{"id":14324583,"url":"https://github.com/checkedc/checkedc","last_synced_at":"2025-03-29T13:31:38.947Z","repository":{"id":44928790,"uuid":"448022961","full_name":"checkedc/checkedc-fork","owner":"checkedc","description":"This was a fork of Checked C used from 2021-2024.  The changes have been merged into the original Checked C repo.","archived":true,"fork":false,"pushed_at":"2024-09-30T06:32:35.000Z","size":4716,"stargazers_count":26,"open_issues_count":68,"forks_count":3,"subscribers_count":3,"default_branch":"main","last_synced_at":"2025-02-16T08:35:10.199Z","etag":null,"topics":["c","c-programming-language","reliability","security","systems-programming"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/checkedc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE.TXT","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-01-14T15:53:29.000Z","updated_at":"2024-09-30T06:32:57.000Z","dependencies_parsed_at":"2023-09-25T06:48:03.917Z","dependency_job_id":"730635d8-d4d7-4989-8622-0e73f139ff2c","html_url":"https://github.com/checkedc/checkedc-fork","commit_stats":{"total_commits":478,"total_committers":41,"mean_commits":"11.658536585365853","dds":0.4560669456066946,"last_synced_commit":"58b363b2a9eabc859271fdd7fd68fb7c782d2b4e"},"previous_names":["checkedc/checkedc"],"tags_count":9,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/checkedc%2Fcheckedc-fork","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/checkedc%2Fcheckedc-fork/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/checkedc%2Fcheckedc-fork/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/checkedc%2Fcheckedc-fork/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/checkedc","download_url":"https://codeload.github.com/checkedc/checkedc-fork/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":246190450,"owners_count":20738031,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["c","c-programming-language","reliability","security","systems-programming"],"created_at":"2024-08-24T23:00:35.279Z","updated_at":"2025-03-29T13:31:36.778Z","avatar_url":"https://github.com/checkedc.png","language":"C","readme":"# Checked C\n\n**This was a fork of Checked C used from 2021-2024. The changes have been merged into the\noriginal [Checked C repo](https://www.github.com/checkedc/checkedc)**\n\nChecked C extends C with bounds checking and improved type safety.  It helps programmers retrofit existing C code to\nbe more secure. This repo contains\nthe [Checked C specification](https://github.com/checkedc/checkedc/releases),\nsample code, and test code.\n\n- For a quick overview of Checked C and pointers to sample code,\n  see our [Wiki](https://github.com/checkedc/checkedc/wiki).\n- You can download Checked C clang compiler releases for Windows, Mac, and Ubuntu\n  [here](https://github.com/checkedc/checkedc-llvm-project/releases).\n- The specification is available [here](https://github.com/checkedc/checkedc/releases).\n- The repo for the Checked C clang compiler is\n  [here](https://github.com/checkedc/checkedc-llvm-project).  The compiler is a fork of\n  LLVM/clang. Instructions for building the compiler from source code are on the\n  [Checked C clang wiki](https://github.com/checkedc/checkedc-llvm-project/wiki).\n\n# Build Status\n\n[![Checked C Clang CI [Linux]](https://github.com/checkedc/workflows/actions/workflows/check-clang-linux.yml/badge.svg)](https://github.com/checkedc/workflows/actions/workflows/check-clang-linux.yml)\n\n[![Checked C Clang CI [MacOS]](https://github.com/checkedc/workflows/actions/workflows/checkedc-clang-macos.yml/badge.svg)](https://github.com/checkedc/workflows/actions/workflows/checkedc-clang-macos.yml)\n\n[![Checked C Clang CI [WINDOWS]](https://github.com/checkedc/workflows/actions/workflows/check-clang-windows.yml/badge.svg)](https://github.com/checkedc/workflows/actions/workflows/check-clang-windows.yml)\n\n# History\n\nChecked C is an independent open-source project.   It started as a research project at Microsoft in 2015.\nsimilar to Checked C.  We were looking for a way to improve the security of existing systems software and\neliminate classes of bugs.\n\nOne approach is to rewrite the software in a newer language such as Rust.\nHowever, rewriting code is challenging for a number of reasons:  it is costly, there are subtle differences in even\nbasic language features such as arithmetic across languages, and it can take a long time before you\nhave a working system.  Combined, this makes a rewrite a high-risk software development project.  These kinds\nof rewrites are unlikely to be done just to improve security.  We decided to pursue an incremental approach that allows\nexisting C code to be improved gradually and at much lower cost.\n\nResearchers from many universities and companies have contributed to Checked C.