Annex” 278 Ada Gems 291 Ada-Europe Associate Members (National Ada Organizations) 296 Ada-Europe 2010 Sponsors Inside Back Cover Ada User Journal Volume 31, Number 4, December 2010 222 Editorial Policy for Ada User Journal Publication Original Papers Commentaries Ada User Journal — The Journal for Manuscripts should be submitted in We publish commentaries on Ada and the international Ada Community — is accordance with the submission software engineering topics. These published by Ada-Europe. It appears guidelines (below). may represent the views either of four times a year, on the last days of individuals or of organisations. Such March, June, September and All original technical contributions are articles can be of any length – December. Copy date is the last day of submitted to refereeing by at least two inclusion is at the discretion of the the month of publication. people. Names of referees will be kept Editor. confidential, but their comments will Opinions expressed within the Ada Aims be relayed to the authors at the discretion of the Editor. User Journal do not necessarily Ada User Journal aims to inform represent the views of the Editor, Ada- readers of developments in the Ada The first named author will receive a Europe or its directors. programming language and its use, complimentary copy of the issue of the general Ada-related software Journal in which their paper appears. Announcements and Reports engineering issues and Ada-related We are happy to publicise and report activities in Europe and other parts of By submitting a manuscript, authors grant Ada-Europe an unlimited license on events that may be of interest to our the world. The language of the journal readers. is English. to publish (and, if appropriate, republish) it, if and when the article is Although the title of the Journal refers accepted for publication. We do not Reviews to the Ada language, any related topics require that authors assign copyright to Inclusion of any review in the Journal are welcome. In particular papers in the Journal. is at the discretion of the Editor. any of the areas related to reliable Unless the authors state explicitly A reviewer will be selected by the software technologies. otherwise, submission of an article is Editor to review any book or other taken to imply that it represents publication sent to us. We are also The Journal publishes the following prepared to print reviews submitted types of material: original, unpublished work, not under consideration for publication else- from elsewhere at the discretion of the • Refereed original articles on where. Editor. technical matters concerning Ada and related topics. News and Product Announcements Submission Guidelines Ada User Journal is one of the ways in All material for publication should be • News and miscellany of interest to which people find out what is going on sent to the Editor, preferably in the Ada community. in the Ada community. Since not all of electronic format. The Editor will only accept typed manuscripts by prior • Reprints of articles published our readers have access to resources arrangement. elsewhere that deserve a wider such as the World Wide Web and Prospective authors are encouraged to audience. Usenet, or have enough time to search through the information that can be contact the Editor by email to • Commentaries on matters relating found in those resources, we reprint or determine the best format for to Ada and software engineering. report on items that may be of interest submission. Contact details can be to them. found near the front of each edition. • Announcements and reports of Example papers conforming to conferences and workshops. Reprinted Articles formatting requirements as well as some word processor templates are • Reviews of publications in the While original material is our first available from the editor. There is no field of software engineering. priority, we are willing to reprint (with limitation on the length of papers, the permission of the copyright holder) though a paper longer than 10,000 • Announcements regarding material previously submitted words would be regarded as standards concerning Ada. elsewhere if it is appropriate to give it exceptional. a wider audience. This includes papers Further details on our approach to published in North America that are these are given below. not easily available in Europe. We have a reciprocal approach in granting permission for other publications to reprint papers originally published in Ada User Journal. Volume 31, Number 