I thought about a little language extension for C++ and wrote Draft for a proposal (http://pdfcast.org/pdf/user-defined-type-qualifiers-1).
The idea is, that a user can define qualifiers like const and volatile himself, for ensuring some what qualifies code (i.e. methods) only calls same qualified.
The question is if this would collide with any language rules or if I missed anything.
In the C, C++, and D programming languages, a type qualifier is a keyword that is applied to a type, resulting in a qualified type. For example, const int is a qualified type representing a constant integer, while int is the corresponding unqualified type, simply an integer.
The Qualifiers are the keywords which are applied to the data types or type modifiers in C. A qualifier applied to basic data types to alter or modify its sign or size. There are three types of type qualifiers namely, Size Qualifiers (short, long) and Sign Qualifiers (signed, unsigned) and the type qualifiers.
Not really on-topic for StackOverflow. But yeah, "user-defined type qualifiers" is a neat idea, and one with a long history. They're commonly used for taint analysis (i.e., making sure user-controlled and potentially malicious bits aren't used as if they were trusted bits; making sure all your HTML is properly escaped before you display it; that sort of thing).
http://www.cs.umd.edu/~jfoster/papers/toplas-quals.pdf has taint analysis as its main motivation, but also mentions secure information flow (i.e., making sure sensitive information such as cryptographic key bits don't leak out into the non-secure parts of the code).
That said, for most applications, "user-defined data types" suffice. You can almost always mechanically transform, e.g. std::string [[tainted]] x
into Tainted<std::string> x
.
Tainted<std::string> x;
cin >> x; // unfortunately, this implicit conversion of Tainted<T>& to T&
// is exactly what we want to avoid
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With