Frama-C Robert Graham, of the blog Errata Security, predicts that “vulnerabilities in Acrobat Reader Adobe Flash and Java today […] will be announced and patched in 2013”. As fate would have it he could safely have included Internet Explorer 8 in his list of software products used by millions to process...
Read MoreA few days ago I announced that the world had been using an unverified zlib library for too long and that we were going to fix this. This post is the first progress report. I have found a harmless undefined behavior in zlib and I have learnt something about the...
Read MoreI used to be curious about the D programming language. D had been pitched to me as “C done right”. Even before I had time to look at it though someone on StackOverflow was having an issue that stemmed from constant floating-point expressions being evaluated at compile-time with different semantics...
Read MoreIn a blog post earlier this year, John Regehr wonders when software verification will finally matter. He means “formal verification”, I am pretty sure. “Verification” is what practitioners of, say, the software development V-cycle have been doing for decades, and it has kept us safe for that long—at least, when...
Read MoreI know! Let us make [ and ] function as meta-characters when in code style. Users will surely love the ability to insert hyperlinks inside the code they are writing a blog post about. —The authors of the Content Management System this blog relies on In the previous post, (float){…},...
Read More