4, December 2010 Ada User Journal 223 Editorial The majority of the content of this last issue of 2010 is the result of the work of two groups of Ada practitioners which devote part of their time to the development and promotion of the Ada language within two of the topics where Ada is without doubts a strong technology: real-time systems and reliable software. In the first part of the issue, we present an overview of the 14th International Real-Time Ada Workshop (IRTAW), which was held approximately one year ago, in Portovenere, Italy. This overview provides not only the workshop’s session summaries, allowing readers to get the necessary insight in the fruitful discussions and results of the workshop, but also a post workshop report, by Alan Burns, of the University of York, UK, presenting how the workshop proposals are going through the Ada 2012 standardization process (since many times we wonder what happens to the Ada Issues that the workshop produces). IRTAW has been and still is a major forum for Ada evolution (and not only in the real-time arena); it is therefore with happiness that in the issue we also have the announcement of the next edition of the workshop, which will take place in September 2011, in the mountains nearby Santander, Spain. In the second part o the issue, we conclude the publication of the results of the work of the Software Vulnerabilities group, which produced the Ada annex (published in the September issue of the Ada User Journal) to the ISO Technical Report on “Avoiding Programming Language Vulnerabilities through Language Selection and Use” (ISO/IEC PDTR 24772.2). To finalize the work, in this issue we publish the annex concerning SPARK. I would also like to point out to our readers the forthcoming events section, where, before the IRTAW call for papers, we already have preliminary information concerning “The Ada Connection”, an event that combines the Ada-Europe 2011 conference and the Ada-Conference UK 2011, taking place in Edinburgh, Scotland, next June 20-24. In the Ada Gems section, the issue publishes the series of gems concerning the Distributed Systems Annex, by Thomas Quinot, of AdaCore, France. Last, but definitely not least, readers will find the wealthy of information in the usual news digest and calendar sections. In a final note, this last 2010 issue of the Ada User Journal should be reaching you already in 2011. Nevertheless, hopefully there was no substantial delay (except for the normal printing and distribution time). We are making our best efforts in putting the AUJ back in its scheduled publication date, and I would like to thank the Editorial Team of the Journal – Jorge Real (Deputy Editor), Dirk Craeynest (Calendar and Events), and Marco Panunzio (News Digest) – for all their volunteer efforts in achieving this. Our best wishes for 2011, Luís Miguel Pinho Porto December 2010 Email: [email protected] Ada User Journal Volume 31, Number 4, December 2010 225 Quarterly News Digest Marco Panunzio University of Padua. Email: [email protected] twitter-indeti.ca-facebook-RSS feeds, and Freenode IRC #ada channel and look for Contents more! ThomasLocke. If you speak (or at least understand ;-) ) The meeting is of course free. Ada-related Organizations 225 French, please visit us at: Ada-related Events 225 [contact Ada-DK at [email protected] Ada Semantic Interface Specification http://www.ada-france.fr/ —mp] (ASIS) 227 From: Georg Bauhaus <rm.dash- Ada and Education 228 [email protected]> Ada-related Resources 228 Date: Wed, 03 Nov 2010 16:41:54 +0100 Ada-related Events Ada-related Tools 229 Subject: Re: New site for Ada-France [To give an idea about the many Ada- Ada-related Products 231 Newsgroups: comp.lang.ada related events organized by local groups, Ada and GNU/Linux 234 some information is included here. If you Ada Inside 235 […] are organizing such an event feel free to Ada in Context 236 http://www.ada-france.org/ inform us as soon as possible. If you attended one please consider writing a I guess? Otherwise, this would have been small report for the Ada User Journal. Ada-related a literally cosmetic change. :-) —mp] Les voilà les accents! Good to see the Organizations correct characters. Workshop on Object- Video and PDF of From: J-P. Rosen <[email protected]> Oriented technologies and Date: Thu, 04 Nov 2010 11:50:24 +0100 Ada in High-Integrity presentations at the Subject: Re: New site for Ada-France Ada-Europe 2010 conference Newsgroups: comp.lang.ada Systems From: Thomas Løcke <[email protected]> […] From: J-P.
