Home

Awesome

Checked C

Checked C extends C with bounds checking and improved type safety. It helps programmers retrofit existing C code to be more secure. This repo contains the Checked C specification, sample code, and test code.

Build Status

Checked C Clang CI [Linux]

Checked C Clang CI [MacOS]

Checked C Clang CI [WINDOWS]

Publications and Presentations

Participating

We are happy to have the help. You can contribute by trying out Checked C, reporting bugs, and giving us feedback. There are other ways to contribute too.

Licensing

The software in this repository is covered by the MIT license. See the file LICENSE.TXT for the license. The Checked C specification is made available by Microsoft under the OpenWeb Foundation Final Specification Agreement, version 1.0. Contributions of code to the Checked LLVM/clang repos are subject to the LLVM/clang licensing terms.

History

Checked C is an independent open-source project. It started as a research project at Microsoft in 2015. similar to Checked C. We were looking for a way to improve the security of existing systems software and eliminate classes of bugs.

One approach is to rewrite the software in a newer language such as Rust. However, rewriting code is challenging for a number of reasons: it is costly, there are subtle differences in even basic language features such as arithmetic across languages, and it can take a long time before you have a working system. Combined, this makes a rewrite a high-risk software development project. These kinds of rewrites are unlikely to be done just to improve security. We decided to pursue an incremental approach that allows existing C code to be improved gradually and at much lower cost.

Researchers from many universities and companies have contributed to Checked C. Researchers at the University of Maryland, the University of Rochester, the University of Washington, Samsung, Rutgers University, and the University of Pennsylvania have contributed to Checked C. Apple has proposed a C extension similar to Checked C that relies on more dynamic checking.

Code of conduct

This project has adopted a Code of Conduct.