Concerns over C++ memory safety may soon become a thing of the past. The C++ Alliance, a nonprofit organization dedicated to making C++ more accessible and secure, is spearheading efforts to introduce memory safety features through its Safe C++ Extensions proposal. This initiative aims to address longstanding issues with memory safety in C++ by providing developers with tools to write safer code without sacrificing the language’s flexibility and performance. If successful, this proposal could significantly enhance the security and reliability of software built with C++.
The C++ Alliance plans to submit the Safe C++ Extensions proposal to the ISO for potential inclusion in the official C++ standard. As part of this effort, the alliance has partnered with engineer Sean Baxter, who has contributed to the proposal’s development. According to Vinnie Falco, president and director of the C++ Alliance, this initiative marks a major milestone in the evolution of C++. “With the increasing importance of software security and reliability, developers are facing mounting pressure to adopt safer coding practices,” Falco wrote in a blog post. The Safe C++ Extensions seek to provide practical solutions by introducing new features that prevent common memory-related errors, which have historically plagued C++ applications.
The proposal comes at a time when C++ and its predecessor, C, have faced criticism over memory safety concerns. Earlier this year, the White House urged developers to move away from these languages in favor of memory-safe alternatives. In response, C++ creator Bjarne Stroustrup defended the language, emphasizing its versatility and ongoing improvements. The Safe C++ Extensions proposal aims to shift the narrative by offering a structured approach to memory safety. A central aspect of the plan is the Safe Standard Library, which provides memory-safe implementations of common data structures and algorithms. This would allow developers to write safer C++ code while maintaining the performance benefits that have made the language a mainstay in critical systems.
A key distinction between standard ISO C++ and Safe C++ lies in how preconditions and invariants are enforced. According to the proposal, a frequent issue in ISO C++ is the lack of clarity regarding whether the caller or callee is responsible for enforcing preconditions, leading to potential safety vulnerabilities. Safe C++ introduces compiler-backed conventions that eliminate ambiguity, reducing the risk of errors. The C++ Alliance acknowledges the challenges posed by C++’s historical memory safety issues, particularly in critical infrastructure, and aims to mitigate these risks through stricter enforcement of safety guarantees. Under the Safe C++ model, developers would be restricted from writing operations that could result in undefined behavior, thereby improving type safety, lifetime safety, and thread safety across C++ applications.