Load more

Recommended publications
  • SPLLIFT — Statically Analyzing Software Product Lines in Minutes Instead of Years
    SPLLIFT — Statically Analyzing Software Product Lines in Minutes Instead of Years Eric Bodden1 Tarsis´ Toledoˆ 3 Marcio´ Ribeiro3;4 Claus Brabrand2 Paulo Borba3 Mira Mezini1 1 EC SPRIDE, Technische Universitat¨ Darmstadt, Darmstadt, Germany 2 IT University of Copenhagen, Copenhagen, Denmark 3 Federal University of Pernambuco, Recife, Brazil 4 Federal University of Alagoas, Maceio,´ Brazil [email protected], ftwt, [email protected], [email protected], [email protected], [email protected] Abstract A software product line (SPL) encodes a potentially large variety v o i d main () { of software products as variants of some common code base. Up i n t x = secret(); i n t y = 0; until now, re-using traditional static analyses for SPLs was virtu- # i f d e f F ally intractable, as it required programmers to generate and analyze x = 0; all products individually. In this work, however, we show how an # e n d i f important class of existing inter-procedural static analyses can be # i f d e f G transparently lifted to SPLs. Without requiring programmers to y = foo (x); LIFT # e n d i f v o i d main () { change a single line of code, our approach SPL automatically i n t x = secret(); converts any analysis formulated for traditional programs within the print (y); } i n t y = 0; popular IFDS framework for inter-procedural, finite, distributive, y = foo (x); subset problems to an SPL-aware analysis formulated in the IDE i n t foo ( i n t p) { print (y); framework, a well-known extension to IFDS.
    [Show full text]
  • GNAT User's Guide for Native Platforms
    GNAT User's Guide for Native Platforms GNAT User's Guide for Native Platforms , January 13, 2017 AdaCore Copyright c 2008-2017, Free Software Foundation i Table of Contents 1 About This Guide :::::::::::::::::::::::::::::: 2 1.1 What This Guide Contains ::::::::::::::::::::::::::::::::::::: 2 1.2 What You Should Know before Reading This Guide :::::::::::: 2 1.3 Related Information :::::::::::::::::::::::::::::::::::::::::::: 3 1.4 A Note to Readers of Previous Versions of the Manual :::::::::: 3 1.5 Conventions:::::::::::::::::::::::::::::::::::::::::::::::::::: 4 2 Getting Started with GNAT ::::::::::::::::::: 5 2.1 Running GNAT :::::::::::::::::::::::::::::::::::::::::::::::: 5 2.2 Running a Simple Ada Program :::::::::::::::::::::::::::::::: 5 2.3 Running a Program with Multiple Units :::::::::::::::::::::::: 6 2.4 Using the gnatmake Utility ::::::::::::::::::::::::::::::::::::: 7 3 The GNAT Compilation Model ::::::::::::::: 9 3.1 Source Representation:::::::::::::::::::::::::::::::::::::::::: 9 3.2 Foreign Language Representation:::::::::::::::::::::::::::::: 10 3.2.1 Latin-1::::::::::::::::::::::::::::::::::::::::::::::::::: 10 3.2.2 Other 8-Bit Codes:::::::::::::::::::::::::::::::::::::::: 10 3.2.3 Wide Character Encodings ::::::::::::::::::::::::::::::: 11 3.2.4 Wide Wide Character Encodings ::::::::::::::::::::::::: 12 3.3 File Naming Topics and Utilities :::::::::::::::::::::::::::::: 13 3.3.1 File Naming Rules ::::::::::::::::::::::::::::::::::::::: 13 3.3.2 Using Other File Names :::::::::::::::::::::::::::::::::: 14 3.3.3 Alternative
    [Show full text]
  • Eric Franklin Enslen
    Eric Franklin Enslen email:[email protected]!403 Terra Drive phone:!(302) 827-ERIC (827-3742)!Newark, DE website:! www.cis.udel.edu/~enslen!19702 Education: Bachelor of Science in Computer and Information Sciences University of Delaware, Newark, DE!May 2011 Major GPA: 3.847/4.0 Academic Experience: CIS Study Abroad, London, UK!Summer 2008 Visited research labs at University College London, King"s College, and Brunel University, as well as IBM"s Hursley Park, and studied Software Testing and Tools for the Software Life Cycle Relevant Courses: Computer Ethics, Digital Intellectual Property, Computer Graphics, and Computational Photography Academic Honors: Alumni Enrichment Award, University of Delaware Alumni Association, Newark, DE!May 2009 Travel fund to present a first-author paper at the the 6th Working Conference on Mining Software Repositories (MSR), collocated with the 2009 International Conference on Software Engineering (ICSE) Hatem M. Khalil Memorial Award, College of Arts and Sciences, University of Delaware, Newark, DE!May 2009 Awarded to a CIS major in recognition of outstanding achievement in software engineering, selected by CIS faculty Deanʼs List, University of Delaware, Newark, DE!Fall 2007, Spring 2008, Fall 2008 and Fall 2009 Research Experience: Undergraduate Research, University of Delaware, Newark, DE!January 2009 - Present Developing, implementing, evaluating and documenting an algorithm to split Java identifiers into their component words in order to improve natural-language-based software maintenance tools. Co-advisors: Lori Pollock, K. Vijay-Shanker Research Publications: Eric Enslen, Emily Hill, Lori Pollock, K. Vijay-Shanker. “Mining Source Code to Automatically Split Identifiers for Software Analysis.” 6th Working Conference on Mining Software Repositories, May 2009.
    [Show full text]
  • A Model-Driven Development and Verification Approach
    A MODEL-DRIVEN DEVELOPMENT AND VERIFICATION APPROACH FOR MEDICAL DEVICES by Jakub Jedryszek B.S., Wroclaw University of Technology, Poland, 2012 B.A., Wroclaw University of Economics, Poland, 2012 A THESIS submitted in partial fulfillment of the requirements for the degree MASTER OF SCIENCE Department of Computing and Information Sciences College of Engineering KANSAS STATE UNIVERSITY Manhattan, Kansas 2014 Approved by: Major Professor John Hatcliff Abstract Medical devices are safety-critical systems whose failure may put human life in danger. They are becoming more advanced and thus more complex. This leads to bigger and more complicated code-bases that are hard to maintain and verify. Model-driven development provides high-level and abstract description of the system in the form of models that omit details, which are not relevant during the design phase. This allows for certain types of verification and hazard analysis to be performed on the models. These models can then be translated into code. However, errors that do not exist in the models may be introduced during the implementation phase. Automated translation from verified models to code may prevent to some extent. This thesis proposes approach for model-driven development and verification of medi- cal devices. Models are created in AADL (Architecture Analysis & Design Language), a language for software and hardware architecture modeling. AADL models are translated to SPARK Ada, contract-based programming language, which is suitable for software veri- fication. Generated code base is further extended by developers to implement internals of specific devices. Created programs can be verified using SPARK tools. A PCA (Patient Controlled Analgesia) pump medical device is used to illustrate the primary artifacts and process steps.
    [Show full text]
  • Programas Incluidos En El DVD DVD-Programación 2012-12
    D 2 i c 1 - i e 2 DVD-Programación 2012-12 m 1 0 b 2 r Programas incluidos en el DVD e n d ó i (continuación) Eclipse PDT Helios SR2 - Elgg 1.8.9 - Erlang R15B03 - Etherpad Lite 1.2.1 - Euphoria 3.1.1 - e c ez Components 2009.2.1 - eZ Publish Community 2012.09 - Feng Office 2.2.1 - FileZilla Server 0.9.41 - 2 a 0 m Firebird 2.5.2 - Firebug 1.10.6 - FlameRobin 0.9.3.1186200 - Free Pascal 2.6.0 - FreeBasic 0.24.0 - 1 a 2 r FreeDOS 1.1 Full CD - Gazpacho 0.7.2 - Geany 0.21 - gedit 2.30.1 - Git 1.8.0 - GNAT Programming Studio g 5.1.1 - GnuWin32 Indent 2.2.10 - GTK+ 2.14.7 - Guido van Robot 4.4 - gVim 7.3.46 - HM NIS Edit 2.0.3 - IE o r Tab 2.0 2012.03.12 - Inno Setup 5.5.2 - Inno Setup Tool 5.3.0.1 - InstallJammer 1.2.15 - Instant Rails 2.0 - P - IzPack 4.3.5 - Java Runtime Environment 6 update 37 - Java Runtime Environment 7 update 9 - jEdit 5.0.0 - D Jelix Developer Edition 1.4.1 - Joomla! 2.5.8 - Joomla! 3.0.1 - Komodo Edit 7.1.3 - Kompozer 0.8.b3 - V D Kompozer 0.8.b3 Català - Lazarus 1.0.4 - lightTPD 1.4.30.3 - LinkChecker 8.2 - Mambo 4.6.5 - MantisBT 1.2.12 - MediaWiki 1.20.1 - Mercurial 2.4 - Minimum Profit 5.2.3 - Mono 2.10.9 - monotone 1.0 - Moodle 2.3.3 - MS .NET Framework 1.1 - MS .NET Framework 2.0 - MS Windows Installer 4.5 - MySql 5.5.28 - MySQL WorkBench OSS 5.2.44 - NetBeans Java EE IDE 7.2.1 - Notepad++ 5.9 - NSIS 2.46 - NumPy 1.6.2 (py 2.7) - NumPy 1.6.2 (py 3.2) - Open Watcom Fortran 1.9 - OpenLaszlo 4.9.0 - Parrot 4.10.0 - PECL 5.2.6 - pgAdmin3 1.14.1 - PHP 5.3.19 VC9 (instalador) - PHP-Fusion 7.02.05 - phpMyAdmin 3.5.4
