Among the most common errors in software involves problems using the right parameters for functions like
tcscpy, etc. Often, the bugs are simple off-by-one errors, character strings that don’t end with a
NUL character, etc. but these errors can cause access violations or segmentation faults, stack corruptions, and security vulnerabilities.
While tools for static analysis to find these types of errors already exist, they are often difficult to implement correctly, requiring code annotations and giving false positives. Error-detection tools at run-time usually only work on a PC (not on the target device) and significantly slow down the software.
Vlinder Software is currently looking into a new product that would allow you to test your code on your target device with very little overhead. The goal is to even let you leave it on the device in a production setting if need be! The solution will catch any of the most common buffer-size errors and will be usable by simply adding a compiler switch (or two, but probably no more than two) to your build.
We would like your input on this product to know how we can best develop it to suit your needs. If you have ten to fifteen minutes and would like to have a chance to win an iPod Shuffle, fill out the poll.