Taming the C++ UB Dragon: A Status Update on Safety and Security Improvements

Popular：

Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Taming the C++ UB Dragon: A Status Update on Safety and Security Improvements

2025-03-31

C++'s undefined behavior (UB) has long been a source of security vulnerabilities and hard-to-debug errors. The C++ standards committee is actively working to address this, making progress in C++26 by eliminating UB for uninitialized variables and enhancing the standard library's bounds safety. Future efforts will systematically catalog and address remaining UB cases using erroneous behavior, language profiles, and contracts. The goal is to achieve parity with other modern memory-safe languages in terms of security vulnerabilities, without sacrificing C++'s performance or flexibility.

(herbsutter.com)

Development

Antarctica's Beloved Bus, Ivan, Escapes the Scrapyard

Blosc2 3.0: Breaking the Memory Wall, Computing with TB-Sized Datasets