►
From YouTube: Memory Safety Sig (May 25, 2023)
B
A
B
B
C
A
D
E
My
friend
always
great
to
see
you
I'm
glad
that
you're
back,
you
was
you,
you
were
missed,
I,
believe
you
were
on
PTO,
but
it's
not
by
the
time.
If
your
PTO
came,
everyone
knew
you
were
on
PTO,
because
the
question
started
to
fly.
Things
start
to
fall
apart.
It
feels
a
bit
of
Hellfire
and
brimstone
all
kinds
of
things.
C
B
D
C
D
D
A
D
D
D
D
And
specifically,
there
are
two
to
Do's,
which
I
thought
we
can
assign
maybe
specific
people
too,
or
if
we
find
them
right.
So
we
have
the.
What
was
that
right?
So
we
plan
to
work
on
five
parts
whenever
possible:
move
the
internet's
most
political
software
to
memory
safe
by
default
languages
within
efficient
strategy
that
emphasizes
upgrading
the
most
security,
sensitive
components
first
and
each
one
of
those
parts
is
then
extended
in
the
next
section.
A
D
A
D
Exactly
and
that's
also
where
we
need
some
help
with
extending
those
right,
because
we
have
right
the
first
one
moving
critical
software
that
is
based
mostly
on
a
proximo
yep
and
I
I,
feel
it's
quite
well
explained.
Investing
in
safer
system
development
tools,
also
quite
a
bit
of
text
here.
However,
the
latter
two
don't
have
enough
text
and
I
guess
after
we
merge
this
BR.
Maybe
an
action
item
for
the
for
the
next
two
weeks
is
to
go
over
this.
A
I
I
do
think
that
if
you
keep
it
out
of
Mainline
for
a
long
time,
it
can
get
very
complicated
and
confusing
if
it's
clearly
marked
as
a
to-do
as
long
as
there's
a
an
agreement
that
that's
going
to
be
worked
completely,
to
do,
I'd
rather
go
ahead
and
merge
it
in
and
keep
working
as
opposed
to
constantly
keeping
out
out
of
band.
We
had
a
I
remember.
A
B
A
A
D
You
thank
you.
Thank
you.
Gabriel
I
just
saw
your
comment
or
so
Gabrielle
on
the
chat
from
I.
Try
to
walk
through
some
of
the
comments
here.
It
looks
like
most
of
it
is
integrated
for
some
things
which
I
haven't
found.
For
instance,
we
wanted
the
to
add
a
reference
to
the
nsa's
cyber
information
sheet.
Don't
think
that
was
integrated
yet
but
I
think
most
of
Gabriel's
points
were.
D
F
F
A
D
D
A
A
B
A
A
The
answer
is
yes,
because
that's
part,
three
I've
been
following:
in
particular,
the
Linux
kernel
folks
have
been
TR
as
well
as
trying
to
adopt
C
for
writing
drivers.
They
have
been
actively
taking
steps
to
try
to
change
the
C
code
to
make
to
counter
at
least
some
memory
safety
problems,
it's
very
very
hard
to
counter
some
of
them
and
see,
but
some
of
the
most
common
ones
all
involve
buffer
overflows
and
there's
a
lot
of
techniques
that
you
can
use
in
scene,
C
plus,
plus,
to
counter
buffer
overflows.
A
A
Oh
okay,
yeah
excellent.
Let's
add
that
too
I
see
in
the
chat.
There's
another
link
see
also
yeah
yeah.
You
know
so,
basically
the
boundary
flexible
Ray
stuff
is
it's
really
competency
to
have
a
structure.
The
last
element
of
the
structure
is
an
array
with
an
unknown
bound
length
historically
in
C.
Well,
if
you
go
back
enough,
you
would
say
you
create
an
array
of
size
one
and
then
you
ignore
that
and
do
something
different
and
that's
a
terrible
idea.
A
The
compiler
runtime
of
no
idea,
what's
going
on
a
non-standard
approach,
is
to
say
it's
zero
length
which
works
and
practice,
although
it's
not
really
what
we're
supposed
to
do
and
they
have
a
better.
They
have
some
better
approaches
that
are
work
more
nicely
with
compilers
and
so
on.
So
you
know
that
sort
of
stuff.
Where
do
this?
Not
that
and
here's
how
you
do
it?
A
F
Yeah,
so
you
know
so
at
last
meeting.
Whatever
reason
why
we
added
bullet
3
was
that
we
agreed
that
the
memory
safe
is
not
a
a
binary
zero
one
thing,
but
you
know
a
shade:
you
have
a
scale
and
the
languages
like
cereal,
C
plus
plus
they
may
not
be
Memory
saved
by
default.
But
if
you
have
enough
construct
or
compilation
processes
in
place,
you
can
actually
bring
your
software
to
a
place
where
you
minimize
or
reduce
some
of
these
memory
safety
issues.
