Hacker News new | ask | show | jobs
by skybrian 4450 days ago
I think it works even better if you can get help from the type system. For example, the SafeHtml interface in GWT [1] gives you some safety from Java's type checking and can also make additional static analysis easier. (Then it becomes an exercise in making sure the API is used as intended.)

Perhaps something similar could be done using typedefs in C?

[1] http://www.gwtproject.org/javadoc/latest/com/google/gwt/safe...
1 comments
dbaupp 4450 days ago
Typedefs in C are just aliases, so given `typedef int foo;` one can freely use `int`s and `foo`s interchangeably, i.e. no checking by the compiler.

That said, one could use actual wrapper structs around the various types.

link
skybrian 4450 days ago
A static analysis framework could treat certain typedefs specially since it's parsing the C code anyway.
link
marshray 4450 days ago
Great idea! Too bad openssl uses #define instead
link
johnkeeping 4449 days ago
There's also sparse[0]'s address space annotation, which Linux uses for annotating data from userspace.

[0] https://git.kernel.org/cgit/devel/sparse/sparse.git/

link