is a C++ header containing the SafeInt class, non-throwing functions to check common operations, and the associated internal mechanisms. SafeInt is currently
used extensively throughout Microsoft, with substantial adoption within Office and Windows. David LeBlanc
is a software engineer and security expert. You may know him from the
Writing Secure Code
books. David and Michael Howard have helped raise the bar for software security inside Microsoft for several years now. David has mostly remained out of the limelight since he's much more interested in writing secure code than talking
about writing secure code. Well, now David's going to be famous. Sorry, David.
The great Ale Contenti joins us in this conversation to provide some context and ask some hard questions. Ale is a dev lead on the C++ libraries team.
You've seen him a few times on 9
. As you can imagine, he probably uses SafeInt in his own work.
Here, we dig into the thinking behind SafeInt, how it works, how it's composed, when to use it, when not to use it and how it will evolve to meet new demands and support other compilers (SafeInt now supports gcc). Enjoy!