For safer string handling and memory operations, as well as a more comfortable, modern API, could I use a nonstandard C library instead of the stdlib? I believe Glib may solve this, but are there any others?
You could make your own library (on top of system calls or libc). It's not going to need to be very big. Unless you get into Unicode handling. My second-hand impression is that glib is really really ugly.
I think your best bet is to use some of libc though. I bet you'll want to make a "safe" wrapper of snprintf that uses its format strings, with the annotation for compiler checked format string parameter types.
glibc and the bsd's libc's are all unsafe on string and memory operations. With __FORTIFY_SOURCE=2 and -O2 they'll catch some bugs on wrong constant sizes, but not all found with the secure extensions or asan/valgrind.
3 comments
[ 3.0 ms ] story [ 18.2 ms ] threadYou could make your own library (on top of system calls or libc). It's not going to need to be very big. Unless you get into Unicode handling. My second-hand impression is that glib is really really ugly.
I think your best bet is to use some of libc though. I bet you'll want to make a "safe" wrapper of snprintf that uses its format strings, with the annotation for compiler checked format string parameter types.
The only safer alternatives are the Microsoft Windows msvcrt and ulibc w/ secure API, Android Bionic and Embarcadero C++ libc (embedded).
https://rurban.github.io/safeclib/doc/safec-3.3/d1/dae/md_do... lists the various quirks with them.
glibc and the bsd's libc's are all unsafe on string and memory operations. With __FORTIFY_SOURCE=2 and -O2 they'll catch some bugs on wrong constant sizes, but not all found with the secure extensions or asan/valgrind.