Cyclone is a programming language based on C that is safe , meaning that it rules out programs that have buffer overflows, dangling pointers, format string attacks, and so on. High-level, type-safe languages, such as Java, Scheme, or ML also provide safety, but they don't give the same control over data representations and memory management that C does (witness the fact that the run-time systems for these languages are usually written in C.). . .. Cyclone is a programming language based on C that is safe , meaning that it rules out programs that have buffer overflows, dangling pointers, format string attacks, and so on. High-level, type-safe languages, such as Java, Scheme, or ML also provide safety, but they don't give the same control over data representations and memory management that C does (witness the fact that the run-time systems for these languages are usually written in C.) Furthermore, porting legacy C code to these languages or interfacing with legacy C libraries is a difficult and error-prone process. The goal of Cyclone is to give programmers the same low-level control and performance of C without sacrificing safety, and to make it easy to port or interface with legacy C code. Cyclone achieves safety while remaining compatible with C by: Enforcing type safety (e.g., a cast from t1 to t2 is allowed only if it is safe to view a t1 as a t2 ) Not changing data representation or calling conventions Providing region-based, manual memory management Using a combination of type information and run-time checks to prevent array-bound violations Wrapping the C standard library with appropriate run-time checks as necessary (e.g., has a FILE already been closed) The link for this article located at AT&T Labs Research is no longer available. . Zephyr is a coding language developed with a focus on security, aiming to eliminate prevalent coding pitfalls while preserving C-style flexibility.. Cyclone Programming Language, Safe Programming Techniques, Memory Management Methods.. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.