    [Show full text]
  • Eric A. Solla QUIKLOOK 3 SOFTWARE New Program Features
    Seventh Annual QUIKLOOK Users Group Meeting August 14 & 15, 2013 Presented by: Eric A. Solla QUIKLOOK 3 SOFTWARE New Program Features Software Engineer Eric A. Solla QUIKLOOK II Software Windows Quiklook Configure Home Page Test Replay Acquire Monitor QUIKLOOK 3 Software Windows Multiple Use Quiklook Single Use Home Page Test Replay Acquire QUIKLOOK 3 Software Acquisition Screen QUIKLOOK 3 Software TEDS – Transducer Electronic Data Sheet IEEE Standard - IEEE P1451.4/2.0 • All Sensors will have a TEDS Chip • TEDS Chip may contain all - none of the configuration data. • When sensor is present Channel Values and Units Appear • Sensor Description is Shown • Green – All sensor data is on chip no further configuration is necessary • Red – Some configuration data is missing. Configuration should be reviewed • Black – Configuration has been reviewed • Dark Gray Box – Channel Inactive • Light Gray Box - Channel Active • Red Box – Channel is Over Ranging • Channel Name Shows for Active Channels • Channels without Sensors will Not be Acquired and will be Turned Off QUIKLOOK 3 Software Acquisition Screen QUIKLOOK 3 Software Battery Status • Run Time to Empty • Battery Status: • Voltage • Current • Charge • Capacity • Temperature QUIKLOOK 3 Software Acquisition Screen QUIKLOOK 3 Software Excitation Check • Each Channel has independent Excitation • Shorting out one channel will not effect the others • Only Channels with Excitation are Checked • Board Temperatures are shown • Excitation Voltage • Excitation Current QUIKLOOK 3 Software Acquisition Screen
    [Show full text]
  • CS 0449: Introduction to Systems Software
    CS 0449: Introduction to Systems Software Jonathan Misurda Computer Science Department University of Pittsburgh [email protected] http://www.cs.pitt.edu/∼jmisurda Version 3, revision 1 Last modified: July 27, 2017 at 1:33 P.M. Copyright © 2017 by Jonathan Misurda This text is meant to accompany the course CS 0449 at the University of Pittsburgh. Any other use, commercial or otherwise, is prohibited without permission of the author. All rights reserved. Java is a registered trademark of Oracle Corporation. This reference is dedicated to the students of CS 0449, Fall 2007 (2081). Their patience in dealing with a changing course and feedback on the first version of this text was greatly appreciated. Contents Contents i List of Figures v List of Code Listings vii Preface ix 1 Pointers 1 1.1 Basic Pointers . 2 1.1.1 Fundamental Operations . 2 1.2 Passing Pointers to Functions . 4 1.3 Pointers, Arrays, and Strings . 5 1.3.1 Pointer Arithmetic . 6 1.4 Terms and Definitions . 7 2 Variables: Scope & Lifetime 8 2.1 Scope and Lifetime in C . 9 2.1.1 Global Variables . 11 2.1.2 Automatic Variables . 12 2.1.3 Register variables . 13 2.1.4 Static Variables . 13 2.1.5 Volatile Variables . 16 2.2 Summary Table . 17 2.3 Terms and Definitions . 17 ii Contents 3 Compiling & Linking: From Code to Executable 19 3.1 The Stages of Compilation . 19 3.1.1 The Preprocessor . 20 3.1.2 The Compiler . 21 3.1.3 The Linker . 22 3.2 Executable File Formats .
