Context Navigation

-              r7f995d70
+              r499a45a
 Often array is part of the programming language, while linked-list is built from (recursive) pointer types, and string from a combination of array and linked-list.
 For all three types, languages and/or their libraries supply varying degrees of high-level mechanisms for manipulating these objects at the bulk and component level, such as copying, slicing, extracting, and iterating among elements.
+Unfortunately, these three aspects of C cause a significant number of memory errors~\cite{vanOorschot23}.
+For operating system and browser vendors, who heavily use systems languages, 60\%--70\% of reported software vulnerabilities involved memory errors~\cite{Kehrer23}.
+For Microsoft, 70\% of vulnerabilities addressed via security updates between 2006--2018 are memory safety issues~\cite[slide 10]{Miller19}.
+In a study of software exploits in the U.S. National Vulnerability Database over 2013--2017, the top reported vulnerability is (memory) buffer errors, among 19 vulnerability categories~\cite{Cifuentes19}.
+Therefore, hardening these three C types goes a long way to make the majority of C programs safer.
 This work looks at extending these three foundational container types in the programming language \CFA, which is a new dialect of the C programming language.

Note: See TracChangeset for help on using the changeset viewer.

Changeset 499a45a