GCC always assumes aligned pointer accesses

Back to news Leading to consequences of unexpected program behaviour TL;DR This post shows that modern optimizing C compilers assume that the source code they are compiling respects memory alignment constraints, even if the target architecture imposes no such restriction. This can lead to compiled programs not behaving as the programmer intended. C: The Language […]

TrustInSoft raises €5M to push into the self-driving car and IoT markets

Back to news Through its Brienne III cybersecurity fund –first of it’s kind in France– ACE Management leads this round followed by TrustInSoft’s longstanding shareholders, Idinvest Partners and business angels. PRESS RELEASE   Paris, 4 November 2019 – TrustInSoft, a cybersecurity software publisher whose technology provides software code reliability and security, based on mathematical proof, announces […]

Printing a null pointer with %s is undefined behavior

Back to news Avoiding undefined behaviors in C language Introduction The C standard makes it undefined to pass anything other than a pointer to a null-terminated string as second argument to printf(“%s”,. However, most libcs kindly print the string (null) if a null pointer is passed as argument, and some developers have made it a […]

Outlining the language C programs should be written in

icon/arrow Back to news Static analysis for C language Outlining the language C programs should be written in Rich Felker, maintainer of the musl libc, recently tweeted to ask: Anyone want to guess what gcc generates for a==b?0:a-b ? Any ideas why? The answer to the first question is that when a and b are […]

Differences between the B method and Frama-C in Formal Methods

icon/arrow Back to news Technical response to the differences between B method and Frama-C Response: Differences between B method and Frama-C My interest was piqued by a question on the questions-and-answers site Quora (the irritating one that tries to get you to register by limiting the number of answers you can view in a month […]

Achieve ISO-26262 compliance with TrustInSoft Analyzer

icon/arrow Back to news Automatic verification of source code to meet ISO-26262 standard This document describes how to use the TrustInSoft Analyzer platform in order to automatically verify the source code requirements of the ISO-26262 standard. It contains an extract of the ISO-26262 standard that lists all the requirements related to the source code as […]

TrustInSoft: Winner of the Smart Security Week Innovation Awards 2017

  Back to news TrustInSoft Analyzer qualifies TrustInSoft to win the 2017 Smart Security Innovation Award Winning the Smart Security Innovation Award 2017 TrustInSoft proudly received the 2017 Innovation award from the SmartSecurityWeek Awards under the category “Cybersecurity”. The SmartSecurityWeek is rewarding and recognizing innovation in technology & business in trusted technologies. The smart security week […]

Variadic Functions in TIS Interpreter

Back to news Program-defined variation functions and the ways they can be misused Working on improving and applying TIS Interpreter, with funding from the CII, we ended up implementing support for program-defined variadic functions. Recently, while applying TIS Interpreter to the musl standard C library implementation, we found one slight violation of the C standard […]

An old quirky libksba bug

icon/arrow Back to news Finding bugs with TIS Interpreter The libksba library, used by GnuPG, provides functions for parsing X.509 cryptographic certificates. I was testing libksba with TIS Interpreter a little over a year ago. One of the bugs I found then illustrates a point I would like to make now. The bug Consider this […]

Cisco invests in the future of cybersecurity

Back to news TrustInSoft changing the rules in software development and vulnerability detection Guaranteed Secure Code TrustInSoft raises $1.2M from Idinvest Partners to change the rules in software development and automate code vulnerability detection at a wide scale. TrustInSoft is the first company to offer developers a guarantee on the quality of their code, a […]