    [Show full text]
  • Visual Studio 2010 Tools for Sharepoint Development
    Visual Studio 2010 for SharePoint Open XML and Content Controls COLUMNS Toolbox Visual Studio 2010 Tools for User Interfaces, Podcasts, Object-Relational Mappings SharePoint Development and More Steve Fox page 44 Scott Mitchell page 9 CLR Inside Out Profi ling the .NET Garbage- Collected Heap Subramanian Ramaswamy & Vance Morrison page 13 Event Tracing Event Tracing for Windows Basic Instincts Collection and Array Initializers in Visual Basic 2010 Generating Documents from SharePoint Using Open XML Adrian Spotty Bowles page 20 Content Controls Data Points Eric White page 52 Data Validation with Silverlight 3 and the DataForm John Papa page 30 Cutting Edge Data Binding in ASP.NET AJAX 4.0 Dino Esposito page 36 Patterns in Practice Functional Programming Core Instrumentation Events in Windows 7, Part 2 for Everyday .NET Developers MSDN Magazine Dr. Insung Park & Alex Bendetov page 60 Jeremy Miller page 68 Service Station Building RESTful Clients THIS MONTH at msdn.microsoft.com/magazine: Jon Flanders page 76 CONTRACT-FIRST WEB SERVICES: Schema-Based Development Foundations with Windows Communication Foundation Routers in the Service Bus Christian Weyer & Buddihke de Silva Juval Lowy page 82 TEST RUN: Partial Anitrandom String Testing Concurrent Affairs James McCaffrey Four Ways to Use the Concurrency TEAM SYSTEM: Customizing Work Items Runtime in Your C++ Projects Rick Molloy page 90 OCTOBER Brian A. Randell USABILITY IN PRACTICE: Getting Inside Your Users’ Heads 2009 Charles B. Kreitzberg & Ambrose Little Vol 24 No 10 Vol OCTOBER 2009 VOL 24 NO 10 OCTOBER 2009 VOLUME 24 NUMBER 10 LUCINDA ROWLEY Director EDITORIAL: [email protected] HOWARD DIERKING Editor-in-Chief WEB SITE MICHAEL RICHTER Webmaster CONTRIBUTING EDITORS Don Box, Keith Brown, Dino Esposito, Juval Lowy, Dr.
    [Show full text]
  • Licensing Information User Manual Release 2.0.3 F28354-01
    Oracle® Communications Cloud Native Core Licensing Information User Manual Release 2.0.3 F28354-01 February 2020 Oracle Communications Cloud Native Core 2.0.3 February 2020 Oracle Communications Cloud Native Core Licensing Information User Manual, Release 2.0.3 Copyright © 2019, 2020 Oracle and/or its affiliates. All rights reserved. This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs.