F
That
is
why
we
explicitly
added
bullets
three
there.
So
what
you're
saying
from
my
perspective,
given
that
prior
agreement
from
the
group
is
directly
in
scope
right
so
I
think
one
of
everything
we
could
do
is
that's
part
of
topic.
No
three
is
have
a
kind
of
high
level
descriptions
of
what
goes
in
that
direction.
What
can
be
done
and
then
possibly
provide
links
external
links
to
folks
who,
with
more
in-depth
description
of
how
they
can
concretely
move
their
software
forward.
A
A
They
keep
doing
this
and
then
this
memory
safety
group
might
create
a
spec
that
says
here
if
you're
using
C
here's
what
you
can
do,
Point
here
for
Flags,
there's
very
option:
compiler
Flags
is
where
you
go
and
hear
some
other
things
you
can
do,
and
that
would
be
a
potential
outcome
of
this
group.
Is
that
a
fair.
A
I'm
not
sure
spec
is
the
right
term.
It
may
be
a
guy,
but
basically
a
how's.
This.
Let
me
type
try
to
type
and
write
and
think
this.
At
the
same
time,
a
potential
output
of
this
group
would
be
a
guide
or
a
spec
of
how
to
improve,
say,
memory,
safety
and
CNC,
plus
plus
building
on
other
work
at
such
as
those
yeah.
D
A
That
that
is
correct,
and
it's
also
specifically
focused
on
compiler
option.
Flags
now,
obviously
compiler
option
flags
are
important
for
this
use
case
as
well,
but
what
they're
not
going
to
cover,
for
example,
is
I
I
mentioned
the
bounded
flexible,
arrays
I
think
that's
a
useful
example,
because
I
mean
basically
boundary.
Flexible
Rays
occur
all
over
in
the
Linux
kernel
and
they
occur
many
other
C
programs
as
well,
and
but
although
there
are
some
compiler
option
flags
that
help,
you
basically
have
to
change
the
code
to
make
those
flags
really
work.
A
You
know
it's
not
like
you're
re
you're,
not
rewriting.
It
took
a
different
programming
language,
but
you
are
changing
it.
So
if
I
guess
the
most
ridiculous
example
is,
if
you
really
really
wanted
to
stick
with
standard
C
and
then
abuse
the
heck
out
of
it,
you
might
end
it
with
an
array
of
size
one
and
then
ignore
this
array
size
and
do
your
own
calculations,
the
that's
a
problem.
A
That
tells
you
how
many
elements,
but
the
C
programming
language
has
no
way
to
annotate
that.
So,
basically,
you
end
up
changing
the
code.
It's
not
that
you're
rewriting
another
language,
but
you
are
making
code
changes.
So
it's
much
more
than
a
compiler
flag.
It's
a
compiler
flag,
plus
certain
other
conventions.
A
C
C
We
also
when
I
used
to
work
with
C
plus
plus
I.
We
had
the
the
pleasure
of
trying
to
Define
for
the
developers
how
how
to
compile
how
to
what
to
include-
and
it's
also
I
think
a
good
good
thing
to
understand
that
a
lot
of
these
security
models
for
C
and
CIS
plus
are
all
Hardware
based
or
compiler,
based,
which
has
a
lot
of
effect
on
how
developers
accept
this,
because
they
may
not
be
have
the
support
or
they
don't
want
to
push
this
weird
plugin
of
GCC
or
I.
A
All
right
and
by
the
way,
I
I,
I've
added
that
note
and
also
I,
think
it
sounded
like,
for
example,
especially
for
the
Boost
C
plus
plus,
for
example.
There
may
need
to
be
a
separate
one
for
C
versus
C
plus
plus,
because,
yes,
there's
some
overlaps,
but
they
are
two
different
languages
and
boost,
for
example,
won't
help
C
plus
plus
C
users,
but
might
be
a
very
good
idea
for
a
C
plus
plus
user.
F
F
Yeah,
okay,
so
push
is
a
very
large
library
that
has
been
around
since
1998
right
after
31st,
C
plus
plus
standards
came
out
and
it
had
features
that
worked
well
orders
not
so
much
they
don't
have.
Not
all
the
components
have
active
maintainers.
So,
for
example,
if
you
have
CV
things
coming
and
then
it
they're
not
always
taken
care
of,
because
you
know
you
need
the
appropriate
maintainers
to
to
take
care
of
it,
and
so
it
maintenance
is
the
thing
that
we
need
to.
F
Yeah
some
are
flame,
but
not
like
Auto
pointer
migrated
to
be
standard,
but
other
stuff
were
not,
but
the
the
lost
the
air
maintainers
and
and
it's
an
active
conversation
in
the
Boost
Community.
You
know
in
itself,
like
a
couple
of
weeks
ago,
they
had
a
huge
discussion
on
radiate
about
what
to
do
about
all
these
vestigial
components
that
I
use,
but
not
maintained
in
in
that
sort
of.