\nResearchers at the University of Maryland, the University of Rochester, the University of Washington, Samsung,\nRutgers University, and the University of Pennsylvania have contributed to Checked C.\nApple has proposed a C extension similar to Checked C that relies on more dynamic checking.\n\n\n# Publications and Presentations\n\n- [Fat Pointers For Temporal Memory Safety of C](https://dl.acm.org/doi/pdf/10.1145/3586038) by Jie Zhou,\n  John Criswell, and Michael Hicks. This appeared in\n  [OOPSLA 2023](https://2023.splashcon.org/details/splash-2023-oopsla/12/Fat-Pointers-for-Temporal-Memory-Safety-of-C).\n  It describes an extension to Checked C that adds new pointers that provide temporal memory safety.\n\n- [C to Checked C by 3C](https://dl.acm.org/doi/10.1145/3527322), by Aravind Machiry, John Kastner, Matt McCutchen, Aaron Eline,\n  Kyle Headley, and Michael Hicks. This paper describes the semi-automated 3C tool for converting C to Checked C.\n  It [won](https://2022.splashcon.org/details/splash-2022-oopsla/13/C-to-checked-C-by-3c) a SIGPLAN Distinguished Paper award\n  at OOPSLA 2022.\n\n- [A Formal Model of Checked C](https://ieeexplore.ieee.org/document/9919657), by Liyi Li, Deena Postol, Leonida\n  Lampropoulos, David Van Horn, and Michael Hicks. This was published in the 2022 IEEE 35th Computer Security Foundations\n  Symposlium. It describe a formal model of Checked C.  The model was formalized using the Coq theorem prover.\n\n- [Achieving Safety Incrementally With Checked C](https://www.microsoft.com/en-us/research/uploads/prod/2019/05/checkedc-post2019.pdf).\n  This was presented at the [2019 Principles of Security and Trust Conference](http://www.etaps.org/2019/post):.\n  This paper describes an early version of 3C that convert existing C code to use Ptr types.  It also proves a blame\n   property about checked regions that shows that checked regions are blameless for any memory corruption.\n  This proof is formalized for a core subset of the language extension.\n\n- [Checked C: Making C Safe by Extension](https://www.microsoft.com/en-us/research/publication/checkedc-making-c-safe-by-extension/) by\n  David Tarditi, Samuel Elliott, Andrew Ruef, and Michael Hicks.  This appeared in the\n  [IEEE 2018 Cybersecurity Development Conference](https://secdev.ieee.org/2018/home). It describes the key ideas of Checked C bounds\n   checking in 8 pages.  We have added features to Checked C since then.\n   The [Wiki](https://github.com/checkedc/checkedc/wiki) and [specification](https://github.com/checkedc/checkedc/releases)\n   provide up-to-date descriptions of Checked C.\n\n\n- There was a\n[poster](https://github.com/checkedc/checkedc/blob/main/papers/presentations/llvmdevmeet2019-checkedc_for_memory_safety.pdf)\npresented at the [LLVM Dev Meeting\n2019](https://llvm.org/devmtg/2019-10/talk-abstracts.html#post6): \"Overflows Be\nGone: Checked C for Memory Safety\". The poster provides an introduction to\nChecked C, outlines the compiler implementation and presents an experimental\nevaluation of Checked C.\n\n- There was a [talk](https://youtu.be/EuxAzvtX9CI)\n  ([slides](https://github.com/checkedc/checkedc/blob/main/papers/presentations/llvmdevmeet2020-checkedc_adding_memory_safety_to_llvm.pdf))\nat the [2020 LLVM Virtual Dev\nMeeting](https://llvm.org/devmtg/2020-09/program): \"Checked C: Adding memory\nsafety support to LLVM\". The talk describes the design of bounds annotations\nfor checked pointers and array pointers as well as the framework for the static\nchecking of the soundness of bounds. The talk also briefly describes novel algorithms\nto automatically widen bounds for null-terminated arrays and for comparison of\nexpressions for equivalence.\n\n\n# Participating\nWe are happy to have the help. You can contribute by trying out Checked C,\nreporting bugs, and giving us feedback. There are other ways to [contribute](CONTRIBUTING.md) too.\n\n# Licensing\nThe software in this repository is covered by the MIT license.  See the file LICENSE.TXT for the license.  The\nChecked C specification is made available by Microsoft under the [OpenWeb Foundation Final\nSpecification Agreement, version 1.0](http://www.openwebfoundation.org/legal/the-owf-1-0-agreements/owfa-1-0).\nContributions of code to the Checked LLVM/clang repos are\nsubject to the [LLVM/clang licensing terms](https://github.com/checkedc/checkedc-llvm-project/blob/main/clang/LICENSE.TXT).\n\n# Code of conduct\n\nThis project has adopted a [Code of Conduct](CODE_OF_CONDUCT.md).\n","funding_links":[],"categories":["C"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcheckedc%2Fcheckedc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcheckedc%2Fcheckedc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcheckedc%2Fcheckedc/lists"}