    [Show full text]
  • Secure Coding in Modern C++
    MASARYK UNIVERSITY FACULTY OF INFORMATICS Secure coding in modern C++ MASTER'S THESIS Be. Matěj Plch Brno, Spring 2018 MASARYK UNIVERSITY FACULTY OF INFORMATICS Secure coding in modern C++ MASTER'S THESIS Be. Matěj Plch Brno, Spring 2018 This is where a copy of the official signed thesis assignment and a copy of the Statement of an Author is located in the printed version of the document. Declaration Hereby I declare that this paper is my original authorial work, which I have worked out on my own. All sources, references, and literature used or excerpted during elaboration of this work are properly cited and listed in complete reference to the due source. Be. Matěj Plch Advisor: RNDr. Jifi Kur, Ph.D. i Acknowledgements I would like to thank my supervisor Jiří Kůr for his valuable guidance and advice. I would also like to thank my parents for their support throughout my studies. ii Abstract This thesis documents how using modern C++ standards can help with writing more secure code. We describe common vulnerabilities, and show new language features which prevent them. We also de• scribe coding conventions and tools which help programmers with using modern C++ features. This thesis can be used as a handbook for programmers who would like to know how to use modern C++ features for writing secure code. We also perform an extensive static analysis of open source C++ projects to find out how often are obsolete constructs of C++ still used in practice. iii Keywords secure coding, modern C++, vulnerabilities, ISO standard, coding conventions,
    [Show full text]
  • Resource Management and Tuples in C∀
    Resource Management and Tuples in C8 by Robert Schluntz A thesis presented to the University of Waterloo in fulfillment of the thesis requirement for the degree of Master of Mathematics in Computer Science Waterloo, Ontario, Canada, 2017 © Robert Schluntz 2017 I hereby declare that I am the sole author of this thesis. This is a true copy of the thesis, including any required final revisions, as accepted by my examiners. I understand that my thesis may be made electronically available to the public. ii Abstract C8 is a modern, non-object-oriented extension of the C programming language. This thesis addresses several critical deficiencies of C, notably: resource management, a limited function- return mechanism, and unsafe variadic functions. To solve these problems, two fundamental language features are introduced: tuples and constructors/destructors. While these features exist in prior programming languages, the contribution of this work is engineering these features into a highly complex type system. C is an established language with a dedicated user-base. An important goal is to add new features in a way that naturally feels like C, to appeal to this core user-base, and due to huge amounts of legacy code, maintaining backwards compatibility is crucial. iii Acknowledgements I would like to thank my supervisor, Professor Peter Buhr, for all of his help, including reading the many drafts of this thesis and providing guidance throughout my degree. This work would not have been as enjoyable, nor would it have been as strong without Peter’s knowledge, help, and encouragement. I would like to thank my readers, Professors Gregor Richards and Patrick Lam for all of their helpful feedback.
    [Show full text]
  • CFFI Documentation Release 1.5.2
    CFFI Documentation Release 1.5.2 Armin Rigo, Maciej Fijalkowski February 13, 2016 Contents 1 What’s New 3 1.1 v1.5.2...................................................3 1.2 v1.5.1...................................................3 1.3 v1.5.0...................................................3 1.4 v1.4.2...................................................3 1.5 v1.4.1...................................................3 1.6 v1.4.0...................................................3 1.7 v1.3.1...................................................4 1.8 v1.3.0...................................................4 1.9 v1.2.1...................................................5 1.10 v1.2.0...................................................5 1.11 v1.1.2...................................................5 1.12 v1.1.1...................................................5 1.13 v1.1.0...................................................6 1.14 v1.0.3...................................................6 1.15 v1.0.2...................................................6 1.16 v1.0.1...................................................6 1.17 v1.0.0...................................................6 2 Installation and Status 7 2.1 Platform-specific instructions......................................8 3 Overview 11 3.1 Simple example (ABI level, in-line)................................... 11 3.2 Out-of-line example (ABI level, out-of-line).............................. 12 3.3 Real example (API level, out-of-line).................................. 13 3.4 Struct/Array Example
    [Show full text]