Ironclad C++: A library-augmented type-safe subset of C++

Christian De Lozier, Richard Eisenberg, Santosh Nagarakatte, Peter Michael Osera, Milo M.K. Martin, Steve Zdancewic

Research output: Contribution to journalArticlepeer-review

1 Scopus citations


The C++ programming language remains widely used, despite inheriting many unsafe features from C-features that often lead to failures of type or memory safety that manifest as buffer overflows, use-after-free vulnerabilities, or abstraction violations. Malicious attackers can exploit such violations to compromise application and system security. This paper introduces Ironclad C++, an approach to bringing the benefits of type and memory safety to C++. Ironclad C++ is, in essence, a library-augmented, type-safe subset of C++. All Ironclad C++ programs are valid C++ programs that can be compiled using standard, off-the-shelf C++ compilers. However, not all valid C++ programs are valid Ironclad C++ programs: a syntactic source-code validator statically prevents the use of unsafe C++ features. To enforce safety properties that are difficult to check statically, Ironclad C++ applies dynamic checks via templated "smart pointer" classes. Using a semi-automatic refactoring tool, we have ported nearly 50K lines of code to Ironclad C++. These benchmarks incur a performance overhead of 12% on average, compared to the original unsafe C++ code.

Original languageEnglish (US)
Pages (from-to)287-304
Number of pages18
JournalACM SIGPLAN Notices
Issue number10
StatePublished - Oct 2013

All Science Journal Classification (ASJC) codes

  • Computer Science(all)


  • C++
  • Local pointers
  • Memory safety
  • Type safety

Fingerprint Dive into the research topics of 'Ironclad C++: A library-augmented type-safe subset of C++'. Together they form a unique fingerprint.

Cite this