While in Australia 🇦🇺, I had the honor of being invited to give a guest talk to graduate and master’s students at The University of Adelaide. It was a truly special experience because it was my first time presenting at a university, and one I deeply value as a meaningful milestone in my career. 🙂🙏🏼
Enhancing spatial safety: Better array-bounds checking in C (and Linux) (University of Adelaide –Guest talk)
The C language has historically suffered from a lack of proper bounds-checking on all kinds of arrays. The Kernel Self-Protection Project has been addressing this issue for several years. In this presentation, we will learn about the most recent hardening efforts to resolve the problem of bounds-checking, particularly for fixed-size and flexible arrays.
We will explore the different mechanisms being used to harden key APIs like
memcpy()against buffer overflows, which includes the use of some interesting built-in compiler functions. We will also talk about a couple of recent compiler options like-fstrict-flex-arraysand-Wflex-array-member-not-at-end, as well as the newcounted_byattribute released in Clang-18 a year ago, which helps us gain run-time bounds-checking coverage on flexible arrays.Overall, we will discuss how various challenges have been overcome, and highlight the innovations developed to solve the problem of array bounds-checking in both C and the Linux kernel once and for all.
See the slides below.
uniadl2025See the video of the presentation below.
