R
Robert Vazan
It has the potential for misuse, such as spamming lots of windows or
unkillable dialog boxes... see even the javascript (yes I know it's
not Java, but it's still an example of a sandboxed language):
while(1) alert("Please Click OK");
which on many (older) browsers required a forced kill of the program.
That's acceptable. It's not fault of language. It's fault of library that
provides windows. I care about language for now. Let's keep the goal
finite.
So you need to regulate array access; how? Your supporting library must
hook into every single array access:
int int_item( const int *array, size_t index);
I think that the array would have to be structure of some sort, so that
item count can be stored somewhere. Another option is to make it easy to
automatically find out which variable holds item count. Verifier can then
look whether all branches leading to array access performed bounds
checking on index.
Then you must redefine every single library function so it accesses
arrays in terms of these accessor functions?!
There is no hope to support legacy code. Unchecked libraries can be, of
course, linked with to maintain compatibility.