Are there any programming languages that are designed to be robust against hacking?
In other words, an application can be hacked due to a broken implementation, even though the design is perfect. I'm looking to reduce the risk of a developer incorrectly implementing a specification.
Heartbleed would not have happened if the language used could guard against a Buffer Over-Read.
SQL Injections might not happen if there was a language enforced way to encode/decode HTML data
Pointer issues/overflows occur more often in C when compared to managed code
Numerical rounding errors can occur when using the developer uses the wrong datatype for the wrong data
Denial Of Service attacks might be reduced if the app is correctly is multi-threaded
Edit: A lot of people addressed the buffer-overflow issue, or say that the programmer is responsible for security. I'm just trying to get an idea if there exist languages whose main purpose was to lend itself to security as much as possible and reasonable. That is, do some languages have features that make them clearly more (or less) secure than most other languages?
The Ada language is designed to prevent common programming errors as much as possible and is used in critical systems where a system bug might have catastrophic consequences.
A few examples where Ada goes beyond the typical built-in security provided by other modern languages:
Integer range type allows specifying an allowed range for an integer. Any value outside of this range will throw an exception (in languages that do not support a range type, a manual check would have to be performed).
:= for assignment
= for equality checks. This avoids the common pitfall in languages that use
= for assignment and
== for equality of accidentally assigning when an equality check was meant (in Ada, an accidental assignment would not compile).
out parameters that specify whether a method parameter can be read or written
avoids problems with statement group indentation levels (e.g. the recent Apple SSL bug) due to the use of the
contracts (since Ada 2012, and previously in the SPARK subset) allow methods to specify preconditions and postconditions that must be satisifed
There are more examples of how Ada was designed for security provided in the Safe and Secure Booklet (PDF).
Of course, many of these issues can be mitigated through proper coding style, code review, unit tests, etc. but having them done at the language level means that you get it for free.
It is also worth adding that despite the fact that a language designed for security such as Ada removes many classes of bugs, there is still nothing stopping you from introducing business logic bugs that the language doesn't know anything about.
==are different, too. Python distinguishes
==(comparison), and "won't compile" (
SyntaxErrorexception) when they are misused. I think the main point of using
==is to prevent typos. — Apr 14, 2014 at 21:35
if 'a' = 'b':on the other hand... — Apr 15, 2014 at 13:17
External links referenced by this document:
Local articles referenced by this article: