Monday, July 28, 2008

Improved Security by Switching Languages?

Had a thought recently and I figured I'd post it. How many of C/C++'s issues in terms of security are resolved by switching languages? For example, D has a string type that you can put variable-length strings into. Will using that instead of a character array will that solve if any? It's an interesting thought because if the language provides better security through it's design, then perhaps we can focus more on the actual problem we're trying to solve instead of having to remember when we can/cannot use strcpy without cause our application to be a huge security risk.

Using a functional programming language will probably solve many of these problems, but I'm wondering if D may be a good-enough replacement since it still allows you to do C/C++ like things, just in a safer fashion.

I have the O'Reilly Secure Programming Cookbook for C and C++, so I may re-read it and see what I come up with.

Labels: , , ,

Wednesday, July 23, 2008

D 2.0 Rocks!

Probably not as much as you think, but this just tickles me pink. I rewrote a simple factorial program I had written to use Design by Contract and Pure functions. So, what does this mean?

First, Design by Contract allows me to check the input and output values to ensure that they're correct. In the case of the factorial function below, I check to see if the input and output values are both greater than zero. It's kind-of pointless for the output, but it didn't hurt to put the check in.

Second, a Pure function is one that behaves in a functional manner. In other words, no side effects. You pass data in and you get a return value. You can't use global or static variables. I think this was originally done for threading, but I like it because you can make functions safer all around. Think about it, no worrying about the function changing a global variable somewhere accidentally. These are restricted to a degree in that pure functions can only call pure functions, but you can use "non-pure" code inside of a pure function, such as a for loop. This way you get the niceties, if not the best, of both worlds.

Below is the code. Enjoy.


import std.stdio; // Module for console IO.

pure long calcFac (invariant int value)
in
{
assert(value > 0, "Input value is not greater than 0.");
}
out (result)
{
assert(result > 0, "Return value is not greater than 0.");
}
body
{
long retval = 1;
int i;

for (i = 1; i <= value; i++)
{
retval *= i;
}
return retval;
}

int main(char[][] args)
{
try
{
writefln("Result: %d",calcFac(4));
writefln("Result: %d",calcFac(0));
}
catch (Exception e)
{
writefln("Caught: %s\n", e.msg);
}

return 0;
}


Yes, it is a bit wordy for a simple factorial, but this one the first idea I had to try this out with and I think it's a good one.

Labels: , ,

Thursday, July 10, 2008

Project Euler Going Well

Just a quick post today. Lately, I've been using Project Euler for programming exercises and it's been fun. It's interesting to compare and contrast my solutions written in D and Haskell. Each one is nice in it's own way and one is usually more elegant than the other. Sometimes it's D. Other times it's Haskell. Either way, it's been fun.

Right now I'm on problem 9 out of 200 or so. Wish me luck!

Labels: , ,